Scribd
Upload
155 views

RouterSecurity Presentation d21 PDF

Michael Horowitz discusses various security issues with consumer routers. He notes that routers can be used to spy on users, launch man-in-the-middle attacks, redirect users to scam sites, and more. He recommends checking for default configurations like hardcoded passwords or DNS servers, updating router firmware, using isolation techniques like VLANs and guest networks, and considering alternative open-source router options for better security. Overall, he expresses skepticism of consumer routers provided by ISPs and retailers due to lack of focus on security.

Uploaded by

paalaap9109
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
155 views

RouterSecurity Presentation d21 PDF

Michael Horowitz discusses various security issues with consumer routers. He notes that routers can be used to spy on users, launch man-in-the-middle attacks, redirect users to scam sites, and more. He recommends checking for default configurations like hardcoded passwords or DNS servers, updating router firmware, using isolation techniques like VLANs and guest networks, and considering alternative open-source router options for better security. Overall, he expresses skepticism of consumer routers provided by ISPs and retailers due to lack of focus on security.

Uploaded by

paalaap9109
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 120

Michael Horowitz

MichaelHorowitz.com
RouterSecurity.org
DefensiveComputing.info
@defensivecomput
November 1, 2017
Preaching to the choir, I know
Every bad thing you can imagine
 Spy on you; man in the middle attacks
 Send you to scam websites to steal passwords
 Join a botnet for DDoS attacks
 Download infected versions of software
 Make money by inserting ads in web pages
 Crypto mining
 Attack all the devices connected to it
 Change data in-flight
 Block data (think Military orders)
 Modifying DNS servers are a popular attack
 Even if you hard code DNS servers on your
device, router can over-ride this
 Good habit: checking current DNS servers
 RouterSecurity.org/testrouter.php
page lists many sites that report current DNS
servers
 Browserleaks.com is a site that reports on
current DNS servers. Sample output below:
I wasn’t born this way
Password? We don’t need no stinking password
Consumer routers have a hard coded 8 digit WPS PIN code
• 8 digit pin code ==> only 11,000 possible values
• Result of incompetence or to enable spying?
• Very little HTTPS back in 2007 when released
• Rate limiting in spec, not always implemented
• One router disabled WPS in UI, not in reality
Business routers do not support WPS
Consumer routers still support WPS

Mesh Routers are a mixed bag


NO WPS: Eero, Google Wifi, Luma, Plume
WPS: Netgear Orbi, Linksys Velop, D-Link Covr
Ubiquiti AmpliFi: Yes and no

For more RouterSecurity.org/wps.php


There is a page on
RouterSecurity.org
devoted to HNAP
No review ever considers security
Consumer Routers
ISP provided gateways and routers
ISPs as companies
Apple
www.synacktiv.com/ressources/TCP32764_backdoor_again.pdf
 From LAN side
http://1.2.3.4:32764

 From WAN side


https://www.grc.com/x/portprobe=32764

 Correct response is no response


Double dipper
Bad security on WAN and LAN side
VLANs and Guest Wi-Fi networks protect against both insecure IoT devices
and RansomWare
 Large companies: isolation is keeping the HR
department away from everyone else
 Consumers: Guest Wi-Fi networks are the
introduction to isolation
 As a rule, the more isolated devices are, from
other devices on the network, the better
 Guest users can not see other guest users
 Guest users can not see users/devices on
other Wi-Fi networks created by the router
 Guest users can not see anything that is
Ethernet connected to the router
 No Guest device can access the router
 The guest Wi-Fi network runs in its own
subnet
 What about here?
 What about now?
 What about OREILLY17?
 Router is 192.168.200.2
 No HTTP or HTTPS access to it
 No popular ports are open on the LAN side of
the router
 DNS servers are from Time Warner Cable
 Firewall rules to block Windows file sharing
Nothing is guaranteed
 Great at installing bug fixes
 pfSense – software is free or can buy an
appliance
 OpenWRT
 LEDE a fork of OpenWRT
 Sophos UTM home edition is free
 Plume
 F-Secure makes the F-Secure Sense router
 Norton makes the Norton Core router
 BitDefender makes the BitDefender Box
(standalone security device)
 All require an ongoing subscription
Buggy software, rushed software, old software,
yada yada yada
If its sold at Best Buy, don’t buy it
This Asus router error made me swear off consumer routers
They want to spy on you
They don’t care about router security
are computers too
 Try http://192.168.100.1
 If that fails, try 10.0.0.1, 10.1.10.1, 192.168.0.1
 Check if yours is password protected
 Change any default password
 What version of the firmware is installed?
 If firmware not the latest, nag your ISP
 Consider blocking access to modem in router
Michael Horowitz

michaelhorowitz.com

RouterSecurity.org

@defensivecomput

You might also like