Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 13 Dec 2018, 10:15
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Your Router's Security Stinks
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [8 Posts]  
Author Message
labbe5

Joined: 13 Nov 2013
Posts: 1535
Location: Canada

PostPosted: Fri 19 Oct 2018, 17:59    Post subject:  Your Router's Security Stinks
Subject description: How to Fix It
 

https://www.tomsguide.com/us/home-router-security,news-19245.html

Routers are the essential but unheralded workhorses of modern computer networking, yet few home users realize they are computers, with their own operating systems, software and vulnerabilities.

Most gateway routers used by home customers are profoundly not secure, and some routers are so vulnerable to attack that they should be thrown out.

"If a router is sold at [an electronics chain], you don't want to buy it," independent computer consultant Michael Horowitz said in a presentation. "If your router is given to you by your internet service provider [ISP], you don't want to use it either, because they give away millions of them, and that makes them a prime target both for spy agencies and bad guys."

Horowitz recommended that security-conscious consumers instead upgrade to commercial routers intended for small businesses, or at least separate
their modems and routers into two separate devices. (Many "gateway" units, often supplied by ISPs, act as both.) Failing either of those options, Horowitz gave a list of precautions users could take.


If you are the tech-savvy individual in your house, do not fail to read this from start to finish to help your family stay secure online.

Further reading :
https://routersecurity.org/
https://www.ipaddress.com/articles/change-ip-address
https://www.vpnranks.com/how-to-protect-wi-fi-network/
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1535
Location: Canada

PostPosted: Thu 29 Nov 2018, 08:08    Post subject: Germany proposes security guidelines for routers  

Online criminals have woken up to the power they can exert through hijacking large numbers of routers into botnets, launching devastating distributed denial-of-service (DDoS) attacks, stealing WiFi credentials, or changing DNS settings to make unwanted pop-up ads continually appear.

Time and time again users have been warned that their routers are vulnerable because of a software flaw, or because they shipped with weak default passwords.


Guidelines : https://www.bitdefender.com/box/blog/iot-news/germany-proposes-security-guidelines-routers-not-everybody-happy/#new_tab
Back to top
View user's profile Send private message 
s243a

Joined: 02 Sep 2014
Posts: 1311

PostPosted: Thu 29 Nov 2018, 12:43    Post subject: Re: Germany proposes security guidelines for routers  

labbe5 wrote:
Online criminals have woken up to the power they can exert through hijacking large numbers of routers into botnets, launching devastating distributed denial-of-service (DDoS) attacks, stealing WiFi credentials, or changing DNS settings to make unwanted pop-up ads continually appear.

Time and time again users have been warned that their routers are vulnerable because of a software flaw, or because they shipped with weak default passwords.


Guidelines : https://www.bitdefender.com/box/blog/iot-news/germany-proposes-security-guidelines-routers-not-everybody-happy/#new_tab


It sounds like they are blaming the user rather than the manufacture for poor router security. This sounds odd to me.
Back to top
View user's profile Send private message 
nosystemdthanks

Joined: 03 May 2018
Posts: 542

PostPosted: Thu 29 Nov 2018, 12:58    Post subject: Re: Germany proposes security guidelines for routers  

s243a wrote:

It sounds like they are blaming the user rather than the manufacture for poor router security. This sounds odd to me.


i think when you start a dd-wrt router, it encourages you to change the default password. they should all do that.

blaming the user isnt the best route, the best route is better security. but they know this. im not saying every manufacturer cares-- i dont think cisco cares, or they wouldnt help the chinese government be monstrous. if they dont ship the way they do, im guessing they will lose business to people that do. and users are kind of to blame for that.

pointing this out isnt as good as good security by default, but it does encourage people to practice better security. default passwords are a common point of attack for routers. then again, they could have done those too with better security. but even that wouldnt be as good as people choosing good practices.

counterargument: if every router told you to change your password the first time you used it, many would have even weaker passwords. counter-counterargument-- unless they required password strength-- counter-counter-counterargument: which brings us back to the part about competing routers that would sell better. they already create security updates. but most people dont use them. you dont want automated firmware updates. windows 10 does that. keeping it secure by default = risk of bricking by default. automated firmware updates could also be hijacked for installing malware. its not a simple problem to solve. the beginning of security is good design, but even if its your primary goal, bad laws and irresponsible users are going to come into play at some point regardless of the design.

_________________
teaching computing via learning applications is like teaching cooking via going to a restaurant.
Back to top
View user's profile Send private message Visit poster's website 
belham2

Joined: 15 Aug 2016
Posts: 1628

PostPosted: Thu 29 Nov 2018, 15:11    Post subject: Re: Germany proposes security guidelines for routers  

nosystemdthanks wrote:
s243a wrote:

It sounds like they are blaming the user rather than the manufacture for poor router security. This sounds odd to me.


i think when you start a dd-wrt router, it encourages you to change the default password. they should all do that.

blaming the user isnt the best route, the best route is better security. but they know this. im not saying every manufacturer cares-- i dont think cisco cares, or they wouldnt help the chinese government be monstrous. if they dont ship the way they do, im guessing they will lose business to people that do. and users are kind of to blame for that.

pointing this out isnt as good as good security by default, but it does encourage people to practice better security. default passwords are a common point of attack for routers. then again, they could have done those too with better security. but even that wouldnt be as good as people choosing good practices.

counterargument: if every router told you to change your password the first time you used it, many would have even weaker passwords. counter-counterargument-- unless they required password strength-- counter-counter-counterargument: which brings us back to the part about competing routers that would sell better. they already create security updates. but most people dont use them. you dont want automated firmware updates. windows 10 does that. keeping it secure by default = risk of bricking by default. automated firmware updates could also be hijacked for installing malware. its not a simple problem to solve. the beginning of security is good design, but even if its your primary goal, bad laws and irresponsible users are going to come into play at some point regardless of the design.



Irresponsible, lazy users not taking the extra 15 mins to set up a new, 12+ character---special and otherwise---length password for their router's login nor setting up a decent WPA2 password......vs........ irresponsible, lazy ISPs where they keep demanding backdoor administrative access to all their routers that they have put out to most of their customers, which is the achilles heal of everything they do.

Until a better solution comes along, it pays to make yourself not irresponsible, not lazy, and also overcome your ISP by putting their unit in bridge-mode (which all current routers in the world allow, AFAIK) and setting up & using your own hardened router (commercial-level, dd-wrt, tomato and/or a combo of these, along with dedicated guest wifi networks, different subnets, and more).

Jmho....
Back to top
View user's profile Send private message 
nosystemdthanks

Joined: 03 May 2018
Posts: 542

PostPosted: Thu 29 Nov 2018, 16:03    Post subject: Re: Germany proposes security guidelines for routers  

belham2 wrote:
vs........ irresponsible, lazy ISPs where they keep demanding backdoor administrative access to all their routers that they have put out to most of their customers, which is the achilles heal of everything they do.


no disagreement there, none at all.

Quote:
Until a better solution comes along, it pays to make yourself not irresponsible, not lazy, and also overcome your ISP by putting their unit in bridge-mode (which all current routers in the world allow, AFAIK) and setting up & using your own hardened router (commercial-level, dd-wrt, tomato and/or a combo of these, along with dedicated guest wifi networks, different subnets, and more).


beyond the capability of most users, but very good advice.

_________________
teaching computing via learning applications is like teaching cooking via going to a restaurant.
Back to top
View user's profile Send private message Visit poster's website 
labbe5

Joined: 13 Nov 2013
Posts: 1535
Location: Canada

PostPosted: Mon 10 Dec 2018, 19:26    Post subject: Router Hardening Checklist
Subject description: for Cisco Routers/Switches in 10 Steps
 

A compromised router for example can be devastating to the whole security of the enterprise since it can be used to gain access to data, reconfigured to route traffic to other destinations, used to launch attacks to other networks, used to gain access to other internal resources etc. Therefore, hardening the network devices themselves is essential for enhancing the whole security of the enterprise.
Source : https://www.networkstraining.com/cisco-router-switch-security-configuration-guide/
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1535
Location: Canada

PostPosted: Yesterday, at 15:03    Post subject: RouterCheck
Subject description: the first consumer tool for protecting your home router
 

RouterCheck is the first consumer tool for protecting your home router, which is the gateway to your home network. Your home router is the computer in your home with the least protection, but the greatest vulnerability. If it is attacked, all the devices connected to your router are at risk. RouterCheck is like an anti-virus system for your router. It protects your router from hackers around the world, who have begun to target and attack routers.
https://www.routercheck.com/

What is RouterCheck :

RouterCheck is a system for ensuring the well-being of your router and home network. It’s offered as a smartphone app, but is far more than just a simple smartphone app. RouterCheck communicates with a powerful server that helps to check whether your router is vulnerable to any of the latest attacks that hackers are launching.
http://www.routercheck.com/what-is-routercheck/

Further reading :
This site actively determines the DNS servers that your computer uses by observing how your DNS requests are processed on the internet.
http://www.whatsmydnsserver.com/

Crooks are targeting DLink DSL modem routers in Brazil to redirect users to fake bank websites by carrying out DNS hijacking
https://securityaffairs.co/wordpress/75282/cyber-crime/dns-hijacking-brazil.html
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [8 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0698s ][ Queries: 12 (0.0093s) ][ GZIP on ]