View Full Version : Popular Linksys Router Vulnerable To DoS Attack
11-02-2002, 02:31 PM
This just in from our good friends @ Winoscentral.com (http://www.winoscentral.com/)
The Linksys Group Inc.'s BEFSR41 EtherFast Cable/DSL Router with 4-Port Switch is vulnerable to a remote DoS attack that requires the attacker to do nothing more than access a specific script on the router's remote management interface. The vulnerability affects all of the routers with firmware versions earlier than 1.42.7! There is no patch available for the problem at this point, but firmware version 1.43 fixes the problem.
Popular Linksys Router Vulnerable To DoS Attack (http://www.eweek.com/article2/0,3959,663829,00.asp)
Tnx Warp2search (http://www.warp2search.net/index.php)
11-02-2002, 02:37 PM
Well now isn't that just great,as if the Internet needs more problems.These outfits need to get the security crap before it's released,not after.Damn :mad: not with you Zammy :lol: just ranting a little :D
11-02-2002, 05:36 PM
The exploit only works if remote admin is allowed on the device (which is like a big poster on your front door that says "NOT LOCKED, but there is some pretty strong scotch tape holding the door shut, so you might as well try the back door. On the back door you will encounter "super" masking tape, so just move on to the next house... please?").
Anyhoo Tuffie, the problem as I see it with Internet security is these guys develop a wonderful product and make it as secure as they can without going overboard. What I mean by overboard is 10,000 twelve-year-old hackers out there trying everything they can dream up for the last 4 years to break into the thing. If Linksys could afford to hire all those hackers and wait several years to release the product, the BEFSR41 might be more secure today (and cost 5 times as much), but who's to say another hacker won't find another vulnerability next week? It's a cycle that will always exist of finding exploits and patching them. Found some more? Patch those too.
11-02-2002, 09:07 PM
Well said. :)
11-04-2002, 08:58 PM
Good catch Zammy. Max well put, I agree.
Besides disabling remote admin, which definitly should be done the first time you set up your router, change the default ip address for your router, 192.168.1.1 and use a good password.
Every little bit of tape helps. ;)
11-04-2002, 11:45 PM
Good call max. Scared me for a minute...but I don't have remote admin enabled anyway :)
11-05-2002, 01:04 AM
yeah i never liked the idea of remote administration on my linksys router, my friend was always telling mehow wonderful it was. well this shoudl be something nice to show him. thx alakazam.
Powered by vBulletin® Version 4.2.0 Copyright © 2013 vBulletin Solutions, Inc. All rights reserved.