[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 09/11/17 20:19, mr meowski wrote:
Well, I have certainly opened a can of worms here. I will have a read through the above, thanks. And I must decide what to do next. Some SOHO routers are very pricey, and yet you tell me they are all a load of rubbish. That does not make things easy. At least my desktop does not use wifi. This has all made me feel very worried about the whole shebang. It seems that, even if I had remembered the password, it is all just a mess anyway.On 09/11/17 19:48, Neil wrote:I suppose, since I have had this router for nearly four years, I could always get a new, and hopefully better, one. Or are they all as bad as each other?The vast majority of SOHO modem/router boxes, especially ones tinkered with by ISPs, are absolutely terrible in terms of security, yes. There are exceptions and reflashing your router with an opensource distro can definitely help but you might as well assume the entire class of products is unfit for purpose. Put a "proper" firewall/gateway unit in between your router and your network and cripple the router to make it as "dumb" as possible - this usually entails putting it into modem mode rather than router mode if possible, disabling all functionality, remote admin interfaces, radio activity, the lot. Your router however is such a piece of crap it probably is due for replacement urgently - it has more holes in it than a sieve and if you haven't patched it for years you can pretty much just breeze through to completely compromising it in a couple of minutes. And so can anyone else. Here's two more insta-pwns: https://www.exploit-db.com/exploits/31617/ https://www.rapid7.com/db/modules/auxiliary/admin/http/netgear_soap_password_extractor Ouch. Cheers
Will follow up with all this later, Neil -- The Mailing List for the Devon & Cornwall LUG https://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq