Are Small Routers the End of the Internet?
At Linuxwochenende (whch I did make for various reasons), Calilo/naxxatoe/Sebastian Maier gave a talk on
„The end of the Internet” aka „Self replicating malware on home routers”.
Apparently, The Zlob trojan already uses this attack-vector.
But there is also another angle of attack without guessing or brute-forcing passwords – UPnP. As GNUCITIZEN describes, an attacker could use a malicious flash application on a website to change the DNS settings on your homerouter, if UPnP is enabled (which usually is, and as it was developed by Microsoft, it also contains no security mechanisms) without you knowing it. Nice, eh?
Tagged as: internet, IT, linksys, router, security, UPNP
| Author: Martin Leyrer
[Samstag, 20080920, 19:32 | permanent link | 0 Kommentar(e)