NOW READ THIS
("Security Advisory")

Go Back

Submitted by: Bill Hickey
NCVA List Master

NRT-0471 Web Page Can Take Over Your Router:


On Tuesday, 01APR, a security researcher showed how a web-based attack could be used to seize control of certain routers. The researcher has spent the past year studying how design flaws in the way that browsers work with the internet's DNS (Domain Name System) can be abused in order to get attackers behind the firewall. But at the RSA Conference in San Francisco, he demonstrated how this attack works on widely used routers, including those made by CIsco's Linksys division and D-Link. The technique, called a DNS rebinding attack, would work on virtually any device, including printers, that uses a default password and a web-based administration interface. For the technique to work, the victim would visit a malicious web page that would use JavaScript code to trick the browser into making changes on the web-based router configuration page. The JavaScript could tell the router to let the bad guys remotely administer the device, or it could force the router to download new firmware, again putting the router under the hacker's control. Either way, the attacker would be able to control his victim's internet communications.

(IDG News Service 07APR08)


Valid XHTML 1.0! Valid CSS! Counter Image
Last Modified: Saturday, 03-May-2008 10:39:56 EDT