Omit This Setup Step and Your Router Can Be Easily Compromised

Last time, I stressed having a NAT router–or router/firewall–between your PC and the Internet as a first line of defense. This is without question the first, most important security step, but it can be useless unless you have it properly configured; in fact, omitting one crucial first step can leave you even more vulnerable to attack that you would be without the device.

All routers come with a default username and password, often as simple as admin/admin (when I’m faced with a router I haven’t seen before, this is the first thing I try–and it often gets me in). Default settings are a good thing because if you ever forget your password, you can reset the router and take it back to square one. However, this is also a dangerous security risk; these defaults are well known and published on the Web. Three of the more widely used consumer routers, Linksys, D-Link, and Netgear, have recently been shown to be vulnerable to a JavaScript web page attack. Go to the wrong site and if you haven’t changed the default password, the attacker can change your router’s settings to send you to malicious websites. For example, you’ll think you’re looking at your bank’s login page, but it will be a fake look-alike that steals your account information as soon as you log in.

So, put this on your list as Security Maxim #3: Always change the default username and password of any configurable device you put on your home network.

Next time: You’ve changed your default router password; you still may be vulnerable.

Cheers!
The Geek