Checking Up on Products

When you configure your software and hardware to operate in a specific manner, how do you know they really perform as configured? Do you trust that the vendors have developed their products to operate properly? Of course you don't. Right? We all know that vendors, like everybody else, make mistakes.

A case in point appeared on the Bugtraq mailing list last week. A researcher discovered that some Linksys WRT54G wireless routers under some circumstances might expose the administration interface to the WAN interface (typically connected to the Internet), even if the routers are configured to disable remote administration.

So if you turned off remote administration and put the router on an Internet link, assuming the administration interface was disabled, a hacker could use the admin interface to break in. However, if you took a few minutes to probe the router from the WAN side, you might discover that the admin interface still answers even though it's supposedly disabled.

Linksys, a division of Cisco Systems, released a new beta version of the WRT54G firmware to correct the problem, so if you use the device, you might consider loading the beta firmware. You might also consider placing your wireless routers behind a firewall, even if your routers have a built-in firewall, to help minimize unwanted system exposure and unwanted access.

http://www.linksys.com/download/firmware.asp?fwid=201

A case in point for that suggestion pertains to another wireless router, the NETGEAR WG602, also mentioned on Bugtraq last week. Apparently, for some unknown reason, NETGEAR has integrated an undocumented administrator account into its router's firmware. The account can't be disabled, is accessible from the LAN and WAN sides of the router, and has a plaintext logon name and password that researchers have of course discovered. Anybody who uses the router is vulnerable to attack. If you have the router behind some other firewall that blocks access to its administration interface, then at least you're protected against attacks from the outside, but unauthorized users inside the local network could still log on to the router.

The Linksys router vulnerability apparently stemmed from a programming error and has been fixed. But I have no idea why NETGEAR would implement an undocumented administrator account. Maybe it was inadvertently left in place. Clearly, you shouldn't blindly trust products--you need to consider checking them to make sure they perform as expected.

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish