Millions of Home Routers Are Hackable

Julie188 writes "Craig Heffner, a researcher with Maryland-based security consultancy Seismic, plans to release a software tool at the Black Hat conference later this month that he says could be used on about half the existing models of home routers, including most Linksys, Dell, and Verizon FiOS or DSL versions. The tool apparently exploits the routers through DNS rebinding. While this technique has been discussed for 15 years or more, Heffner says, 'It just hasn't been put together like this before.'" Notebooks.com has a list of routers tested and some advice on securing vulnerable routers.

Re:You mean besides using default admin/password..

[Anonymous Coward]

The tool apparently exploits the routers through DNS rebinding. Wjhile this technique has been discussed for 15 years or more, Heffner says 'It just hasn't been put together like this before.'"

Ha Ha! I changed my default username to "adjminstrator" and password to "passjword"! Good luck hjackers!

Thank you Captain Obvious

[RapidEye]

Lets see:
Make sure you have a strong Admin password on your router and don't surf p0rn/warez sites.
Thank you Captain Obvious!

Re:Thank you Captain Obvious

[AnonymousClown]

Lets see: Make sure you have a strong Admin password on your router and don't surf p0rn/warez sites. Thank you Captain Obvious!

I get more hacking attempts when I search for and try to look at Christina Hendricks images than I ever do from all the porn sits combined.

Re:You mean besides using default admin/password..

[Cryacin]

Ha Ha! I changed my default username to "adjminstrator" and password to "passjword"! Good luck hjackers!

Wouldn't stop them if they're Swedish!

And yes, I'm an insensitive Cljod!

Re:Thank you Captain Obvious

[MBGMorden]

I get more hacking attempts when I search for and try to look at Christina Hendricks images than I ever do from all the porn sits combined.

Yes but going by the "I'll know it when I see it" definition, any image of that woman in a dress qualifies as pr0n . . .

Re:Thank you Captain Obvious

[John Hasler]

> ...NEVER let your browser remember passwords.

Never let it remember important passwords. There's no harm in letting it store passwords for trivial sites such as Slashdot.

Re:Exactly what is the sploit?

[L4t3r4lu5]

Excellent! So, I was correct in labelling this whole shitty story as another inflammatory chod-fest at the hands of Slashdot's very own version of the Daily Mail, kdawson.

Will he never cease to amaze me?!

Heretic

[Anonymous Coward]

Slashdot is *the* most important site. For you to call it "trivial" is a most wicked sin.

Re:You mean besides using default admin/password..

[Ihmhi]

Then they click submit and BAM you hit 'em with tubgirl.