Gizmos Freeware Reviews  

Go Back   Gizmo's Freeware Forum > Debating Chamber > Security

Reply
 
Thread Tools Display Modes
Old 17. Nov 2013, 05:20 PM   #1 (permalink)
Member
 
Join Date: Jan 2012
Posts: 20
Default Puzzled About Router Security Design

Fundamental Question: What external (or internal) software could possibly need to mess around with the router's settings that we install strong passwords and turn off remote administration specifically to protect? If there are "features" of modern routers that actually require this capability, then how do security-conscious users select hardware that does not include these features and the accompanying security vulnerabilities?

Background: Some routers evidently have/had back doors deliberately designed into their firmware. See, for example, a recent announcement, e.g., "http://www.pcworld.com/article/2054680/dlink-to-padlock-router-backdoor-by-halloween.html". Following the link to the source of the discovery at "http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/", I find the following astonishing conjecture:

"I found several binaries that appear to use xmlsetc to automatically re-configure the device’s settings (example: dynamic DNS). My guess is that **the developers realized that some programs/services needed to be able to change the device’s settings automatically**; realizing that the web server already had all the code to change these settings, **they decided to just send requests to the web server whenever they needed to change something.** The only problem was that the web server required a username and password, which the end user could change. Then, in a eureka moment, Joel jumped up and said, 'Don’t worry, for I have a cunning plan!'."

A little off topic, but any enlightenment would be appreciated. -- jclarkw

Last edited by jclarkw; 17. Nov 2013 at 05:22 PM. Reason: clarification -- off topic
jclarkw is offline   Reply With Quote
Old 18. Nov 2013, 12:27 PM   #2 (permalink)
Senior Member
 
Join Date: May 2010
Posts: 555
Default

NASA? Cheltenham?
Burn-IT is offline   Reply With Quote
Old 18. Nov 2013, 06:37 PM   #3 (permalink)
Member
 
Join Date: Jan 2012
Posts: 20
Default

Quote:
Originally Posted by Burn-IT View Post
NASA? Cheltenham?
Sorry, I don't follow you. -- jclardw
jclarkw is offline   Reply With Quote
Old 19. Nov 2013, 02:46 PM   #4 (permalink)
Senior Member
 
Join Date: May 2010
Posts: 555
Default

Answer to your:
Quote:
What external (or internal) software could possibly need to mess around with the router's settings that we install strong passwords and turn off remote administration specifically to protect?
Security agencies.
Burn-IT is offline   Reply With Quote
Old 20. Nov 2013, 04:58 PM   #5 (permalink)
Member
 
Join Date: Jan 2012
Posts: 20
Default

Quote:
Originally Posted by Burn-IT View Post
Security agencies.
OK, got it. So does a consumer setting up a household LAN have any way to avoid these back doors (and other unintended vulnerabilities)? Are any manufacturers (or open-source firmware writers) known for secure systems? -- jclarkw
jclarkw is offline   Reply With Quote
Old 20. Nov 2013, 05:15 PM   #6 (permalink)
Super Moderator
 
Anupam's Avatar
 
Join Date: Jul 2008
Location: India
Posts: 15,336
Default

jclarkw, the links that you posted are about a backdoor in D-Link routers, and they are releasing a patch for it. So, I don't think it's the case with all the routers.

Also, as said in one of the article, changing the administrator password, and having a wifi password will help in protection.
__________________
Anupam
Anupam is offline   Reply With Quote
Old 19. Dec 2013, 11:14 PM   #7 (permalink)
Member
 
Join Date: Jan 2012
Posts: 20
Default

If I may continue the discussion at this late date:

It has been suggested to me on Wilders Security Forums that good open-source firmware such as OpenWRT (the writer likes Gargoyle) or DD-WRT would be beneficial from a security point of view. Neither of these projects supports the D-Link DIR-645, but there are other options of course.

I see, for example, that Gargoyle sells a decent router pre-configured with its latest firmware. Does anybody have experience or comments about such alternatives to the big commercial router companies? -- jclarkw
jclarkw is offline   Reply With Quote
Old 20. Dec 2013, 01:06 PM   #8 (permalink)
Senior Member
 
Join Date: May 2010
Posts: 555
Default

I rather suspect that anyone with awareness of DD-WRT or OpenWRT will already have tried to use them on their router if supported.
Not just for the security, but more for the options.
Burn-IT is offline   Reply With Quote
Old 20. Dec 2013, 10:51 PM   #9 (permalink)
Member
 
Join Date: Jan 2012
Posts: 20
Default

Quote:
Originally Posted by Burn-IT View Post
I rather suspect that anyone with awareness of DD-WRT or OpenWRT will already have tried to use them on their router if supported.
Not just for the security, but more for the options.

So are you a user of one of these by any chance? If so, are you happy with it?

Is anybody using the Gargoyle router?
jclarkw is offline   Reply With Quote
Old 21. Dec 2013, 03:00 PM   #10 (permalink)
Senior Member
 
Join Date: May 2010
Posts: 555
Default

Neither of the routers I have are supported.

And I'm with Sky; that makes thinks a little more difficult.
Burn-IT is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT +1. The time now is 09:52 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2021, vBulletin Solutions, Inc.