Nasty D-Link router security back door

The network is the forum.

Moderators: Steel, notfred

Nasty D-Link router security back door

Postposted on Mon Oct 14, 2013 6:55 am

http://www.techspot.com/news/54319-d-li ... tings.html

Fortunately it sounds like it is only exploitable from the LAN (Ethernet/Wi-Fi) side, not the WAN (Internet) side. However, if you are using one of the affected models to provide public Wi-Fi access this could open you up to having your router settings changed behind your back, especially now that the exploit has been publicized.

D'oh! :roll:

The gory technical details (site is slow, I think they're getting /.ed): http://www.devttys0.com/2013/10/reverse ... -backdoor/
(this space intentionally left blank)
just brew it!
Administrator
Gold subscriber
 
 
Posts: 36897
Joined: Tue Aug 20, 2002 9:51 pm
Location: Somewhere, having a beer

nasty industry wide epic failure of security for years now

Postposted on Mon Oct 14, 2013 7:24 am

This is just a drop in the bucket if you have been following things for awhile.

Most random crappy routers in joe blow's house are still running firmware with a known broken UPNP setup that can be backdoored from the WAN side, because joe blow does not update his firmware. Joe blow also runs WEP with the password on the sticker if that is the default configuration. Thanks many-of-isp-provided-boxes, stay classy! (30 seconds is too slow to crack, so lets use keys that are generated based on the broadcasted mac address so people can precalculate them...yeah that would be verizon fios standard procedure if you were wondering)

Even with updates, sticking with stock firmware is just polishing a turd. Given their terrible track records how do you know you aren't getting yet another backdoor, unintentional or otherwise? Actually, come to think of it, its a pretty safe bet that you are...

The solution is to pick any _WRT (minus DD, they ain't exactly great either) or roll your own cheap PC router with the consumercrap9000 turned into AP duties only.
blah blah blah signature blah blah blah
Bauxite
Gerbil Elite
 
Posts: 601
Joined: Sat Jan 28, 2006 11:10 am
Location: electrolytic redox smelting plant

Re: nasty industry wide epic failure of security for years n

Postposted on Mon Oct 14, 2013 7:44 am

Bauxite wrote:... or roll your own cheap PC router with the consumercrap9000 turned into AP duties only.

This is exactly what I finally did about 3 years ago, after having 2 consumer routers die on me in 5 years and a third one that got squirrely whenever there were more than 3 users accessing the Internet at the same time. :roll:

Used an old Socket 754 Sempron system with a CF card in one of these as the boot drive, and a cheap PCI NIC as the 2nd LAN port. Loaded a copy of Ubuntu Server on it and I have had no firewall/router issues since. The only time it ever needs rebooting is when I decide to install software updates and there happens to be a kernel update among them; as of today it was last rebooted 150 days ago. The only exposed service on the firewall box is SSH on a non-standard port with direct root logins disabled, so the surface area for potential exploits is very small; all maintenance/configuration is done via an encrypted SSH tunnel (the box is headless and buried behind piles of crap in the crawlspace, so there's no direct console access).

Yes, I know it uses more electricity than a consumer router. Oh well. Maybe when I have some time I will do some experiments to see if using a Rapberri Pi instead would noticeably impact Internet performance...
(this space intentionally left blank)
just brew it!
Administrator
Gold subscriber
 
 
Posts: 36897
Joined: Tue Aug 20, 2002 9:51 pm
Location: Somewhere, having a beer

Re: nasty industry wide epic failure of security for years n

Postposted on Mon Oct 14, 2013 7:58 am

just brew it! wrote:This is exactly what I finally did about 3 years ago, after having 2 consumer routers die on me in 5 years and a third one that got squirrely whenever there were more than 3 users accessing the Internet at the same time. :roll:

There's something to be said for living in a spot where if anyone is trying to vulture/hack my wide-open wireless, they're in my driveway and the dog is barking his fool head off. He may not be very smart, but he does keep track of anyone entering his domain.
There are people that embrace the Oxford comma and people who don't. Never get between these people when drink has been taken. I use the Oxford comma and always will. The rest can sod off.
Captain Ned
Global Moderator
Gold subscriber
 
 
Posts: 19749
Joined: Wed Jan 16, 2002 6:00 pm
Location: Vermont, USA

Re: Nasty D-Link router security back door

Postposted on Mon Oct 14, 2013 9:00 am

Captain Ned wrote:
just brew it! wrote:This is exactly what I finally did about 3 years ago, after having 2 consumer routers die on me in 5 years and a third one that got squirrely whenever there were more than 3 users accessing the Internet at the same time. :roll:

There's something to be said for living in a spot where if anyone is trying to vulture/hack my wide-open wireless, they're in my driveway and the dog is barking his fool head off. He may not be very smart, but he does keep track of anyone entering his domain.


How close is your nearest neighbor? Just because a cell phone doesn't see a signal doesn't mean that a decent antenna can't route their pedo fetish through your net.
Security through (real world) obscurity still isn't, but thats your choice :)
blah blah blah signature blah blah blah
Bauxite
Gerbil Elite
 
Posts: 601
Joined: Sat Jan 28, 2006 11:10 am
Location: electrolytic redox smelting plant

Re: Nasty D-Link router security back door

Postposted on Mon Oct 14, 2013 9:05 am

Bauxite wrote:How close is your nearest neighbor? Just because a cell phone doesn't see a signal doesn't mean that a decent antenna can't route their pedo fetish through your net.
Security through (real world) obscurity still isn't, but thats your choice :)

Several hundred feet, and I routinely check the local RF environment for 802.11 devices (built into the Tomato firmware). I'm on a main road so stopping on the side to vulture my wireless gets you nowhere as there's no place to stop except my driveway (cue the hyperactive hound).

I realize I'm a corner case here but I can get away with it as long as I live here. If I were closer to the rest of humanity rest assured that all defenses would be employed.
There are people that embrace the Oxford comma and people who don't. Never get between these people when drink has been taken. I use the Oxford comma and always will. The rest can sod off.
Captain Ned
Global Moderator
Gold subscriber
 
 
Posts: 19749
Joined: Wed Jan 16, 2002 6:00 pm
Location: Vermont, USA

Re: Nasty D-Link router security back door

Postposted on Mon Oct 14, 2013 9:41 am

Not good, but to keep it in perspective, here's the details with a list of affected routers -

http://techgeek.com.au/2013/10/13/d-lin ... iscovered/

DIR-100
DI-524
DI-524UP
DI-604S
DI-604UP
DI-604+
TM-G5240
MadManOriginal
Graphmaster Gerbil
 
Posts: 1364
Joined: Wed Jan 30, 2002 6:00 pm
Location: In my head...

Re: Nasty D-Link router security back door

Postposted on Mon Oct 14, 2013 9:50 am

I am in the same boat as the Captain here, but I know my router is one big piece 'o crap. Cannot get software upgrades through the DSL provider either. Now it seems the Wireless part drops at random intervals, which is exceedingly annoying.

Someone would need to be halfway up my driveway, even with a decent antenna. That wouldn't be suspicious... at all. With that said it doesn't prevent the drive-by delivery man, pizza dude, or whomever from stopping by while you are away.
liquidsquid
Minister of Gerbil Affairs
 
Posts: 2437
Joined: Wed May 29, 2002 9:49 am
Location: New York

Re: Nasty D-Link router security back door

Postposted on Mon Oct 14, 2013 7:26 pm

Bauxite wrote:Security through (real world) obscurity still isn't, but thats your choice :)


It does keep the idiots out though, and most wardrivers go for the low-hanging fruit.
NovusBogus
Gerbil XP
 
Posts: 410
Joined: Sat Jan 05, 2013 11:37 pm

Re: Nasty D-Link router security back door

Postposted on Mon Dec 02, 2013 1:57 pm

Looks like D-Link is patching this particular hole: http://www.net-security.org/secworld.php?id=16030
SecretSquirrel
Gerbil Jedi
Gold subscriber
 
 
Posts: 1643
Joined: Tue Jan 01, 2002 6:00 pm
Location: The Colony, TX (Dallas suburb)


Return to Networking

Who is online

Users browsing this forum: No registered users and 3 guests