DSL router security
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
||||||||||||||||||||||||||||
|
Posted by bob prohaska on November 3, 2004, 6:53 am
Please log in for more thread options I've recently started using DSL service from SBC/Yahoo using the Cayman 3546 router supplied as part of the deal. The notion that hosts need to be secured against attack and compromise has long been with me, but I've always thought of routers as "too dumb to corrupt". There are suggestions that modern routers are indeed corruptible; the 200+ page manual for the Cayman defies any quick read and implies it has ability and intelligence not apparent to the casual user. If I wanted to explore this issue a little further, where's a good place to go fishing? Alternate spelling welcomed 8-) bob prohaska | ||||||||||||||||||||||||||||
|
Posted by George Pontis on November 3, 2004, 11:40 am
Please log in for more thread options The Cayman 3546 is a good unit, but any router is interacting with the incoming packets. If there is a weakness if the router's code and it is exploited, then a problem occurs at some level. I know of an Efficient router that had such a weakness but the exploit only took the router off line so it had to be rebooted. There was a workaround and later a firmware update that fixed it. The great majority of attacks are aimed at Windows PCs. A very much smaller number target routers, usually Cisco since they are most common at big sites. Your actual exposure to an attack through failure of the 3546 is very small. Much less than to an attack on the machines that it serves if they are browsing the internet, opening email attachments, or clicking on HTML links within an email. The firewall will not protect you against many of these things because they are initiated by a user and appear to be legitimate activity. The firewall will stop attack traffic that comes off the internet looking for a weak machine. That said, you should take some basic steps to disable WAN administration, enable the firewall and change the default password. There is a FAQ that tells how to do this and much more, at dslreports.com. Go to the forums, equipment support, Netopia/Cayman. Click on "Cayman FAQ" and browse for security stuff, especially the item on configuring advanced security. | ||||||||||||||||||||||||||||
|
Posted by bob prohaska on November 4, 2004, 6:08 am
Please log in for more thread options > this and much more, at dslreports.com. Go to the forums, equipment support,
especially
> Netopia/Cayman. Click on "Cayman FAQ" and browse for security stuff, > the item on configuring advanced security.
Thanks George! bob prohaska | ||||||||||||||||||||||||||||
|
Posted by wkearney99 on November 5, 2004, 11:55 am
Please log in for more thread options > That said, you should take some basic steps to disable WAN administration
This is often the BEST way to prevent attacks. If a unit has a serial port it's often best to completely disable ALL network administation interfaces. A router, once configured, isn't something that usually requires any sort of regular admin access. So having to use a serial connection directly to it really isn't all that inconvenient. It's the interval between startup and reaching a "well configured" state that's a risk. In those cases it's always good to disable ANY sort of admin access from the WAN side. Better to ssh into an internal host and then telnet back to the router from the inside. This is also the way someone might hack into it thus the reason for completely disabling network access to admin functions. -Bill Kearney | ||||||||||||||||||||||||||||
|
Posted by bob prohaska on November 6, 2004, 5:59 am
Please log in for more thread options > reaching a "well configured" state that's a risk. In those cases it's
> always good to disable ANY sort of admin access from the WAN side. Better If I'm reading the manual correctly, admin access is only through the LAN side in the default setup. That would seem to preclude attack on the router until a successful attack on an internal host was pulled off. If that's done I don't see any point in fooling with the router. Now, if the internal server happens to be watching both the internal and external interfaces, I agree it's not a good thing.....8-) The serial console port is obviously safest, but given the complexity of the router the Web interface is very helpful to a beginner. bob prohaska | ||||||||||||||||||||||||||||
| Similar Threads | Posted |
| DSL router security | November 3, 2004, 6:53 am |
| Router Security | August 17, 2005, 12:35 pm |
| DSL security | November 9, 2005, 4:02 am |
| DSL and a home security system? | January 11, 2005, 10:37 pm |
| DSLAM vs. DSL-modem security | January 8, 2007, 1:39 pm |
| Security Alarm Considerations | December 31, 2005, 8:03 pm |
| Security Holes with bridged PPPoE on 4200 | August 15, 2006, 2:16 am |
| Semi-OT: Piggybacking a WiFi router onto existing FireWall router? | November 15, 2005, 9:58 am |
| ADSL Modem with a Built-in Router? Can I connect another router to it? | March 26, 2007, 2:41 am |
| How to connect a router to an ADSL router? | January 18, 2005, 6:02 pm |
| Verizon DSL with router | August 26, 2004, 10:12 pm |
| Router used as a WAP/DHCP | January 12, 2005, 12:34 pm |
| about wireless router | February 10, 2005, 12:23 am |
| WGR614 Router | April 7, 2005, 12:10 pm |
| ADSL router getting hot possible ??? | June 13, 2005, 8:26 pm |
>
> I've recently started using DSL service from SBC/Yahoo using
> the Cayman 3546 router supplied as part of the deal.
>
> The notion that hosts need to be secured against attack and
> compromise has long been with me, but I've always thought of
> routers as "too dumb to corrupt". There are suggestions that
> modern routers are indeed corruptible; the 200+ page manual
> for the Cayman defies any quick read and implies it has ability
> and intelligence not apparent to the casual user.
>
> If I wanted to explore this issue a little further, where's
> a good place to go fishing? Alternate spelling welcomed 8-)
>