Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Critical security flaw discovered in millions of home routers

Add to del.icio.us     Digg this story Digg this

July 20, 2010

Click here to order the best dedicated server and at a great price.

A critical security flaw has been discovered in millions of home routers that creates an easy path for potential hackers to hijack Internet Explorer and Firefox browser sessions or hack directly into household networks and steal passwords and other private information.

Craig Heffner, a researcher and consultant at security firm Seismic, will soon detail the flaw and release a proof-of-concept tool at the Black Hat conference in Las Vegas, Nevada at the end of July.

The DNS rebinding-related security flaw affects routers from Linksys, Belkin, HP and Dell, among others.

But DNS rebinding isn't new and has been around for many years now. Heffner says he has discovered a new variant of the theme, which initially involves luring an Internet surfer into visiting a Web site containing malicious code.

The code in question uses a so-called "Jedi Mind Trick" to circumvent the same-origin policy, thereby allowing JavaScript-based malware and viruses to infiltrate into private home networks supported by the vulnerable routers.

The complex attack approach uncovered by Heffner involves either exploiting vulnerable hardware or taking advantage of weak hardware passwords.

A description of Heffner's talk, entitled "How to Hack Millions of Routers" on the Black Hat conference website, carefully explains and details how to recreate such an attack.

Heffner says it involves establishing an attack site which runs malicious script that means a visitor's own IP address is presented as one of the site's alternative IP addresses, thereby granting a trusted status to a malign site.

Most modern Internet browsers today are designed to specifically block earlier types of such attacks but not with this particular scenario, for reasons Heffner is due to explain at the Black Hat Conference.

Notebooks.com lists some sensible workarounds, such as downloading the latest firmware from router manufacturers and using strong and more secure passwords.

Many consumer routers can be exploited via DNS rebinding to gain interactive access to the router's internal-facing administrative interface.

Unlike other DNS rebinding techniques, this attack doesn't require prior knowledge of the target router or the router's configuration settings such as make, model, internal IP address, host name, etc, and does not rely on any anti-DNS pinning techniques either, thus circumventing existing DNS rebinding protections, and thus creating the security flaw right from the beginning.

We will keep you posted on this site as to when Heffner's full details will be available from the Black Hat conference in Vegas.

Add to del.icio.us     Digg this story Digg this

Source: Seismic Internet Security Inc.

Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.


You can link to the Internet Security web site as much as you like.


| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer



Install your server in Sun Hosting's modern colocation center in Montreal. Get all the details by clicking here.


Get your Linux or Windows dedicated server today.