Sunday, April 21, 2013

Vulnerabilities in SOHO Wireless Routers

A recent ISE study reveals that the most widely deployed SOHO wireles routers have serious security vulnerabilities.

You should definitely upgrade the firmware on your router and follow secure configuration guidelines. ISE recommended the following steps:

  • Make sure your firmware is up to date on a regular basis.
  • Make sure remote administration is turned off. (ie Don't allow wireless connections to manage the router.)
  • Disable all unused network services.
  • Restart your wireless router after performing administrative tasks.
  • Log out from the session and clear cookies from your browser after performing administrative tasks.
  • Select a non-standard LAN IP address range to protect against generic or automated attacks.
  • Verify that https is enabled for administrative functions.
  • Use AES encryption. WEP and TKIP have known vulnerabilities.
  • Use firmware only from the manufacturer's web site.
  • Use a secure administrator password including uppercase/lowercase/numeric/special characters, at least 12 characters in length.
  • If possible, restrict access to the wireless router from the firewall or main router.

No comments: