Courtesy: The H
Many modern routers are controlled through a built-in web server which presents a tempting point of attack. During his presentation at the Black Hat conference, security expert Craig Heffner described a new technique for gaining access to a router’s web front end…
However, attackers need to bypass the router’s access protection to launch a successful attack. An attacker can either achieve this via a guessable default password or, in situations where the router’s web interface happens to be open in a second browser page, through the open router page. Current recommendations by the German Federal Office for Information Security (BSI), which are generally also relevant if a user’s router isn’t vulnerable to this specific DNS rebinding attack, address this situation.
For example, the BSI recommends that the router’s web interface be given a separate, not easily guessed password, and that users always start a new browser session when accessing the router’s web interface – that is, users should close all existing browser windows, open a single new browser window and close this window again as soon as the router tasks have been completed. While this may seem unnecessarily complicated, it’s the only way to prevent external scripts from interfering. Users are also advised to check for router updates on a regular basis and install any updates they find. Finally, the BSI recommends that wireless networks should be protected with a dedicated WPA2 password.