[Gllug] Router & modem security

Bernard Peek bap at shrdlu.com
Fri May 7 21:22:30 UTC 2010


On 07/05/10 22:11, t.clarke wrote:
> Do these exploits rely on the routers being configured to permit remote
> management?
>    

Not necessarily. If you can run a script in a user's browser you can 
cause it to connect to the default address of the router (or the default 
gateway of the workstation), login using the default password and then 
enable remote access. If the user hasn't changed the defaults then their 
systems become wide-open.



-- 
Bernard Peek

bap at shrdlu.com

-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list