Using a Linksys router at home or at a small business? There could be inherent security holes within the base firmware that comes shipped on the device. The base firmware that comes installed with the EA2700, 3500, 4500 series routers, also referred to as the “Classic Firmware”, has a number of security vulnerabilities inherent with it right out of the box. Some of the basic functions of the firmware are part of the problem! Are you in danger???
Rage Against The Machine!
So you innocently purchased one of these routers for home or small office use and are now aware that there may be issues with it but what are they? The four main ones found out by a consulting group named AppSec Consulting involved a cross site scripting hole, the ability to check the entire file path stem, view the entirety of the raw source code, and the ability to change the password easily and enable remote management. So now, relatively easily, an outside hacker can gain control over your device, change whatever settings he desires, upload any evil version of firmware he wants, etc. So basically, if you are in the default firmware and travel to a “dummy” website rigged for this exploit, a script will fire causing your router to reset the password to “password” and enable remote management allowing the hacker to control your router just like he was sitting on your network. The main reason this is able to happen is that the firmware doesn’t prompt you for an authentication of the old password when changing passwords. This is a MAJOR flaw that should not even be possible. Almost every router/modem I have worked with have at least this very basic security feature. A shoddy website and a small quickly made chunk of script is all it takes for your router to be toast and under control of someone else.
What are the best methods of defense against this type of cyber attack? For starters, an upgrade to the newest firmware made available for these routers should conceal these security holes. There are plenty of gripes with the new Smart Wifi Firmware on its own, such as an always connected version in which you must be signed in to access all of your routers features but at least it protects you from the glaring security holes that were in the previous firmware. Also, just on good routing principles, you should change your default IP to something that isn’t 192.168.0.1, 192.168.1.1 and so on. If you move it from the default IP scheme, there are 254 options for what your routers IP could be if you are in the C class, making it a lot more challenging to guess or Google.
As it turns out, the Linksys brand was bought out by Belkin a couple of months ago, releasing Cisco of the duties of patching these holes and releasing me of my favorite brand. As mentioned above, Belkin’s latest Smart Wifi Firmware should take care of the vulnerabilities listed once a firmware upgrade has been completed. Down below I’ve listed the URLs of the support pages for each device and the general support site so you can begin the patch process. Be very careful when preforming an type of firmware update or change. Make sure you are on a constant stream of power because if the power goes out half way through the upgrade, your router is now likely a paperweight. It is always good to be informed on your internal devices to make sure that you are up to date to avoid any catastrophic losses. What routers/modems do you all use at home and how satisfied are you? Tell us below!
Download links for newest firmware:
Linksys Support: http://support.linksys.com/en-us/support/routers
Blog of the exploits: https://superevr.com/blog/2013/dont-use-linksys-routers/