Saturday, February 2, 2013

Check Your Internet Router!

This week security researchers announced that many common Internet routers have a fundamental flaw which essentially gives any hacker that wants into your home network free reign to connect in remotely, completely bypassing the router’s firewall feature.  While this problem in and of itself doesn’t necessarily grant hackers access to your computer, it sure would make it easier to do so, especially if you don’t regularly update your computer’s software.

We already know that hackers are actively scanning the entire Internet for vulnerable routers, so it isn’t a matter of “if” but rather a matter of “when” your home network is going to come under attack.

There are way too many vulnerable models out there to list them all, so Steve Gibson at Gibson Research Corporation has created a web-based tool to remotely scan your router to see if it has the problem.  Because its use isn’t necessarily obvious, I’m going to walk you through running a scan of your own router.  It only takes a couple minutes.

Performing the Test

First of all, click this link to access GRC’s ShieldsUp product page.  That will bring you to this screen:

shieldsup1

From there, click the “Proceed” button.  That will bring you here:

shieldsup2

Click the “GRC’s Instant UPnP Exposure Test” button (which I’ve highlighted in yellow above).  This will begin the test of your router.  After a few seconds, the test result will appear.  That will look something like this:

shieldsup3

If you get the green result box as shown above, your router does not have this vulnerability.  If, however, you get the two following result, you should REPLACE YOUR ROUTER PROMPTLY!

image

While it may be technically possible for the manufacturer of your router to issue a new software update that fixes the problem, very few have done so, and chances are that if your router has this problem it probably suffers from many other serious security issues as well.  Your best bet is to get something newer, which also gives you the benefit of it probably being much faster and adding newer technologies to improve usability and a more comprehensive set of features.  Routers are not expensive these days.

Recommended Replacement Routers

  • If you’re looking for a budget model, the D-Link DIR-601 is typically under $30 and is quite good. 
  • The D-Link DIR-636L doubles the speed of the WiFi from 150 to 300 Mbps, for $70 or less. 
  • To double WiFi speed again, the D-Link DIR-826L is the next step up for just a few dollars more. 

I like the D-Link routers because they don’t have security problems of those made by Linksys, and provide more features than are available from Netgear.  And most “no-name” routers use the same base software as those manufactured by Linksys, and are thus more likely to have serious security issues.

1 comment:

Lalis said...

I've been wondering about this... I'll def check later when I get home! Thanks for posting!

Google Search