[clug] Drive-By Pharming Attack Could Hit Home Networks
kim.holburn at gmail.com
Sat Feb 17 14:33:19 GMT 2007
On 2007/Feb/17, at 1:12 PM, David Symons wrote:
> On 2/17/07, Kim Holburn <kim at holburn.net> wrote:
>> > Drive-By Pharming Attack Could Hit Home Networks
>> > 15th February 2007
>> > By Kevin Murphy
>> > ...
>> > The attack works because most of the popular home routers ship with
>> > default passwords, default internal IP address ranges, and web-
>> > based configuration interfaces.
>> > ...
> Out of the box, my router only allowed administration via the wired
> interface. Hopefully that's a fairly universal thing, making it a
> limiting factor on the effectiveness of this sort of attack.
Well many wifi routers I've messed with allow administration in the
clear on the wireless interface in their default config. It wouldn't
be hard for manufacturers to change the default. If that were the
major security risk around I'm sure pressure could be brought to
bear. The trouble is that they are a minor security risk compared to
Windows desktops and users.
IT Network & Security Consultant
Ph: +39 06 855 4294 M: +39 3342707610
mailto:kim at holburn.net aim://kimholburn
skype://kholburn - PGP Public Key on request
Democracy imposed from without is the severest form of tyranny.
-- Lloyd Biggle, Jr. Analog, Apr 1961
More information about the linux