Top Wi-Fi routers easy to hack, says study

[oj88]

Top Wi-Fi routers easy to hack, says study | Security & Privacy - CNET News

My router's not safe? Really?
"It is not a safe assumption to make that you're safe," Steve Bono, the company's CEO and principal security analyst, told CNET in a phone interview.

The report notes that all 14 of the devices had critical security vulnerabilities that could be exploited by a "remote adversary" and could lead to unauthorized remote control of the router.

Before you dismiss router hacks as exceptionally rare, it's important to note that they've been a small but growing segment of computer security threats. In 2011, one firmware vulnerability affecting six hardware manufacturers combined with two malicious scripts and 40 malicious DNS servers to attack 4.5 million Brazilian DSL modems, with the goal of stealing bank and credit card information.

Wi-Fi routers: More security risks than ever | Security & Privacy - CNET News

Even if your router is not specifically mentioned, it's likely to belong within the same category as the ones used in the report. Follow best practices when securing them. We can't pretty much do anything if it's a firmware vulnerability, but having an attack surface as small as possible still helps.

[jmpet626]

Sana safe din yung CDR-King Tomato flashed router ko.

[Syuryuken]

2-3 days ang hacking sa backtrack pag WPA/WPA2 pero pag WEP 30 mins lang hack na ang wifi mo

[oj88]

Sana safe din yung CDR-King Tomato flashed router ko.

That is exactly what you can do... Use third-party firmware. Tomato and DD-WRT are community-based and any vulnerabilities are usually quickly mitigated. I run DD-WRT on both my VPN and backup routers. My main router is an enterprise-class Cisco box which is unaffected by the abovementioned vulnerabilities.

[ess]

What F/W is currently used by the WiFi routers that PLDT provides?

I live in a townhouse compound that next to a squatter colony. Ang dami sa kanilang naka tambay sa labas ng compound namin gumagamit ng tablets.
I frequently check the MAC address list in my PLDT router and so far, okay pa naman.

I have a spare router lying around. I might just flash it with DDWRT or Tomato. Then I'll kill the WiFi on the PLDT modem and use my router instead.

[1D4LV]

What F/W is currently used by the WiFi routers that PLDT provides?

I live in a townhouse compound that next to a squatter colony. Ang dami sa kanilang naka tambay sa labas ng compound namin gumagamit ng tablets.
I frequently check the MAC address list in my PLDT router and so far, okay pa naman.

I have a spare router lying around. I might just flash it with DDWRT or Tomato. Then I'll kill the WiFi on the PLDT modem and use my router instead.

for this you can do a mac enrollment.
register mo lang yung mga allowed mac addresses ng mga devices nyo sa bahay to gain access.

[ess]

for this you can do a mac enrollment.
register mo lang yung mga allowed mac addresses ng mga devices nyo sa bahay to gain access.

Walang ganon sa security settings nung PLDT router.
The security settings of the PLDT WiFi router only allows me to rename the SSID, change the password and enable/disable the wifi.

[oj88]

^ True. Those Zyxel units that PLDT is dishing out to DSL subscribers are suspect also. Although mine is configured to do bridging, there's still no way to stop an attacker from "sniffing" the packets passing through if the Zyxel units were compromised. The likelihood of this ever happening is still probably low. However, as the event that happened in Brazil two years ago, this kind of illegal activity is becoming more lucrative and criminal hackers are becoming bent on exploiting any vulnerabilities that can get them significant financial gain.

[xninjax]

Walang ganon sa security settings nung PLDT router.
The security settings of the PLDT WiFi router only allows me to rename the SSID, change the password and enable/disable the wifi.

Kung may option ka to select encryption type.. Select WPA2 - AES and put a strong password(16+ chars mixed) depending on you paranoia

MAC address restriction can be easily bypassed

[ess]

Kung may option ka to select encryption type.. Select WPA2 - AES and put a strong password(16+ chars mixed) depending on you paranoia

MAC address restriction can be easily bypassed

Yep, it's currently set to WPA2/AES and I'm using a strong password.