Can a hacker get through to my Lan from ADSL router?

Discussion in 'Computer Security' started by Cautious Joe, Mar 8, 2009.

  1. Cautious Joe

    Cautious Joe Guest

    I had my router set up with no security for a long long time, by
    mistake, and anyone could log on from the internet and get into the
    administrator account and change any settings.

    So suppose someone did log onto my router from the internet, could they
    do any real harm? (other than stealing my email address / password and
    deliberately knocking my system offline by changing settings).

    My question is, could a hacker who got into my router simply get onto my
    LAN and then into my pcs?

    The way I see it, there is no way that they could, but i just want to be
    100% sure to decide whether i might need to re-install my OS.

    Cautious Joe, Mar 8, 2009
    1. Advertisements

  2. Cautious Joe

    Bit Twister Guest

    What if they used your email account to create other accounts and/or sent
    threatening email to bank/mayor/police. :(

    cracker could change your router's DNS server's and route all your
    internet activity through their equipment.
    Depends on your computer OS. Route you through a malware distribution
    site which downloads malware onto your system and then gets control.
    I suggest using's free DNS servers, set as static, in/on your
    OS. That reduces the possibility of a router crack from causing you problems.
    Bit Twister, Mar 8, 2009
    1. Advertisements

  3. Cautious Joe

    macarró Guest

    site which downloads malware onto your system and then gets control.
    Wil using OpenDNS avoid my ISP logging my internet activities as well?

    I was wondering since I am not using my ISP DNS maybe they can not log
    what sites I visit.
    macarró, Mar 9, 2009
  4. Cautious Joe

    Bit Twister Guest

    It will make it somewhat harder to log them.
    Deep packet inspection would let them log whatever they like.
    Bit Twister, Mar 9, 2009
  5. Cautious Joe

    Cautious Joe Guest

    Thats a little far fetched. If a hacker has such big computing power to
    do that well fair play to him. Most normal people do not own machines
    that can replicate a DNS server :)
    In my case - with my current hardware, this is impossible. No one -
    including me is able to alter my router's DNS server settings, as they
    are hardcoded into the firmware. But if I get a new router, I might well
    try OpenDNS.
    Cautious Joe, Mar 9, 2009
  6. Cautious Joe

    Cautious Joe Guest

    I disagree. Remember, you are using your ISP's network to access the
    internet. That means that every packet that you transmit and recieve can
    easily be intercepted and inspected by them.

    In theory,If they wanted to monitor you all they need do is run a simple
    packet sniffing program for all traffic going to and coming from you.

    AFAIK in theory, they can only do that sort of thing with legal
    authority - but heaven knows what goes on in practice.

    The only protection against that kind of interception would be for you
    to use pgp encryption for your data. This of course would be useful to
    protect people at your ISP snooping on your emails. As for web-surfing I
    believe that Tor would give some protection from traffic analysis SO
    LONG as the websites you visited were OUTSIDE the network owned by your
    ISP. In other words, it would add so much extra data it would make it
    very very difficult for a ISP - without assistance from some other
    agency - to figure where you have been surfing.
    It does not even have to be 'deep': more along the lines of a manager
    simply telling a techician to run a filter against IP x.x.x.x.
    Cautious Joe, Mar 9, 2009
  7. Cautious Joe

    Bit Twister Guest

    Hmmm, maybe we have a terminology problem. Any desktop has enough
    horsepower to accept dns queries and do whatever the admin wants with them.

    It is no problem for me to add define anything I want in my zone file
    to return any ip I want using named (bind) dns server.

    Cracker can use axel/curl/wget/whatever to pull down, say any bank site,
    set bank's ip in named to be cracker's site.
    Next time user goes to bank site, they wind up on cracker's fake site.
    Cracker intercepts form responses, does whatever he likes, forwards
    those to real bank and user has no clue cracker is in the middle.
    Interesting, I thought adsl router's used dhcp to get a lease from their
    ISP which gave out the gateway to use and which DNS servers to use.

    What is the vendor and model number of your router.
    Bit Twister, Mar 9, 2009
  8. Cautious Joe

    Cautious Joe Guest

    Its a Siemens Gigaset SE587 - apparently the defacto tiscali
    router/modem & the DNS servers are set. They cannot be changed. Thats
    good from a security standpoint - but if they have network problems - it
    means i can never try to set an alternate route.

    I am going to invest in another router / modem so I can have more
    control over settings. Then I will follow your recommendation about open
    DNS... I am looking at some relatively cheap models which actually use
    open source firmware :)
    Cautious Joe, Mar 9, 2009
  9. Cautious Joe

    Bit Twister Guest

    You missed my point of setting DNS static on your OS. That way router DNS
    has no bearing on your day to day internet activity.

    Here is the link.
    Bit Twister, Mar 9, 2009
  10. Cautious Joe

    Cautious Joe Guest

    OK - so it seems i should do this in anycase - regardless of if im using
    openDNS..I will have to look into this tomorrow. I use mandriva as my os.
    thanks for this info
    Cautious Joe, Mar 9, 2009
  11. Cautious Joe

    Bit Twister Guest

    Then you modify the nic config file (/etc/sysconfig/network-scripts/ifcfg-ethX)
    or play with

    Mandriva questions might/can/will be answered in alt.os.linux.mandriva
    Bit Twister, Mar 9, 2009
  12. Cautious Joe

    Martin Guest

    You might have bigger problems than you think. Their shares were
    suspended today.
    Martin, Mar 9, 2009
  13. Cautious Joe

    Cautious Joe Guest

    humm, thats interesting - but it cannot really impact me because I am
    not a shareholder. I only use the services provided by the UK arm of
    tiscali. I understand that a deal to sell the uk tiscali arm to BskyB
    fell through cause they were asking for too much money.

    Ultimately, they will have to lower there asking price and sell. They
    have nearly 1.5 million customers so someone will buy the company at the
    right price. It is more likely than not that I will be able to continue
    using this ISP - irrespective of who the owners / shareholders are.

    If not - I would simply find another ISP. It is not really a 'problem'
    for me at all.
    Cautious Joe, Mar 10, 2009
  14. Cautious Joe

    Ari® Guest

    Wrong again, AssClown.
    Strike Two, AssClown.
    You're outta there, AssClown.

    How does it feel to be soooooo prolifically stupid?

    Ari®, Mar 15, 2009
  15. Cautious Joe

    Ari® Guest

    You're wrong.
    Ari®, Mar 16, 2009
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.