Autor Tema: Millions of Home Routers Are Hackable (Leído 3268 veces)

juanca · « : julio 16, 2010, 08:57:31 am »

Citar

"Craig Heffner, a researcher with Maryland-based security consultancy Seismic, plans to release a software tool at the Black Hat conference later this month that he says could be used on about half the existing models of home routers, including most Linksys, Dell, and Verizon FiOS or DSL versions. The tool apparently exploits the routers through DNS rebinding. While this technique has been discussed for 15 years or more, Heffner says 'It just hasn't been put together like this before.'"

http://it.slashdot.org/story/10/07/16/122259/Millions-of-Home-Routers-Are-Hackable?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

En el articulo hay una lista de routers que se han probado. Verifiquen el suyo no vaya a ser que ya les hayan visto todas las chulonas que tienen

LicH · « **Respuesta #1 :** julio 16, 2010, 09:00:53 am »

Bravo! esta el modem que ahora esta repartiendo timocom a diestra y siniestra

Thomson ST585 6sl 6.2.2.29.2 YES

, como me gustaba el 2wire

linux2010 · « **Respuesta #2 :** julio 16, 2010, 09:04:41 am »

uuuffff puedo respirar tranquilo no esta el mio en la lista

juanca · « **Respuesta #3 :** julio 16, 2010, 09:06:52 am »

Cita de: LicH en julio 16, 2010, 09:00:53 am

Bravo! esta el modem que ahora esta repartiendo timocom a diestra y siniestra

Thomson ST585 6sl 6.2.2.29.2 YES

, como me gustaba el 2wire

El mio no aparece, sin embargo faltan en el listado varios routers, por cierto ahi vi un open source.

CJ_Robert · « **Respuesta #4 :** julio 16, 2010, 09:12:47 am »

¿Dondé se podrá ver una lista más completa?

Los mios no estan, pero igual, faltan un resto ahí.

Maitro... · « **Respuesta #5 :** julio 16, 2010, 09:17:24 am »

Vaya babosada!!!

DD WRT v24

Código: [Seleccionar]

https://spreadsheets.google.com/pub?key=0Aupu_01ythaUdGZINXQ5Vi16X3hXb3VPYkszNXM0YXc&hl=en&output=html&widget=true

Snipe · « **Respuesta #6 :** julio 16, 2010, 10:53:08 am »

Adonde vivo solo D-Link tenemos :(

Rasta · « **Respuesta #7 :** julio 16, 2010, 10:56:45 am »

Mi Router no aparece

es porque es Chinito?

Este comentario me gusto:

Citar

Ha Ha! I changed my default username to "adjminstrator" and password to "passjword"! Good luck hjackers!

EleCMaNn · « **Respuesta #8 :** julio 16, 2010, 10:58:11 am »

No aparece el mio... 2WIRE

H-LER · « **Respuesta #9 :** julio 16, 2010, 11:16:28 am »

<.que feo ver los linksys caer de esa forma :S cualquiera babea viendo un WRT54G ...

.>

Pattyxoxo · « **Respuesta #10 :** julio 16, 2010, 12:10:51 pm »

me imagino que esa lista aplica para los lusers, digo users que no saben como administrar su router... el password se cambia, si ya le modifique hasta el firmware garra que trae default que cuando entras por telnet hasta al firma del de telecom que lo hizo sale no vaya a tener backdoors creados por ellos mismos.... Meh! no problemo

vinicioperez · « **Respuesta #11 :** julio 16, 2010, 01:45:00 pm »

Nop, tienen que leer el articulo original, no se trata de decifrar contraseñas por default ni nada de eso.

"Users who connect to the Internet through those devices and are tricked into visiting a page that an attacker has set up with Heffner's exploit could have their router hijacked and used to steal information or redirect the user's browsing.
Heffner's attack is a variation on a technique known as "DNS rebinding," a trick that's been discussed for close to 15 years. "There have been plenty of patches over the years, but this still hasn't really been fixed," he says."
y sigue la explicación...

JC · « **Respuesta #12 :** julio 16, 2010, 01:53:41 pm »

Sip, pero al final se menciona esto:
" But that can be accomplished by using a vulnerability in the device's software or by simply trying the default login password. Only a tiny fraction of users actually change their router's login settings, says Heffner. "Routers are usually poorly configured and have vulnerabilities," he says. "So the trick isn't how to exploit the router. It's how to get access to it."

That means concerned users should make sure their router's firmware is updated and patched, and that they're not using default security settings."

vinicioperez · « **Respuesta #13 :** julio 16, 2010, 03:07:38 pm »

y hay que agregarle esto para que funcione

"Heffner's trick is to create a site that lists a visitor's own IP address as one of those options. When a visitor comes to his booby-trapped site, a script runs that switches to its alternate IP address--in reality the user's own IP address--and accesses the visitor's home network, potentially hijacking their browser and gaining access to their router settings."

ya mejor pegamos todo el articulo

BboyFatboy · « **Respuesta #14 :** julio 16, 2010, 03:39:08 pm »

Cita de: LicH en julio 16, 2010, 09:00:53 am

Bravo! esta el modem que ahora esta repartiendo timocom a diestra y siniestra

Thomson ST585 6sl 6.2.2.29.2 YES

, como me gustaba el 2wire

AQUI IGUAL

Sv Community El Salvador

Noticias:

Autor Tema: Millions of Home Routers Are Hackable (Leído 3268 veces)

juanca

Millions of Home Routers Are Hackable

LicH

Re: Millions of Home Routers Are Hackable

linux2010

Re: Millions of Home Routers Are Hackable

juanca

Re: Millions of Home Routers Are Hackable

CJ_Robert

Re: Millions of Home Routers Are Hackable

Maitro...

Re: Millions of Home Routers Are Hackable

Snipe

Re: Millions of Home Routers Are Hackable

Rasta

Re: Millions of Home Routers Are Hackable

EleCMaNn

Re: Millions of Home Routers Are Hackable

H-LER

Re: Millions of Home Routers Are Hackable

Pattyxoxo

Re: Millions of Home Routers Are Hackable

vinicioperez

Re: Millions of Home Routers Are Hackable

JC

Re: Millions of Home Routers Are Hackable

vinicioperez

Re: Millions of Home Routers Are Hackable

BboyFatboy

Re: Millions of Home Routers Are Hackable