How secure are current routers? PC Magazine makes the check!
Poorly programmed firmware hits unprepared providers
Mirai is a wormfamily that has been looking for embedded Linux systems and is now using a variety of attack vectors. In November, a version made the round, which was tailored to a vulnerability in some Zyxel routers and exploited a bug in a remote maintenance protocol: A well-formatted time server entry succeeded in executing arbitrary commands on the Linux system of the Zyxel router. Now the affected speedports of the Telekom did not use any Linux, however they stumbled over the erroneously formatted time server and hung up. Where at the beginning of the worm wave at worst a once or twice a day an assertion attempted, it was at the peak of the wave (many affected routers of an Irish provider) about an attack per minute. So, if you restart your router, it was offline again after two minutes.
Types of security
The incident is not only a light on the approach of the providers (the telecom blocked incoming traffic on the port used late, the Irish provider EIR outgoing so far not at all), but also on the security of critical infrastructure against rather random attacks: where already one Non-targeted attack can cause a router to crash, there is a risk that a targeted attack can cause far greater damage. Critically, the DSL router can be viewed critically because, with the trend towards All-IP and LTE microcells, telephony is increasingly being routed through it - and in the worst case even emergency calls are not possible.
The test field: four times Linux, once proprietary
In English, security and security are differentiated: Security protects against malicious attacks, which means that they are vulnerable to vulnerabilities, which can be exploited, for example, to enter a networked network or to run malicious software. Safety refers to the protection against failures, ie the robustness of a system - even against misuse. We look at both aspects.
Today, Linux is the dominant operating system in the router area, but there are blatant differences in the way in which the implementation is implemented: especially with very cheap routers, often little adapted reference systems of the chipset manufacturer are used which are not or only reluctantly updated with security updates. These currently contribute to the poor reputation of Linux as an operating system for Internet-enabled devices. The more functions with a single router (different access modes, functionality of the USB interface), the more attention gets its own firmware: Firmware developed in the house is usually updated quickly in case of problems. The same is true for proprietary systems that are not based on Linux.
On the next pages, we will look at five current routers and make a security check.
No comments:
Post a Comment