• The Author – Bart Busschots

  

  • About
  • On Flickr
  • On YouTube
  • On Mastodon
  • On Twitter

  
  

  

  

  

  

  

• Site Search

  
  

• Site Map

  • About Bart
  • Blog
    • My Development Toolkit
    • Programming by Stealth
    • Taming the Terminal
    • Photo of the Week
    • Observer’s Log
  • Photography
  • Publications
    • Podcasts
    • Presentations
    • Software
      • HSXKPasswd – A Secure Memorable Password Generator

• Blog Categories

  • 42 (Life the Universe & Everything)
  • Computers & Tech
    • Automation
    • Security
    • Software Development
    • System Administration
  • Cooking & Food
  • History & Geography
  • My Projects
  • Photography
  • Polemics & Politics
  • Science & Astronomy

• Featured Tags

  • presentation
  • review
  • software release
  • tutorial

• Creative Commons

  Unless otherwise stated, the content on this site is licensed under Creative Commons Attribution, Noncommercial, No Derivative Works 3.0 License

  

It seems like a long time since my first article pointing out the security problems with Eircom’s default wireless setup. At the time I got a few requests for screen shots but couldn’t deliver since I don’t have one of these Eircom routers myself. Last week a very kind reader contacted me and asked if I’d like some screenshots. I happily accepted and used them to illustrate this post showing the step-by-step instructions Eircom customers can take to improve their security. As always this post comes with no warranty of any sort. Although I am quite knowledgeable on these matters I do not pretend to be an expert and as this advice is free I will accept no liability what so ever for any undesirable outcomes which anyone may experience while following these instructions. I have of course done my best to ensure the instructions are clear, concise and correct. These instructions are for Eircom customers with the recent Netopia wireless routers Eircom provide as standard to home users.

[tags]Eircom, Wireless, Wifi, security, WEP, WPA, router, Netopia[/tags]

Read more

Tagged with: tutorial • home routers

Please note that this article is a follow-on article from two previous articles (Eircom Exposes Its Broadband Customers to Serious Security Risks and Eircom Security – More Bad News and Some Suggested Solutions). The previous articles lay out the problems and some suggested solutions in detail. This article will not repeat those detailed explanations and justifications. I am writing this article with the assumption that readers will have first read the two original articles.

This article starts by presenting the details of Eircom’s response before providing a brief analysis leading to some conclusions. For those of you too lazy to read the whole article, were this to be school I’d give Eircom a passing grade, but not a great one. Say a high D or a low C.

[tags]Eircom, Netopia, WEP, WPA[/tags]

Read more

Tagged with: home routers • internet service providers • vulnerability

This is a follow-up article to my earlier article Eircom Exposes Its Broadband Customers to Serious Security Risks. If you’re following the comments on that article you’ll see that I’m trying to bring these problems to Eircom’s attention. I haven’t gotten very far yet but I’ll keep updating those comments with what ever progress I manage to make. However, there has been another development that I feel I need to bring to people’s attention. This afternoon I was anonymously sent some very interesting information regarding yet another alleged hole in Eircom’s security. I MUST STRESS THAT I HAVE NOT VERIFIED THESE CLAIMS as to do so would involve attempting to break in to someone’s network and that’s illegal. However, should this prove to be true Eircom has yet another problem to fix. In this article I’ll start by explaining the alleged problem, then propose a simple solution, and end with some simple advice for Eircom customers who wish to protect themselves from these security vulnerabilities.

[tags]Eircom, Security[/tags]

Read more

Tagged with: vulnerability • home routers • internet service providers

I had heard complaints from people in the past that Eircom didn’t seem to do the whole security thing properly at all. I guess I just hopped they’d have sorted themselves out by now. They haven’t. I’m not sure if it’s down to incompetence or just not caring about their customers, but, in my book there are no valid excuses for leaving your customers exposed. Eircom have chosen to give their customers a wireless router. This makes things a lot simpler for the customer since it means they don’t have to go messing around with cables and such, but it potentially opens them up to significantly higher security risks. In the relationship between an Internet Service Provider (ISP) and a customer, the ISP must be the one on top of security issues. The average broadband customer cannot realistically be expected to be a security expert. Customers can only be expected to follow instructions from their ISP, and they have every right to assume that these instructions will not expose them to serious risks. Having gone through the process of setting up Eircom broadband for my grandfather last weekend I can tell you they are totally failing to protect their users by instructing their customers to set up their networks in a way that is highly insecure.

[tags]Eircom, Broadband, Ireland, Security, WEP[/tags]

Read more

Tagged with: home routers • internet service providers • vulnerability

In my rather long post on JavaScript security on the 15th I described a possible future scenario where JS could be used to attack home broadband routers. I was off sick last week so this morning I was catching up on some RSS feeds I subscribe to and was shocked to see the follow advisory issued on the 16th by US CERT:

In an announcement made yesterday, security researchers at
Symantec and Indiana University School of Informatics revealed
that they had uncovered a serious new security threat targeting
home broadband routers. The attack, dubbed Drive-By Pharming,
allows an attacker to change the configuration of a home router
when a user unknowingly visits a malicious website. The website
employs malicious JavaScript code that allows an attacker to log
into many types of home routers if the default password has not
been changed. Once logged in, the attacker is able to change the
configuration of the home router, including the Domain Name
Server (DNS) server settings.

This type of attack is particularly concerning for a few reasons:

• Simply viewing the malicious webpage is all that is required
  for a user to fall victim to this attack.
• Many home users fail to change the default password on their
  broadband routers. The Symantec report indicates that 50% of
  all users could fall into this category.
• Changing the Domain Name Server (DNS) server settings allow
  an attacker to redirect the home user to a DNS server of
  their choice. This includes a malicious server set up by the
  attacker to direct users to other malicious websites, where
  information such as financial account numbers, passwords,
  and other sensitive data can be stolen.

Symantec notes that the best defense against this type of attack
is for home users to change their default password. The
following links provide support resources for three of the more
common home router vendors:

• D-Link
• Linksys
• NETGEAR

US-CERT cautions users to avoid clicking on links sent in
unsolicited emails. Users should also remain cautious when
browsing the web and avoid visiting untrusted sites. More
information can be found in Securing Your Web Browser document.

To learn more, or to view a flash-animation of the attack, visit
Security Response Weblog.

This is pretty much exactly the scenario I warned about and it’s happening for real in the wild, NOW! If you have a broadband router make sure you change it’s password and give serious consideration to only enabling JS on sites that need it and not just surfing with JS on all the time. The threat is no longer hypothetical!

Tagged with: home routers • vulnerability • JavaScript