chrisdat_private wrote: > I read the black hat presentation on exploiting printers: > > http://www.blackhat.com/presentations/bh-usa-02/bh-us-02-phenoelit-network.pdf > > , good stuff & a real eye opener! > > I started thinking ..., I'm no hardware expert but couldn't this be > modified & applied to all the home & small business routers ??? (linksys, > smc, d-link, etc ...) > > As we all know so many of them are: > > - can be configured through a web interface > - their default config is not changed > - are accessible through inet (lack of config) > - keep their default accounts (lack of config) > - new firmware can be uploaded > Indeed, Which is why there are advisories all the time about such problems in cable modems and routers and switches. But Netgear RPXXX series routers etc... do not have the admin interface enabled on anything but the LAN, nor do most have SNMP at all. Linksys routers are the same by default, limited to the LAN for ocnfiguration connections, althought they have other problems yet to be addressed. For home DSL/Cable routers the biggest problem I see at the moment that is still a general problem is that many come with default logins and default SNMP communities. -Stan > My question, could something similar to exploiting printers be done to > routers or would the hardware be totally incompatible ? > > ch, > > >
This archive was generated by hypermail 2b30 : Thu Aug 22 2002 - 08:47:57 PDT