How Insecure Is Your Router?

How Insecure Is Your Router?

by
How Insecure Is Your Router?

Your router is the first point of contact between you and the internet. How much risk does it pose?
— Mike Bursell
Acknowledgements
Translated from | https://opensource.com/article/18/5/how-insecure-your-router | Author | Mike Bursell | Translator | qhwdw πŸ’Ž Total Translations: 125 Contribution Time: 240 days

Your router is the first point of contact between you and the internet. How much risk does it pose?

I have always disagreed with the saying on T-shirts that “127.0.0.1 is a unique place.” You might think it should be considered “home,” but for me, it should be “localhost is a unique place,” just like there are no two identical rings in the world. In this article, I want to discuss some broad issues: the entry point of the home network, which for most people is a cable or broadband router.1 The UK and US governments have just released a notice about “Russian” 2 attacks targeting routers. I estimate that this attack primarily targets institutions rather than homes (see my previous article “What Are State Actors and What Should We Be Aware Of?[1]“), but it serves as a warning for all of us.

What is the purpose of a router?

Routers are important. They are used to connect one network (in this article, our home network) to another network (in this article, the internet, through our internet service provider’s network). In fact, for most people, the so-called “router” 3 is capable of much more than we realize. “Routing” a bit is just as it sounds: it allows computers on the network to find a path to send data to external network computers β€” and vice versa when receiving data.

In addition to the router’s other functions, it is often used as a modem. Most of us 4 connect to the internet through phone lines β€” whether cable or standard phone lines β€” although the latest trend is to connect to homes via mobile internet. When you connect via phone lines, the internet signal we use must be converted into something else, and the return signal coming from the other end must also be converted. For those who remember the “dial-up” era, it’s that little box next to your computer that made a screeching sound when you went online.

However, routers can do many things, sometimes a lot, including traffic logging, acting as a wireless access point, providing VPN functionality for external access to your internal network, parental controls, firewalls, and so on.

Modern home routers are becoming increasingly complex; while state actors may not think about breaking into them, others might.

You might ask, is it important? If others can access your system, they could easily attack your laptop, phone, network devices, and so on. They could access and delete unprotected personal data. They could impersonate you. They could use your network to host illegal data or attack others. Basically, they could do all the bad things.

Fortunately, modern routers tend to be set up by internet service providers, meaning you can forget about their existence, and they will ensure they run well and securely.

So, are we safe?

Unfortunately, that is not the case.

The first problem is that internet service providers operate within a limited budget, and using cheap equipment allows them to maximize their profits. The quality of routers provided by internet service providers is declining. They are the preferred target for malicious attackers: if they know a specific model of router is installed in millions of homes, then finding motivation to attack that model is very valuable to them.

Other resulting issues include:

β—ˆ The process of fixing bugs or vulnerabilities is very slow. Upgrading firmware can incur high costs for internet service providers, so the fixing process may be very slow (if they plan to fix it).
β—ˆ Easily obtainable or default admin passwords mean attackers don’t even need to find actual vulnerabilities β€” they can log into the router.

Countermeasures

To enhance the security of the router that connects to the first hop of the internet, here’s a quick response checklist. I list them in order from simple to complex. Before making any changes to the router, be sure to save the configuration data in case you need to roll back.

β˜‰ Password: Absolutely, you must change your router’s admin password. You might rarely use it, so be sure to write it down somewhere. Since it is used infrequently, you might consider sticking the password on the router, as routers are usually placed in areas only accessible to authorized people (you and your family 5).
β˜‰ Allow Admin Access Only from Inside: Unless you have a good reason and know how to do it, do not allow any machines to manage your router from the external internet. There is such a setting on your router.
β˜‰ WiFi Password: Once you do point 2, ensure that the WiFi password on your network β€” whether set to your router admin password or something else β€” is a strong password. For simplicity, you may set a “friendly” simple password for guests connecting to your network, but if a malicious person nearby guesses that password, the first thing they will do is look for the router on the network. Since they are on the internal network, they can access the router (hence, point 1 is important).
β˜‰ Only Enable Features You Know You Need: As I mentioned above, modern routers come with a variety of cool options. Don’t use them. Unless you really need them and fully understand what they do and the risks of enabling them, doing so will increase the risk of your router being attacked.
β˜‰ Buy Your Own Router: Replace the router provided by your internet service provider with a better one. Go to your local computer store and ask for recommendations. You may spend a lot, but you might also find some very cheap devices that are better, more powerful, and more secure than what you currently have. You could also just buy a modem. Generally, setting up a modem and router is straightforward, and you can copy the configuration from the device your internet service provider gave you, and it should “just work.”
β˜‰ Update Firmware: I like to use the latest features, but this is often not easy. Sometimes, your router will prompt you for firmware updates. Most routers will automatically check and prompt you to update it the next time you log in. The problem is that if the update fails, it could have catastrophic consequences 6 or lose configuration data, which would require you to re-enter it. However, you really need to consider continuously monitoring firmware updates that fix security issues and updating them.
β˜‰ Switch to Open Source: There are some excellent open-source router projects that allow you to use open-source software to replace the firmware/software on your existing router. You can find many such projects on Wikipedia[2] and search for “router” on Opensource.com[3], and you will see many great options. Caution is advised for the cautious, as this will void your router’s warranty, but if you want real control over your router, open source is always the best choice.

Other Issues

Once you enhance the security of your router, your home network will become much better β€” this is an illusion; the reality is not so. How secure are your home IoT devices (Alexa, Nest, doorbells, smart bulbs, etc.)? How secure are VPNs connected to other networks? What about malicious hosts through WiFi, or malicious apps on your child’s phone? …?

No, you will never have absolute security. But as we discussed earlier, while there is no absolute “security,” that does not mean we should not strive to raise security standards to make it more difficult for bad actors to do bad things.

Footnotes

β˜‰ I wrote it simply β€” but keep reading, and we will get there.
β˜‰ “State-sponsored information technology actors from Russia”
β˜‰ Or, in the case of my parents, I guess it’s called “internet box.”
β˜‰ Here’s another one of those cases; I don’t want to hear in the comments that you are directly connected to the local backbone network with 1TB/s bandwidth. Thank you very much!
β˜‰ Perhaps not the entire family.
β˜‰ Your router is now a “brick,” and you can’t access the internet anymore.

This article was originally published on Alice, Eve, and Bob – Security Blog[4] and republished with permission.

via: https://opensource.com/article/18/5/how-insecure-your-router

Author: Mike Bursell[6] Topic: lujun9972 Translator: qhwdw Proofreader: wxy

This article was originally translated by LCTT and proudly presented by Linux China

Leave a Comment