Friday, July 23, 2010

Routers Can Get Hacked – Act Immediately

A newsletter for computer technicians writes about a pretty nasty attack that could open your computer to the (hacker-) world. This article goes into quite some technical detail; if you prefer to avoid this type of geek speak here is the skinny of it:

Many, many home routers can be hacked! Here is a link to a table with model numbers and information whether the specific router is vulnerable. I you have a router there is a good chance that your model is in that list.

What you can do about it? This literal quote from the newsletter says it best:

The best way to protect against this attack is to change the password on the home router and change the default IP address along with keeping firmware up to date.

A few remarks to the table with the results of the tests:

In the last column you see either Yes or No; yes means this router has been hacked successfully. If your router model is not in this list your system more likely than not is a potential candidate for being hacked this way. To be safe I would treat it as a Yes.

Sadly but understandably 2Wire routers and gateways are missing. They are fairly ubiquitous since they get often installed with ATT DSL or U-Verse service. I recommend to treat them as a Yes.

  • If you have one of the models with a Yes I suggest you act immediately, BEFORE hackers take advantage of this opportunity.
  • If you have one of the models with a No you can at least sleep in peace.
    I suggest that as a precaution you change at least the router’s password; it would be ideal to update the router’s firmware as well if applicable.

If you are technically inclined and still have your router documentation you certainly can do the password change yourself.

If you feel uncomfortable about changing the default IP address and/or updating the firmware then you know who to call, do you?

Now, if you call to make an appointment for this then PLEASE have your router’s manufacturer, the precise model number and version information available; thank you in advance (look on the underside or back of the router for this information). If you don’t find that information, no big problem, I can establish that on site.

I found it interesting that
   -   all of the five tested D-Link routers are safe,
   -   all of the two tested Netgear routers are safe,
   -   four out of five tested Belkin routers are safe and 
   -   only two out of eight tested Linksys routers are safe.
These four manufacturers likely sell the bulk of routers in our neck of the woods – but they sell many more different models not tested here.

July 6, 2008 I wrote about Wireless Router Setup. I just now have updated this article from 2008 to reflect above new information.

As usual I welcome comments and suggestions right here in the blog. Thank you in advance.

Click here for a categorized Table Of Contents.

3 comments:

Computer support specialists said...

This attack poses a potentially serious threat because millions of consumers and small businesses use routers.

computer tech support said...

Some routers also have a backdoor which allows telnet entry, in some cases even with some default password thus bypassing your strong password.

Eike Heinze said...

Hi computer tech support
- and thanks for reading my blog.

I would be greatly interested if you please could refer to any source or further documentation about that and/or about what routers are sporting this "feature".

Such information certainly would be be of great interest to all readers.