Greetings from Def Con 22 – Improve your router security

As I covered this subject quite a few times here, Craig Young had a few good suggestions to improve your router security:

  1. Don’t enable remote management over the Internet
  2. Don’t use the default IP ranges. Predictable addresses make attacks easier. Rather than 192.168.1.1, consider 10.9.8.7 or something else which is not commonly used. This is a simple but effective technique for decreasing the likelihood of a successful attack.
  3. Don’t forget to log out after configuring the router. Not logging out can result in a situation where the web browser used to configure the router remains authenticated, which opens the door for attacks.
  4. Turn on AES backed on WPA2 encryption and turn WPS off. Regardless of the complexity of your WPA2 password, don’t forget to switch off WPS!
  5. Passwords matter: Default passwords are often the same for an entire product line or are generated from a common algorithm making a device easy prey for an attacker. It is imperative that you and other users change passwords rather than using defaults.
  6. Keep the router firmware up-to-date.

If you follow these six points, you are still on risk if your router vendor included some back-doors or ‘forgot’ to fix security issues with updates. However, it’s the minimum you should do yourself in order to increase your router security.

If you use Morpheus or Shodan from within my app, you will know that millions of users don’t.

Don’t trust the evil.
Regards,
Marcus