Channel Marker

Feb 21 2007   10:32AM GMT

Cisco warns it’s not just home routers that can be pwned by pharmers

Brein Matturro Profile: Brein Matturro

Cisco Systems is warning that customers who don’t change the default names and passwords on routers are vulnerable to an exploit publicized by Symantec and Indiana University last week.

The technique, called drive-by pharming was originally thought to apply only to home-based wireless routers. Cisco now warns that other types of routers are also vulnerable to Javascript that can change the DNS coding of the router, thereby redirecting all its clients without their knowledge.

Pharming is a malware technique more sophisticated than phishing because it requires no conscious effort on the part of the user, and can even change the code on a victimized computer to re-route its Web requests without the knowledge of the user.

The solution is to change the default password as soon as the router is brought online, according to Cisco. But, since compromised laptops could also be the source of such attacks, it may also be necessary to check the machines of users who bring laptops home and work from routers they configure (or leave the configuration as the factory default) themselves.

The original version of this story appeared on TechTarget sister site SearchSecurity.com.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: