[cryptome] Re: Is This a Hoax: Backdoor to Wireless Router

  • From: Andrew Hornback <achornback@xxxxxxxxx>
  • To: cryptome@xxxxxxxxxxxxx
  • Date: Fri, 4 Jul 2014 12:02:04 -0400


Changing/adding a password and changing the name of the network is more
than 90+% of the population can be bothered to do these days -which is what
makes them so susceptible...

NAT and firewall are a good start - I'm somewhat on the paranoid side
(being a life-long IT type guy) and I'm aspiring to implement a system
similar to the DISA's HBSS (Host Based Security Solution) that gets
deployed to all ADP assets in the DoD...

The way that my setup works is that the hub (a relatively dumb device, by
networking standards) is inserted between the ISP and the router - since
the ISP delivers my broadband connection as a pure Ethernet drop, I can use
the hub to connect another machine in, before the router level, and "sniff"
all of the traffic going back and forth.  Using a product like Wireshark
(free software, highly recommended, been using it for years), I can look at
all of the traffic that's leaving my network as well as what's coming in
from the ISP.  See where data is coming from, where it's going... full
transparency of all of the data going back and forth as well as the
content.  By dumping all of this over to a second machine that acts as a
simple recording and analysis system, I can track hacking attempts,
attacks, etc. and report them as needed.

--- A
"InfoSec - it pays to be paranoid..."

On Fri, Jul 4, 2014 at 7:38 AM, doug <douglasrankine2001@xxxxxxxxxxx> wrote:

>  Hi Andrew,
> Tx for the information...I had a look at the url you provided> I didn't
> really understand all this techy stuff and it is nice to have it explained
> in a language I can understand.  I have, on a number of occasions looked at
> my router, but I must say, apart from securing it with a password and
> changing the name of the network, I am frightened to touch any of the
> settings in the router in case I screw things up, so I leave it at the
> default position.
> I have a wireless router and a home network, and a number of devices such
> as computers, tablets, mobile phones and a printer and a back up disk which
> are connected to it on occasion.  I understand that the home network and
> the one connected to the ISP are separated by a NAT or firewall which is
> supposed to protect my home network from outside intrusion.
> What would be the benefit of putting in traffic analysis software and what
> kind of software would you recommend, and where would I put it...in my
> computer or on the phone line...In this area we have poor broadband width
> anyway so downloads and uploads are very slow.
> Dougie.
> On 03/07/14 19:34, Andrew Hornback wrote:
> Ryan,
>  Good points, but I think this might explain part of my tactic -
> http://www.asante.com/support/routerguide/faqs/hardwared.html
>  Understanding the differences between hubs, switches and routers is
> paramount to starting to understand TCP/IP...
>  --- A

Other related posts: