The purpose of this paper is to outline the security measures being taken by vendors to prevent such attacks in their home routing products, what those security measures accomplish, and where they fall short. We will use existing network tools to examine common vulnerabilities in a range of popular devices and demonstrate weaknesses in the security of those devices; additionally, we will examine common trends in security measures that have been duplicated across vendors, and examine how those trends help and hinder the security of their devices. In particular, we will examine the following home routers, which are some of the latest offerings from their respective vendors at the time of this writing:
* Linksys WRT160N
* D-Link DIR-615
* Belkin F5D8233-4v3
* ActionTec MI424-WR

The original article can be found at: http://www.sourcesec.com/Lab/soho_router_report.pdf

Conclusion:
Router manufacturers are increasing the security of their devices, however, home router security still has a long road ahead of it. Below is a table listing each of the devices and their associated, reasonably exploitable, vulnerabilities mentioned in this paper; these types of vulnerabilities must be considered by all vendors, and should be investigated by any consumer before purchasing a router.

Explore More

You’ve Hired a Hacker (Section 4)

Section 4: Stimulus and response 4.1: My hacker did something good, and I want to reward him. Good! Here are some of the things most hackers would like to receive

Read More

Yahoo Hack Leaks 453,000 Voice Passwords

Yahoo Voices users: Change your Yahoo password immediately. A hacker or hacking group that bills itself as “DD3Ds Company” Thursday leaked what it said were plaintext passwords for 453,492 Yahoo

Read More

Timing Attacks with HTML5

HTML 5 and related technologies bring a whole slew of new features to web browsers, some of which can be a threat to security and privacy. This paper describes a

Read More