Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!


Linksys Wi-Fi router vulnerability discovered

Save your company's valuable data with Proxy Sentinel™ from Internet Security. Click here for all the details.

June 8, 2004

Cisco Systems has issued a patch for a security flaw in one of its Linksys routers that could give hackers access to consumers' home networks.


Alan Rateliff II, an independent security consultant, on Friday said he discovered a vulnerability in the Linksys WRTS54G 802.11g wireless router. The flaw gives hackers a free pass into the Web-based configuration page of the router when the firewall function is turned off.

When Rateliff originally tested the devices in March, he discovered that this vulnerability existed on two Linksys routers straight from the store. The default configuration on the products he tested used version 2.02.7 of the firmware, and they enabled access to the configuration page via ports 80 and 443.

When he tested new Linksys routers, using both firmware versions 2.02.7 and 2.02.2 earlier this week, he did not find the same flaw on routers that use the standard configuration settings. But he noticed that when the firewall is turned off on the devices, ports 80 and 443 are still open, allowing the configuration page to be easily accessed.

Allowing easy access to configuration settings on a router is a security risk. Hackers could change settings of the router to launch spam and virus attacks, without the victim ever realizing what is going on. Attackers could also gain access to devices attached to the router, such as laptops and PCs. With an open door into the network, attackers could target unprotected individual machines and infect them with worms and viruses.

"It's like giving a hacker a key to a locked door," Rateliff said. "There's no telling what he will do once he's inside. The scenarios are only limited by what we can imagine."

Rateliff added that broadband users on large national Internet service providers, such as America Online, could be the most vulnerable, because hackers tend to scan these DSL (digital subscriber line) and cable modem connections, looking for vulnerable targets.

"The larger the network, the larger the exposure to hackers," he said. For the most part, this problem exists only when the firewall function is turned off. Considering that most people concerned about security would keep the firewall turned on, this may not be such a big threat. But Rateliff warned that people should check to make sure that their settings are correct when they install the Linksys routers.

"You just have to be careful," he said. "There's no telling if someone else has changed the settings and then returned the product to the store. When you get it home, you have no way to know that the firewall has been turned off and that you're now exposed to this other problem."

The Linksys home networking gear is among the most popular on the consumer market. The brand has more than 20 percent market share in the home and small-business Wi-Fi market, according to Synergy Research.

Cisco posted a beta version of the new firmware on the Linksys Web site on Thursday night. The company said customers using this version of firmware should not experience the problem even when the firewall is turned off. Rateliff said he has not tested the beta version of firmware yet.

Source: C-Net News


Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.


You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet Security.ca 2003    Terms of use    Privacy agreement    Legal disclaimer