Re: [ISN] Popular Linksys Router Vulnerable to Attack

From: InfoSec News (isnat_private)
Date: Tue Nov 05 2002 - 04:06:42 PST

  • Next message: InfoSec News: "[ISN] Hackers stick California city with $30,000 phone bill"

    Forwarded from: Eric Lee Green <ericat_private>
    On Sunday 03 November 2002 11:29 pm, InfoSec News wrote:
    >,3959,663801,00.asp In many cases,
    > there is no reason for the remote management interface to be enabled
    > and disabling it serves as an easy defense against this problem.
    More correctly, I should say that in ALL cases there is no reason for
    the remote management interface on a Linksys router to be enabled.
    This interface is a totally unencrypted web application that sends the
    system management password over the Internet in plain text. Any script
    kiddie with a password sniffer then gets access to your router -- and
    to your network.
    Eric Lee Green          GnuPG public key at
              mailto:ericat_private  Web:
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Nov 05 2002 - 06:30:23 PST