Forgot your password?
typodupeerror
Security

Backdoor Discovered In Netgear and Linkys Routers 189

Posted by samzenpus
from the protect-ya-neck dept.
An anonymous reader writes "A hacker has found a backdoor in the Linksys WAG200G router, that gives access to the admin panel without authentication. Further research shows that these devices are made by Sercomm, meaning that Cisco, Watchguard, Belkin and various others maybe affected as well. From the article: 'The backdoor requires that the attacker be on the local network, so this isn’t something that could be used to remotely attack DSL users. However, it could be used to commandeer a wireless access point and allow an attacker to get unfettered access to local network resources.'"
This discussion has been archived. No new comments can be posted.

Backdoor Discovered In Netgear and Linkys Routers

Comments Filter:
  • by Anonymous Coward on Thursday January 02, 2014 @07:38PM (#45851713)

    http://www.shodanhq.com/search?q=port%3A32764

  • OpenBSD (Score:4, Informative)

    by grub (11606) <slashdot@grub.net> on Thursday January 02, 2014 @07:41PM (#45851747) Homepage Journal

    Thank goodness for OpenBSD [openbsd.org] and a bit of elbow grease.
  • malware = local (Score:5, Informative)

    by SethJohnson (112166) on Thursday January 02, 2014 @07:47PM (#45851831) Homepage Journal
    Attacking the router from inside the network is only a matter of infecting a computer inside the network.

    Then the compromised computer is used to modify the DNS settings.

    Then the whole network depending on the router to provide proper DNS is now visiting whatever hosts the attackers desire.
  • by richlv (778496) on Thursday January 02, 2014 @07:48PM (#45851851)

    "Linkys". because details are for samzenpussies.
    this is getting annoying enough.

  • Re:OpenBSD (Score:5, Informative)

    by grub (11606) <slashdot@grub.net> on Thursday January 02, 2014 @08:04PM (#45852003) Homepage Journal
    As a gateway/router/wifi point, OpenBSD is excellent. My comment is very relevant to the story.
    For example, my own setup has OpenBSD acting as a router/NAT/etc. box. For guests there is a wifi network it broadcasts and routes only to the world. Also has a VLAN for DMZ, outside accessible services, etc.
    It's not name dropping if it's true.
  • by Anonymous Coward on Thursday January 02, 2014 @08:12PM (#45852083)

    I did a web search for "linksys router backdoor" and this story was one of the top results:
    http://news.techworld.com/security/1682/critical-flaws-in-linksys-and-netgear-kit/

    "...a hard-wired user account with a known password. Any user with access to a LAN with an affected WG602 device connected to it would be able to gain full administrator access to the device..."

  • by DigitAl56K (805623) on Thursday January 02, 2014 @08:21PM (#45852145)

    There is a supported feature on Netgear routers where so long as you're on the internal network you can send a magic packet (using a utility called TelnetEnable) to open up the telnet port, then you can telnet in and issue commands as the super user. All TelnetEnable needs is the IP address of the router, it's MAC address, and a widely known default username and password - all things anyone connected to the network can get easily.

    It seems like this guy stumbled upon a similar feature.

    Yes, this stuff should be better protected, but it's not necessarily a vulnerability. For example, you can log into your router this way and use iptables to add some custom firewall rules that the web admin interface doesn't support. The main hole here is A) Most people don't know it's even there, and B) The default username/password is the same for every router by default. You do need to be on the LAN side to send the magic packet in the first place.

  • by raymorris (2726007) on Thursday January 02, 2014 @10:49PM (#45853233)

    > Or does such a thing already exist?

    The wrt54gL (L for Linux) is an example of such a device. The early versions of wrt54g were popular with people using openWRT and such of course. Recognizing this, the company released a version specifically for nerds.

    I'd love to see some other, more up-to-date options. I have some projects that would fit nicely in several MBs of RAM, without necessarily needing all the ports. A Raspberry Pi would work, but a beefed up WRT would be better.

  • Re: OpenBSD (Score:5, Informative)

    by TooTechy (191509) on Friday January 03, 2014 @12:18AM (#45853671)

    Small comment.

    I have a Netgear router with Tomato running on it with over 730 days of uptime!

Real computer scientists don't comment their code. The identifiers are so long they can't afford the disk space.

Working...