Tuesday, February 20, 2007

Protect your router - or else!

Hi again,

on CareOfWindowsXP's page about Firewalls and Wireless Networks we haven't made great play of some of the really basic items, such as ensuring to change the password on a router to something other than the default. If you have a router and haven't changed the passwords, here's a scary reminder:

From http://news.zdnet.com/2100-1009_22-6159938.html?tag=nl.e550
Attackers could change the configuration of home routers using JavaScript code, security researchers at Indiana University and Symantec have discovered. The researchers first published their work in December, but Symantec publicized the findings on Thursday.

The researchers found that it is possible to change the DNS, or Domain Name System, settings of a router if the owner uses a connected PC to view a Web page with the JavaScript code. This DNS change lets the attacker divert all the Net traffic going through the router. For example, if the victim types in "www.mybank.com," the request could be sent to a similar-looking fake page created to steal sensitive data.

Change your password or be hacked!

A nice clear message.




Post a Comment

<< Home