[clug] Drive-By Pharming Attack Could Hit Home Networks
michael.cohen at netspeed.com.au
Sat Feb 17 13:13:35 GMT 2007
On Sat, Feb 17, 2007 at 11:12:37PM +1100, David Symons wrote:
> Out of the box, my router only allowed administration via the wired
> interface. Hopefully that's a fairly universal thing, making it a
> limiting factor on the effectiveness of this sort of attack.
Thats not the point of the attack - its not that people can administer your
router through the wireless interface. The attack works by getting your
machine to request URLs from your router which submit form parameters to the
CGI administrative interface. So if your machine can admin the router, so can
the script kiddies... even on wire interfaces.
More information about the linux