Home Networks Hackable Via Web Browsers, Researchers Find

by Thomas Houston , posted Apr 9th 2008 at 8:36AM

Engadget reports that Dan Kaminsky, a researcher at IOActive (a computer security company), has created a method to take control of routers, including those manufactured by Cisco's Linksys and D-Link. Called a "DNS rebinding attack," the maneuver uses JavaScript to force your Web browser to change your router's (the device connecting your computer(s) to the Internet) settings, giving a hacker access to your home Wi-Fi or wired network.

Interestingly, Kaminsky says that the problem isn't in the routers -- it's a Web browser issue. His work demonstrates how hackers could take advantage of the design flaws in Web browsers to gain access to your files and network. Hopefully, the technique's demonstration at the RSA Conference in San Francisco this week will raise awareness about these issues.

The good news is that the method isn't perfect because it only works on unsecured routers. What does this mean for you? If you haven't set up a strong password on your router yet, we recommend you do it as soon as possible -- here's a quick tutorial.

From Engadget and PC World

Related Links:

Filed under: Computers

Tags: router, security

Relevant Posts

Top Net Threats Right Now (32 days ago - 108 Comments)
Comcast Wants to Put Cameras In Your Home (46 days ago - 116 Comments)
Oklahoma Leaks 10,000 Social Security Numbers (25 days ago - 47 Comments)
What Happens When You Scam Back the E-Mail Scammers (6 days ago - 1 Comment)
Hackers Target Safari and Firefox Browsers (13 days ago - 4 Comments)

Subscribe to these comments

Reader Comments (Page 1 of 1)

Neutral

STNC @ Apr 16th 2008 12:43PM

NO WAY!!! I HAD NO IDEA!!!!

Duh

Add your comments

New Users

Name

E-mail

Current Users

E-mail:

Password

Remember Me

E-Mail me when someone replies to this comment

Add your comments:

Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.

When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.

To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.

Please note that gratuitous links to your site are viewed as spam and may result in removed comments. And yes, comments are moderated.

Weekly Webcomic Wrapup looks up at the stars Apple Wiimote-esque patent revealed Amazon and Gamestop offering God of War III pre-orders, claim March 2 release	TinEye image search engine launches public beta Innocent Spam: Displeased with the measurement of your Willy? eBay considers PayPal requirement, invites Australians antitrust scrutiny
Reminder, talkcast at 10 pm ET Sunday night AT&T: free iPhone wifi is coming at some point TUAW Best of the Week	Sprint buzz not shared by analysts Sunday Funnies: Loan offers with small print and big consequences The Wal-Mart Weekly: Examining shareholder resolutions, Part 2
Bid on Ken Levine autographed copy of BioShock Rumor: First Banjo-Kazooie 3 screens surface Guitar Hero III Muse DLC arrives on the XBLM	Your tax dollars at work, border guards hold up traffic to check out Challenger From the Awesome Files: V6 Miata auto-x weapon VW Rabbit gets a carrot from Consumer Reports