Securing Home and Small Business Routers

["US-CERT" <US-CERT () ncas us-cert gov>]

U.S. Department of Homeland Security US-CERT

National Cyber Awareness System:

Securing Home and Small Business Routers [ 
https://www.us-cert.gov/ncas/current-activity/2015/12/15/Securing-Home-and-Small-Business-Routers ] 12/15/2015 08:15 PM 
EST 
Original release date: December 15, 2015

Home and Small Business routers have become the ideal target for attackers seeking to gain control over a user's 
gateway to the Internet. Router misconfigurations (e.g., default credentials, interfaces open to the Internet) or the 
lack of security precautions (e.g., absence of updates) may make users susceptible to exploitation. Once an attacker 
gains unauthorized access to a vulnerable router, they may be able to obtain sensitive information from a user's 
computer or perform other attacks. Users and administrators are encouraged to review Security Tip ST15-002 [ 
https://www.us-cert.gov/ncas/tips/ST15-002 ] for guidance on how to secure home and small business routers.

Additionally, the Carnegie Mellon CERT Coordination Center (CERT/CC) continues to test small office and home office 
(SOHO) routers for vulnerabilities. US-CERT encourages users and administrators to review CERT/CC Router Vulnerability 
Notes [ https://www.kb.cert.org/vuls/byid?searchview&query=cpework ] for information on recently found vulnerabilities 
in some routers.

________________________________________________________________________

This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy 
& Use [ http://www.us-cert.gov/privacy/ ] policy.

________________________________________________________________________

A copy of this publication is available at www.us-cert.gov [ https://www.us-cert.gov ]. If you need help or have 
questions, please send an email to info () us-cert gov. Do not reply to this message since this email was sent from a 
notification-only address that is not monitored. To ensure you receive future US-CERT products, please add US-CERT () 
ncas us-cert gov to your address book. 

OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ 
http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ 
http://www.us-cert.gov/related-resources ] 

STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]