Information Security News mailing list archives
Re: Popular Linksys Router Vulnerable to Attack
From: InfoSec News <isn () c4i org>
Date: Tue, 5 Nov 2002 06:06:42 -0600 (CST)
Forwarded from: Eric Lee Green <eric () badtux org> On Sunday 03 November 2002 11:29 pm, InfoSec News wrote:
http://www.eweek.com/article2/0,3959,663801,00.asp In many cases, there is no reason for the remote management interface to be enabled and disabling it serves as an easy defense against this problem.
More correctly, I should say that in ALL cases there is no reason for the remote management interface on a Linksys router to be enabled. This interface is a totally unencrypted web application that sends the system management password over the Internet in plain text. Any script kiddie with a password sniffer then gets access to your router -- and to your network. -- Eric Lee Green GnuPG public key at http://badtux.org/eric/eric.gpg mailto:eric () badtux org Web: http://www.badtux.org - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- Popular Linksys Router Vulnerable to Attack InfoSec News (Nov 03)
- <Possible follow-ups>
- Re: Popular Linksys Router Vulnerable to Attack InfoSec News (Nov 05)