Menu
What's new
By:
Filters Better Search

Router security holes paper

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

A

alternety

Regular Contributor
This is a paper I thought some of you might be interested in. It is way above my pay grade. I am but one of the unwashed masses of router users (although I have welcomed Merlin into my router for a long time).

Basically, pretty much every SOHO, SMB router is ridled with security holes; which are being rather ignored by manufacturers. It shows at least one Asus exploit.

securityevaluators.com/knowledge/presentations/Holcomb_ISE_SOHO_DefCon.pdf

This is the article I took that link from.

http://www.theregister.co.uk/2015/03/05/broadband_routers_sohopeless_and_vendors_dont_care/?page=1
 
Last edited:
Security is an illusion. It is safe to assume you are never completely secure.

If your router is firewalled from the outside world, you are safe enough.

Thanks for the heads-up!
 
Nullity said:
Security is an illusion. It is safe to assume you are never completely secure.

If your router is firewalled from the outside world, you are safe enough.

Thanks for the heads-up!
Click to expand...

I just added the source article link where I got the initial link. I really believe that your statement is not actually correct.
 
To Asus's credit, I see them issuing frequent updates that do include security fixes, since they got bit last year by the AiCloud issues. That's at least one SOHO router manufacturers who have upped their game in the security aspect.
 
alternety said:
I just added the source article link where I got the initial link. I really believe that your statement is not actually correct.
Click to expand...

Remotely exploitable bugs are a really big deal. Everything I read in the paper assumed access to the machine. If the device is completely firewalled there is no access.

If they remotely exploited the Linux firewall Asus uses that would be a huge problem that would affect far more devices than just routers.
 
You must log in or register to reply here.

Similar threads

K
Latest RT-AC68U Asuswrt stock vs Merlin security
Replies
6
Views
2K
KrypteX
K
J
Trying to understand system log entries related to rebooting router
Replies
4
Views
1K
ColinTaylor
C
Yota
Is considering creating an anti-malware program for Asuswrt-Merlin firmware
2
Replies
24
Views
5K
Tech9
Tech9
torstein
Avoid Consumer Routers
2
Replies
39
Views
6K
netware5
netware5
L
VLAN on NEW Router... or Separate Routers for IoT and Security
Replies
8
Views
11K
RMerlin
RMerlin
Similar threads
Thread starter Title Forum Replies Date
S Prevent client from connecting to router but allow connection to internet via access point Asuswrt-Merlin 4
PaulA Port isolation on RT-AX88U-Pro (router) w/ Merlin w/ Tagged internet ISP Asuswrt-Merlin 1
H Solved xbox one not able to sign in when connected through router running asuswrt-merlin on an rt-ac5300. Asuswrt-Merlin 5
pdc Router DNS returning Refused Asuswrt-Merlin 2
alan6854321 Router threw a wobbla - "Top" info in syslog? Asuswrt-Merlin 0
randomName Possibly in the market for a new router Asuswrt-Merlin 27
muffintastic Cannot Stream from Router - Samba Problem Asuswrt-Merlin 2
J RT-AX88U Dual WAN Ports 5-8 Almost Bricks Router Asuswrt-Merlin 6
url004 NXDOMAIN on server but the router can resolve queries Asuswrt-Merlin 1
A HELP! No internet after Router reboot Asuswrt-Merlin 4

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 946 (members: 21, guests: 925)
Top