Router Security warning
This attack is not that new - Symantec warned about it being theoretically possible last year, and it was first reported to have occured in January. It depends on a number of factors, the most important being that the user has not changed the default password of the router. An eMail is sent which contains an HTML IMG tag - the resulting GET request includes code to reprogram the router dns tables.
For it to work, a number of things must occur.
1/ You've got to get the eMail (so make sure your anti-virus and anti-spam software are up to date).
2/ You've got to have left your router with the default password. (So change the default password).
3/ You've got to have a router which is vulnerable to the attack.
4/ You've got to attempt to use the bank or other organisation which is the subject of the pharming attack.
I think samuria, your advice is just a little bit paranoid
The most important thing is to change the router password - even one character of a change would be sufficient to offer protection from this attack. (To be able to try multiple passwords, a hacker would have to execute software directly on your machine - if he can do that, then it's probably all over anyhow!) I would agree that in any case, users should use a strong password, but 12 alphanumeric characters should be enough. (Most hackers are not prepared to run a dictionary attack against a single host for days on end).
If the router is secure, then there's nothing wrong with using dhcp. Let's face it - anyone clever enough to get software running on your machine to hack a 12 character password is not going to need to change the router - why wouldn't he just add a few entries to your hosts file?
"Don't allow access to your router from the internet"? Most routers don't allow this by default, but in any case, provided you have a good complex password, it shouldn't be a problem.
Changing the default SSID will indeed conceal the make of the router - though most wireless attacks are not against the router, but against other equipment on the wireless network. Hiding the SSID is a waste of time - any competent hacker will find it anyhow. If you need to rely on hiding the SSID, you're in trouble. If you're using WPA with a complex key (something slightly longer than the name of your dog!), then it doesn't matter if the SSID is exposed or not - the hacker can see it, but without breaking your wireless encryption, he can't log on, so therefore he can't try any other vulnerabilities of the router.
I'm not sure how knowing the address at which someone has a router is any help to a potential hacker. (Unless of course they've used their dog's name as the router password!). (In any case, if I wanted to know which house near me was broadcasting a particular SSID, I'd just stick a directional aerial onto my wireless card, and swing it around to see what direction the signal was coming from. )
And finally - just because your paranoid doesn't mean their not out to get you!
For it to work, a number of things must occur.
1/ You've got to get the eMail (so make sure your anti-virus and anti-spam software are up to date).
2/ You've got to have left your router with the default password. (So change the default password).
3/ You've got to have a router which is vulnerable to the attack.
4/ You've got to attempt to use the bank or other organisation which is the subject of the pharming attack.
I think samuria, your advice is just a little bit paranoid
The most important thing is to change the router password - even one character of a change would be sufficient to offer protection from this attack. (To be able to try multiple passwords, a hacker would have to execute software directly on your machine - if he can do that, then it's probably all over anyhow!) I would agree that in any case, users should use a strong password, but 12 alphanumeric characters should be enough. (Most hackers are not prepared to run a dictionary attack against a single host for days on end).
If the router is secure, then there's nothing wrong with using dhcp. Let's face it - anyone clever enough to get software running on your machine to hack a 12 character password is not going to need to change the router - why wouldn't he just add a few entries to your hosts file?
"Don't allow access to your router from the internet"? Most routers don't allow this by default, but in any case, provided you have a good complex password, it shouldn't be a problem.
Changing the default SSID will indeed conceal the make of the router - though most wireless attacks are not against the router, but against other equipment on the wireless network. Hiding the SSID is a waste of time - any competent hacker will find it anyhow. If you need to rely on hiding the SSID, you're in trouble. If you're using WPA with a complex key (something slightly longer than the name of your dog!), then it doesn't matter if the SSID is exposed or not - the hacker can see it, but without breaking your wireless encryption, he can't log on, so therefore he can't try any other vulnerabilities of the router.
I'm not sure how knowing the address at which someone has a router is any help to a potential hacker. (Unless of course they've used their dog's name as the router password!). (In any case, if I wanted to know which house near me was broadcasting a particular SSID, I'd just stick a directional aerial onto my wireless card, and swing it around to see what direction the signal was coming from. )
And finally - just because your paranoid doesn't mean their not out to get you!