Re: exploiting printers, home routers & smb routers

From: Peter Gutmann (pgut001at_private)
Date: Thu Aug 22 2002 - 19:51:50 PDT

Next message: omegatronat_private: "FreeBSD System Call Signed Integer Buffer Overflow Vulnerability"

Previous message: h1kari: "ToorCon Computer Security Conference 2002 Announcement"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

<chrisdat_private> writes:

>I started thinking ..., I'm no hardware expert but couldn't this be modified
>& applied to all the home & small business routers ??? (linksys, smc, d-link,
>etc ...)

One thing which has always baffled me is why no trojans have yet appeared
which telnet to the default gateway from the compromised box, log on using
default passwords for Cisco, Linksys, Netgear, etc, routers, and disable all
firewalling.  This would probably get about 95% of all routers [1].

Peter.

[1] OK, that's a random guess, let's say 99% of all SOHO routers and at least
    50% of larger comercial setups.

Next message: omegatronat_private: "FreeBSD System Call Signed Integer Buffer Overflow Vulnerability"
Previous message: h1kari: "ToorCon Computer Security Conference 2002 Announcement"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Aug 22 2002 - 21:39:40 PDT