Hackers will compete to break home router security

Discussion in 'other security issues & news' started by Tipsy, Jul 31, 2014.

  1. Tipsy

    Tipsy Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    207
    I hope this kind of contests make manufactures pay more attentions. :D

    http://arstechnica.com/security/201...ng-contest-aims-to-test-home-router-security/

    http://www.theregister.co.uk/2014/07/18/sohopelessly_broken_to_air_router_dirty_zero_day_laundry/
     
  2. WeAreAllHacked

    WeAreAllHacked Registered Member

    Joined:
    May 22, 2014
    Posts:
    28
    One router I ordered was shipped with a dual logon. Its not something normal computer users would have noted and I barley did.

    The security in homerouters has been bad forever and we are shipped new junk like wps and telnet enabled by default.

    Personally I have to guess that they are made weak on purpose. WPA2 a 63 char max and junk like that are also sent, why always settle for the weakest encryption that are seen "not totally broken" when computers has no issues handling really strong encryption.

    People also connect their cellphones to their wireless, this is a sure way to have it broken.
     
  3. Tipsy

    Tipsy Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    207
    Which are the best home routers for security at this time?
     
  4. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    I'm thinking any that are OpenWRT supported: http://wiki.openwrt.org/toh/start

    Also
    https://openwireless.org/router/download

    Or I suppose there's always the option to build a small pc and throw Linux or OpenBSD on it and that'd be the best. But, I doubt I'd even want to mess around doing that.
     
  5. WeAreAllHacked

    WeAreAllHacked Registered Member

    Joined:
    May 22, 2014
    Posts:
    28
    You have no security at home unless you runs a custom OS that is highly stripped of junk code, but Stay away from wireless if possible. I like to believe that OpenWRT and similar opensource solutions isn't as bad as most of the stuff you get sent home, I suggest that you roll with several guest internet's (with only one activated at a time) to prevent that they break the very weak WPA2 encryption junk.

    Have it say: on Monday use this SSID and this unique 63 char password, on Tuesday use some other SSID and this unique 63 char password, on Wednesday use this SSID and this unique 63 char password and so on (or better yet have it change SSID and password each hour or more, this will make it a hassle for most home hackers using backtrack and they will go for the neighbors net instead, also use MAC address filtering even tho its weak, disable telnet and any junk u wont use).

    Wireless WPS, WEP, WPA, WPA2 is publicly broken. But you can at least do some to try and secure it.

    Go for AES and re-roll/change the keys/SSID's as often as possible, this will make it less of a risk if someone close is trying to break the encryption. Or better yet read on about networking consider going for a corporate setup.
     
  6. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I'm beginning to think that a virtual router on a stripped down virtualbox host might be the more secure option. If something does compromise the virtual router, reloading the original image fixes it.
     
  7. Malwar

    Malwar Registered Member

    Joined:
    May 5, 2013
    Posts:
    271
    Location:
    USA
    Does this include Chrome OS?
     
  8. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  9. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    With so users regarding NAT and routers as the equivalent of an inbound firewall, I have wonder how many have been totally owned and never knew it.
     
  10. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,094
    DEFCON Router Hacking Contest Reveals 15 Major Vulnerabilities.

    -- Tom
     
  11. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
Loading...