Router Attack - If This Applies, Fix It Now.

February 15, 2007

Those of my clients for whom I manage systems need not worry about this.

For everyone else, take note of a rather dangerous new security hole. It may affect you if you have a home router (or even a business router) that is still using the default user credentials. For example, some routers require a blank username and a password of "admin." If this is the case, and someone using your router's network visits a Web site with malicious code, your router could be hijacked.

This "pharming" threat is described in a paper from researchers at Indiana University and Symantec. See a good explanation in this PC World article.

There is a more general lesson to be learned here. Whether hardware or software, never leave default usernames or passwords in place. Always change them.

Tags: Hardware, Networking, Security

A total of 23 related articles were found. See them all...