Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Re: Can a router be 'infected'?

Reply
Thread Tools

Re: Can a router be 'infected'?

 
 
Leythos
Guest
Posts: n/a
 
      05-19-2009
In article <(E-Mail Removed)>,
DLipman~nospam~@Verizon.Net says...
> The Router itself can not be "infected" such there is malware now running on that
> appliance. It becomes compromised where it acts on behalf of the malicious actor's
> desires by altering its settings.
>


Many routers no permit uploading an OS or other to their firmware - so,
technically, I believe you could load an OS that would support a virus
or other.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
http://www.velocityreviews.com/forums/(E-Mail Removed) (remove 999 for proper email address)
 
Reply With Quote
 
 
 
 
Martin
Guest
Posts: n/a
 
      05-19-2009
David H. Lipman wrote:
> From: "Leythos" <(E-Mail Removed)>
>
>
> | Many routers no permit uploading an OS or other to their firmware - so,
> | technically, I believe you could load an OS that would support a virus
> | or other.
>
> You mean flash a new firmware ?
>
> It would NOT support a virus/malware. It would have to be malicious code embedded within
> the firmware image.


I don't see why you wouldn't call it malware, isn't that malicious code?

> The problem here is what model ?
> While you can do a dictionary attack on know passwords, you can't assume a particular
> model SOHO Router. There are so many models out there -- which one ?


True, but if you telnet or web-browse in and it says "Linksys 826e" in
the banner then it might well be worth trying admin/password There
are an awful lot of very badly configured home routers out there.

> To date, I have not heard of this occuring with *any* models.


I had a vague recollection reading about it around a year or so ago, but
must confess I can't find anything now, so maybe I didn't remember
correctly.
>
>

 
Reply With Quote
 
 
 
 
Leythos
Guest
Posts: n/a
 
      05-20-2009
In article <(E-Mail Removed)>,
DLipman~nospam~@Verizon.Net says...
>
> From: "Leythos" <(E-Mail Removed)>
>
>
> | Many routers no permit uploading an OS or other to their firmware - so,
> | technically, I believe you could load an OS that would support a virus
> | or other.
>
> You mean flash a new firmware ?
>
> It would NOT support a virus/malware. It would have to be malicious code embedded within
> the firmware image.
>
> The problem here is what model ?
> While you can do a dictionary attack on know passwords, you can't assume a particular
> model SOHO Router. There are so many models out there -- which one ?
>
> To date, I have not heard of this occuring with *any* models.


Me either, but, my thought was that if it can be programmed it can be
infected. I've seen many open-source replacements for Linksys routers,
it could be possible to compromise one at the firmware level.

--
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
(E-Mail Removed) (remove 999 for proper email address)
 
Reply With Quote
 
Todd H.
Guest
Posts: n/a
 
      05-20-2009

Yes, a router can be infected. See below.

"David H. Lipman" <DLipman~nospam~@Verizon.Net> writes:
> Yes, there are some 3rd party firmware for a couple of Wireless
> Linksys Routers. So there is the possibility that a malicious
> firmware could be conceived.


David,

You're a bit behind on this impression i'm afraid. It's way more than
a couple. And it's way more than Linksys:
http://www.dd-wrt.com/wiki/index.php/Supported_Devices

OpenWRT and Tomato are other popular third party open source firmware
distro's that are basically stripped down Linux for the broadcom
platform.

And to the original poster's question, yes, there are worms for
routers. dd-wrt main page has a link to the psybot worm:
http://www.dd-wrt.com/dd-wrtv3/index.php
specifically
http://www.dd-wrt.com/dd-wrtv3/commu...uter-worm.html


--
Todd H.
http://www.toddh.net/
 
Reply With Quote
 
~BD~
Guest
Posts: n/a
 
      05-20-2009
Todd H. wrote:
> Yes, a router can be infected. See below.
>
> "David H. Lipman" <DLipman~nospam~@Verizon.Net> writes:
>> Yes, there are some 3rd party firmware for a couple of Wireless
>> Linksys Routers. So there is the possibility that a malicious
>> firmware could be conceived.

>
> David,
>
> You're a bit behind on this impression i'm afraid. It's way more than
> a couple. And it's way more than Linksys:
> http://www.dd-wrt.com/wiki/index.php/Supported_Devices
>
> OpenWRT and Tomato are other popular third party open source firmware
> distro's that are basically stripped down Linux for the broadcom
> platform.
>
> And to the original poster's question, yes, there are worms for
> routers. dd-wrt main page has a link to the psybot worm:
> http://www.dd-wrt.com/dd-wrtv3/index.php
> specifically
> http://www.dd-wrt.com/dd-wrtv3/commu...uter-worm.html
>
>


Interesting snippets, Todd. Thank you!

--
Dave
 
Reply With Quote
 
Todd H.
Guest
Posts: n/a
 
      05-20-2009
"David H. Lipman" <DLipman~nospam~@Verizon.Net> writes:

> From: "Todd H." <(E-Mail Removed)>
>
>
> | Yes, a router can be infected. See below.
>
> | "David H. Lipman" <DLipman~nospam~@Verizon.Net> writes:
>>> Yes, there are some 3rd party firmware for a couple of Wireless
>>> Linksys Routers. So there is the possibility that a malicious
>>> firmware could be conceived.

>
> | David,
>
> | You're a bit behind on this impression i'm afraid. It's way more than
> | a couple. And it's way more than Linksys:
> | http://www.dd-wrt.com/wiki/index.php/Supported_Devices
>
> | OpenWRT and Tomato are other popular third party open source firmware
> | distro's that are basically stripped down Linux for the broadcom
> | platform.
>
> | And to the original poster's question, yes, there are worms for
> | routers. dd-wrt main page has a link to the psybot worm:
> | http://www.dd-wrt.com/dd-wrtv3/index.php
> | specifically
> |
> | http://www.dd-wrt.com/dd-wrtv3/commu...uter-worm.html
>
>
> Thank you Todd. You provided information that shows I'm NOT
> up-to-date and wrong.


I'm not sure what you're trying to say here David. I'm getting the
impression you're trying to refute something?

To clarify, my note of not being up to date referred only to the
quoted information regarding the scope of supported platforms for
third party open source firmware.

--
Todd H.
http://www.toddh.net/
 
Reply With Quote
 
Todd H.
Guest
Posts: n/a
 
      05-21-2009
"David H. Lipman" <DLipman~nospam~@Verizon.Net> writes:

> From: "Todd H." <(E-Mail Removed)>
>
>
>
>>> Thank you Todd. You provided information that shows I'm NOT
>>> up-to-date and wrong.

>
> | I'm not sure what you're trying to say here David. I'm getting the
> | impression you're trying to refute something?
>
> | To clarify, my note of not being up to date referred only to the
> | quoted information regarding the scope of supported platforms for
> | third party open source firmware.
>
> Todd, I am thanking you and saying ...
> You provided information that shows I'm NOT up-to-date and I'm wrong.
>
> I not refruting anything, I'm admitting my mistake.


Gotcha. Hard to read ASCII accents sometimes.


--
Todd H.
http://www.toddh.net/
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
I can ping the router but router can't ping me superkingkong Cisco 2 04-17-2010 01:59 PM
Can I uplink router to wireless router? 02befree Wireless Networking 4 02-22-2006 08:04 AM
Setting up a router with 29 Global IPs, BUT can't ping router internal interface from server or server interface from router war_wheelan@yahoo.com Cisco 1 12-14-2005 03:31 PM
router to router setup can it be done? Michael Bauer Wireless Networking 1 07-06-2005 01:35 AM
ReQ; Help having problem with cisco router 1602R the Lan part works cannot log on to configure so PC can access internet, router connects to T1 line thier is an alarm light on anyone can help smokin@aol.com Computer Support 4 10-30-2004 06:06 AM



Advertisments