D-Link Router Backdoor Vulnerability Allows Full Access To Settings

Here's an another research of different routers with vulnerabilities and backdoors:
http://securityevaluators.com/content/case-studies/routers/soho_service_hacks.jsp

Isn't the N150 the cheaper baby brother of the N300? If so all vulnerabilities that affect the N300 probably also affect the N150. Btw, if your router is not on the list it does not mean that your router is not affected, only that it is not tested:

 

As i posted earlier my N150 has not been affected, if it was affected they would release an UPDATE firmware version, but there has not been a single Update released since 2011-2012

 

Not really. The fact that your router hasn't recieved a patch in two years is *not a good thing*, if anything it shows how little they care about security.

 

"D-Link! What's wrong with you?"

And the beat goes on.
While D-link issued an update for the DI-524, DI-524UP, DIR-100 and DIR-120 yesterday, Italian researcher Matteo Ignaccolo has found a backdoor in a D-Link DAP-1522 wireless Bridge / Access Point.
As isn't mentioned in the manual, the device offers an undocumented Telnet service as Ignaccolo found out when doing a port scan.
Analyzing the firmware, he found the appropriate Telnet login password in clear-text. link

 

Re: "D-Link! What's wrong with you?"

I wish they'd test some of the virtual routers like the CDRouter2050. Anyone know if this is still being developed? The original site appears to be gone.

With devices like routers (and probably hardware) proving to be untrustworthy, I'm wondering if it would be a better option to use an older PC with VirtualBox to run a virtual router like the one above and a virtual copy of Smoothwall. The 2 together would be less load on a PC than a copy of Windows.

Slightly OT, but maybe not. A few years back, I had several ISP supplied DSL modems fail. I ran port scans on each replacement using an online port scan site, 4 different brands and models. Every one of them had an upper range port open. Most were above port 20,000. None of the documentation mentioned these ports. I couldn't find anything about them in search results. They could not be closed by configuration. After the revelations in this thread, I'm more convinced than ever that they're backdoors in the modems firmware. This problem goes beyond routers and includes most if not all commercially available and ISP supplied internet hardware. It might be useful if we can assemble a list of virtual replacements for routers, firewalls, and if possible modems.

edit, added link

 

Seems to me this is all a very good excuse for encouraging people to reuse their old laptops as network gateways. *nix distributions like IPFire make this easy, and are updated much more frequently than SOHO router firmware.

 

It's unlikely that the Open Source versions would have hard coded passwords in them either. A lot of them will run on much older hardware, and not just laptops. I run Smoothwall 2.0 on a P5-133, Windows 3.1 era hardware I think. An early XP unit with a lightweight linux core and VirtualBox should have no trouble running both Smoothwall and a virtual router. The older hardware is also less likely to be backdoored by design either. IMO, older desktops would be better suited for such a role. They can run longer periods without heat becoming an issue.

I never thought I'd see the day when I suspected newer hardware of being backdoored by coercion, potentially at a chipset/processor level. I'm glad that I held on to all of this "obsolete" hardware. Running routers and firewalls as virtual units might not be as theoretically secure as running physical units. With the virtual units (assuming good code) at least an adversary has to break into it. Beats using hardware that leaves the door open deliberately.

 

I was thinking laptops because the power requirements are (usually) much lower. But yeah, a Pentium will also work.

 

Any of you guys played with/considered (something like) a Raspberry Pi with f.i. IPFire?
Pretty cheap and low additional electricity costs.
Something like using m0n0wall on a thin client (almost a decade ago but still).

 

My problem with that is that I really want a wired connection for my desktop and another device, and then wireless for others. So whatever I use would need at least 3 ethernet adapters.

The Raspberry Pi has one ethernet port, which of course has to go to your modem. Then you have 2 USB ports, so after you connect a wireless adapter you're left with just one for a USB ethernet adapter. It would, however, be a good option for those that connect all of their devices wirelessly.

Unless you were suggesting having it in between your modem and a router. 3 boxes seems like a bit of overkill to me.

 

That's another reason to use an old laptop.

You can also use your old hardware router as a switch, BTW - just turn off the DHCP server, and leave the WAN port unconnected. That's probably inadvisable if you use wifi, though, since you don't want the old router accessible from outside by any means.

 

https://krebsonsecurity.com/2013/12/important-security-update-for-d-link-routers/

 

Stated already but from another source: D-Link issues fixes for firmware backdoor in routers
http://www.cso.com.au/article/533332/d-link_issues_fixes_firmware_backdoor_routers/