Re: Home/SOHO "Firewall" Routers

[Vin McLellan <vin () theworld com>]

At 6/9/2004, Jim wrote:

>[...] I've identified four likely candidates and am wondering if
>anybody on the list has had any experiences with any of these
>devices and would care to render an opinion.  The candidate
>products are (so far):
>
>. LinkSys BEFSX41
>. D-Link DI-804HV
>. Netopia 3386-ENT
>. SMC 7004VBR
>
>The most important characteristics would be, of course, how
> good are their security records, degree of configurability
>(ingress/egress packet filtering) and reliability (saw one
>complaint about one of them that, when some of the advanced
> filtering stuff was activated, it crashed regularly).  Also of
>interest are ease of interfacing with a variety of residential
>broadband service types (DHCP, PPPoE), performance
>(throughput), and any experiences with the manufacturer's
>technical support department.

        It's been hard to miss some recent data points about security  at 
that end of the industry....

1. Linksys WiFi Gateway Remote Attack Risk
Slashdot URL: <http://tinyurl.com/yuh8j>

"According to InternetNews.com, a tech consultant discovered that even if 
you turn the remote administration feature off on a Linksys WRT54G -- the 
single bestselling Wi-Fi device in the world -- you can still remotely 
access it through ports 80 and 443. Linksys sets the HTTP username to 
nothing and password to 'admin' on all of its devices by default. Web site 
scanning from anywhere in the world to devices that have routable 
Internet-facing addresses would allow script kiddie remote access, at which 
point you could flash the unit with new firmware, extract the WEP or WPA 
key, or just mess up someone's configuration and change the password."

2.  Netgear's silly fix for Netgear Router backdoor
Slashdot URL: <http://tinyurl.com/2ffcf>

An anonymous reader writes "Recently Slashdot reported that the Netgear 
router has as WLAN backdoor. According to this report by the news service 
of the German publisher Heise Netgear "fixed" the problem with a firmware 
update. And what is the fix? According to Heise, they didn't remove the 
backdoor at all. Instead they just changed the login information! They 
replaced the old user name 'super' with 'superman', and changed the old 
password to '21241036'. "

3. Benkin Routers route user to Censorware Ad
Slashdot URL: <http://tinyurl.com/ysdd4>

The Register has a story today about Belkin routers redirecting their 
users' network traffic. To me, this seems like the logical next step after 
top-level domain name servers piping ads to your browser. Now the routers 
themselves hijack the traffic they are supposed to, uh, route -- and you'll 
love where they send you instead. But it's OK because you can opt out. 
Incidentally, the Crystal Ball Award goes to Seth Finkelstein, who in 2001 
quoted John Gilmore's famous aphorism about the internet, and asked "What 
if censorship is in the router?"

_Vin 


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards