[YLUG] Web sites hacking router [was: Re: Router]

[Harry Mills]

So in theory we should all use that separate browser we already use for
online banking etc (the one with no plugins, javascript turned off, run
as a completely unprivileged user with all history, temp files and
cookies deleted after each session and before starting etc) for our
routers as well.

Or just trust the sites we go to (depends on what you visit) I guess.

At the very least the router password should be changed but that should
go without saying.

On Mon, 2008-09-29 at 09:41 +0100, Craig Genner wrote:
> On Sun, 28 Sep 2008 23:01:30 +0100, "Alex Howells" <alex at howells.me> wrote:
> > 2008/9/28 Craig Genner <craig at tuxx.org.uk>:
> >> Doesn't matter, it's been proven that certain scripts can run on your
> > web
> >> browser that are used to access the router.  Because it's run from your
> >> browser on the local lan then it has access to the web interface of your
> >> router.
> >>
> >> These scripts can be put into a standard web page on any web server any
> > where
> >> in the world...
> > 
> > </tinfoil>
> > 
> > To be honest I think there are bigger risks than this to be looking
> > out for everyday.
> 
> Yes and no.
> 
> 1. User visits web site
> 2. Web site runs malicious script and logs into router
> 3. Web site opens ports on router (port forwarding or uPnP)
> 4. Malicious script alerts original web site
> 5. Orginal web site takes adantage of open ports to then attack pc direct
> and install 'stuff'
> 6. PC is then remote controled by...
> 7. Profit!
> 
> It certainly isn't high on my list, but it's up there.
> 
> Craig
> 
> 
> _______________________________________________
> York mailing list
> York at lists.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/york
-- 
Regards,
Harry Mills (mail at hjmills.co.uk)[http://hjmills.co.uk]{07935902814}

hackerkey://v4sw6HRUYhw6/7ln5
+8pr5FOPck5ma7/8u7FLw3DGNTUVWXm5l7ADUi52e6t4GLMRSTb8/9AHKLMOPSTen5aNs5MSr2p-2.75/-3.28g5ACGOPRTZ