Computer and Mobile Software

computer and mobile software services

  • Home
  • Business
    • Internet
    • Market
    • Stock
  • Downloads
    • Dvd
    • Games
    • Software
      • Office
  • Parent Category
    • Child Category 1
      • Sub Child Category 1
      • Sub Child Category 2
      • Sub Child Category 3
    • Child Category 2
    • Child Category 3
    • Child Category 4
  • Featured
  • Android Software
    • Galaxy
    • Apple

Sunday, August 24, 2014

Gateway to your kingdom

12:33 AM  Gateway to your kingdom  No comments

Gateway to your kingdom: why everybody should check and update their broadband router

Gateway to your kingdom
Update your router's firmware for faster speeds, and greater security.
In a recent test of wireless routers for the home, I followed usual best practices and updated all the devices with the latest available firmware from the manufacturer before putting each one through its paces. But whether you've just bought a new router, or are about to, or are using a model that's already a few years old, you should be doing the same right now. In fact, and as boring as it may sound, it's definitely in your interest to check and update any router you use. 
Update your router for faster speeds
For the sake of performance testing alone it can be essential to literally get up to speed with the latest firmware build. Many router manufacturers release their product half­baked, it seems, with listed features missing, incomplete or unreliable.

In the case of a Linksys router on test, the WRT1900AC, it's listed as an 802.11ac device but a visit to the admin interface might lead you to think otherwise – there are no settings to adjust core parameters of the new higher­speed 11ac protocol. Typical tweaks like width of radio channel, and which legacy protocols to support are strangely incomplete. All we saw there was a choice of 20 or 40 MHz channels (draft 11ac is founded on 80 MHz channels) and a choice of 11a or 11n protocols; but no 11ac. A Linksys spokesman assured us the router does work with 11ac providing you don't touch any of these settings.But whether you surf at home at 500 Mb/s or just 50 seems academic when the bigger issue is about the fundamental security of your router. You can run all the anti­virus software and firewalls you like, but if your home router leaves the back door wide open, anyone and everyone can walk in.Cisco is one company known to make routers that have included such problems, as documented by its advisory warning in January this year (advisory code cisco­sa­20140110­sbd), which explained how the firmwaredesigners created what's been euphemistically termed an Undocumented Test Interface – a backdoor hidden only by obscurity on port 32764 whichallows an attacker to gain unauthenticated root access. In other words, theycan own the router and play god over all that it routes. Which is to say, everyPC, laptop, tablet and phone in your home.For someone with the necessary intent, a fiddle with your DNS settings is allthat's required to divert your visit from https://www.natwest.online.banking.co.uk to a facsimile site that instead will happily accept your login credentials, for surreptitious use later.

Who makes your router?
Cisco is far from alone. In fact there's sometimes a theme of insecurity in numbers, especially when different router manufacturers rely on using the same kit or code from other vendors. It was January this year that enthusiast security researcher Eloi Venderbeken published findings that Cisco, Linksys (then a sub­brand of Cisco), Netgear, TRENDnet, Belkin and other lesser known brands all suffered the same backdoor vulnerability.Further research suggested the common thread was that all affected routers were in fact made by another company entirely, Sercomm of Taiwan/China, that builds these devices for the better­known companies. Even if you trust a big brand name, be aware that it is possible they don't know exactly what's being sold in their name since are not required to test fully what they're reselling.In July last year, Independent Security Evaluators (ISE) published a report which explored the issue of insecurity in SOHO (small office/home office) routers. In other words, just the kind of consumer- and enthusiast routers that we test and review over at PC Advisor. The researchers looked at 10 routers from familiar names such as Asus, Belkin, D­Link, Netgear, TP­Link and TRENDnet.In what the researchers describe as a less-than-exhaustive study, they found 55 new, previously undisclosed vulnerabilities. Many of the routers shared the same vulnerabilities since they were based on the same common design again, despite sporting different company badges.More recently – last week as I write this in mid­August 2014 – the results of a hacker competition at Defcon 22 were revealed. In a challenge entitled SOHOpelessly Broken presented by ISE and the EFF, the first stage revealed another 15 0­day vulnerabilities in popular modern routers from Asus, Belkin, D­Link, Linksys and Netgear.Less frequently evaluated in penetration tests of domestic router is the security of unofficial firmware – the open­source alternatives to the commercial software already installed on every router. There are now several projects to port special builds of Linux to popular home and office routers, under names such as OpenWRT, DD­WRT and Tomato. These areenthusiast­led collaborative projects from technically skilled router users who are fed up with closed­source and leaky software on the gateway to their kingdoms. As open­source software, source code is available for any interested party (white hat or black) to scrutinise, there's potentially more scope for finding bugs – as well as exploiting them.These are typically ongoing projects, with rolling updates that would paralyse a ‘normal' home user with their frequency. We wouldn't necessarily recommend an open source­patched router in a group test of home routers, which is why they were tested only with the installed firmware, even if manufacuters such as Netgear and Linksys add ‘open­source support' to theirproducts' features lists.The example of open­source firmware in that last challenge did in factsurvive the hacking onslaught, the EFF's own Open Wireless Routerfirmware.But good security advice remains to check your router's firmware and updatewhen patches as soon as patches become available. Who knows, maybeyour router maker has closed some of the gaping holes revealed in the past few disclosures?Update your router's firmware for faster speeds, and greater security.In a recent test of wireless routers for the home, I followed usual best practices and updated all the devices with the latest available firmware from the manufacturer before putting each one through its paces. But whether you've just bought a new router, or are about to, or are using a model that's already a few years old, you should be doing the same right now. In fact, and as boring as it may sound, it's definitely in your interest to check and update any router you use. Update your router for faster speedsFor the sake of performance testing alone it can be essential to literally get up to speed with the latest firmware build. Many router manufacturers release their product half­baked, it seems, with listed features missing, incomplete or unreliable.In the case of a Linksys router on test, the WRT1900AC, it's listed as an 802.11ac device but a visit to the admin interface might lead you to think otherwise – there are no settings to adjust core parameters of the new higher­speed 11ac protocol. Typical tweaks like width of radio channel, and which legacy protocols to support are strangely incomplete. All we saw there was a choice of 20 or 40 MHz channels (draft 11ac is founded on 80 MHz channels) and a choice of 11a or 11n protocols; but no 11ac. A Linksys spokesman assured us the router does work with 11ac providing you don't touch any of these settings.But whether you surf at home at 500 Mb/s or just 50 seems academic when the bigger issue is about the fundamental security of your router. You can run all the anti­virus software and firewalls you like, but if your home router leaves the back door wide open, anyone and everyone can walk in.Cisco is one company known to make routers that have included such problems, as documented by its advisory warning in January this year (advisory code cisco­sa­20140110­sbd), which explained how the firmwaredesigners created what's been euphemistically termed an Undocumented Test Interface – a backdoor hidden only by obscurity on port 32764 whichallows an attacker to gain unauthenticated root access. In other words, theycan own the router and play god over all that it routes. Which is to say, everyPC, laptop, tablet and phone in your home.For someone with the necessary intent, a fiddle with your DNS settings is allthat's required to divert your visit from to a facsimile site that instead will happily accept your login credentials, for surreptitious use later.
Who makes your router
Cisco is far from alone. In fact there's sometimes a theme of insecurity in numbers, especially when different router manufacturers rely on using the same kit or code from other vendors. It was January this year that enthusiast security researcher Eloi Venderbeken published findings that Cisco, Linksys (then a sub­brand of Cisco), Netgear, TRENDnet, Belkin and other lesser known brands all suffered the same backdoor vulnerability.Further research suggested the common thread was that all affected routers were in fact made by another company entirely, Sercomm of Taiwan/China, that builds these devices for the better­known companies. Even if you trust a big brand name, be aware that it is possible they don't know exactly what's being sold in their name since are not required to test fully what they're reselling.In July last year, Independent Security Evaluators (ISE) published a report which explored the issue of insecurity in SOHO (small office/home office) routers. In other words, just the kind of consumer- and enthusiast routers that we test and review over at PC Advisor. The researchers looked at 10 routers from familiar names such as Asus, Belkin, D­Link, Netgear, TP­Link and TRENDnet.In what the researchers describe as a less-than-exhaustive study, they found 55 new, previously undisclosed vulnerabilities. Many of the routers shared the same vulnerabilities since they were based on the same common design again, despite sporting different company badges.More recently – last week as I write this in mid­August 2014 – the results of a hacker competition at Defcon 22 were revealed. In a challenge entitled SOHOpelessly Broken presented by ISE and the EFF, the first stage revealed another 15 0­day vulnerabilities in popular modern routers from Asus, Belkin, D­Link, Linksys and Netgear.Less frequently evaluated in penetration tests of domestic router is the security of unofficial firmware – the open­source alternatives to the commercial software already installed on every router. There are now several projects to port special builds of Linux to popular home and office routers, under names such as OpenWRT, DD­WRT and Tomato. These areenthusiast­led collaborative projects from technically skilled router users who are fed up with closed­source and leaky software on the gateway to their kingdoms. As open­source software, source code is available for any interested party (white hat or black) to scrutinise, there's potentially more scope for finding bugs – as well as exploiting them.These are typically ongoing projects, with rolling updates that would paralyse a ‘normal' home user with their frequency. We wouldn't necessarily recommend an open source­patched router in a group test of home routers, which is why they were tested only with the installed firmware, even if manufacuters such as Netgear and Linksys add ‘open­source support' to theirproducts' features lists.The example of open­source firmware in that last challenge did in factsurvive the hacking onslaught, the EFF's own Open Wireless Routerfirmware.But good security advice remains to check your router's firmware and updatewhen patches as soon as patches become available. Who knows, maybeyour router maker has closed some of the gaping holes revealed in the past few disclosures?

Email ThisBlogThis!Share to XShare to Facebook
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Social Profiles

TwitterFacebookGoogle PlusLinkedInRSS FeedEmail
  • Popular
  • Tags
  • Blog Archives

Popular post

  • Sound driver software for windows 7 free download
    Sound driver software for windows 7 free download I have no sound on my laptop. I am using windows7. I believe the sound software alr...
  • Driver Scape
    Driver Scape Windows Driver Download Center Driver Scape contains device drivers we manually collected from the official website of ...
  • Best Free Article Spinner
     Best   Free   Article   Spinner SweetPDF tool makes it possible for anyone to instantly convert many of the popular file formats (doc, ...
  • Easy PDF Converter
    Easy PDF Converter With a process as simple as its name, this software smoothly creates PDF documents from files in a variety of other fo...
  • Nero 7 100% Free Download Burning Rom.
    Nero 7 100% Free Download Burning Rom. Nero Burning Rom will let you have a new look at standard things. SecureDisc technology wi...
  • Powerful Data Restore Utility
    Data Recovery off Local & External Drive This particular facts recuperation software program uses by far the most potent reco...
  • data recovery software free
    data recovery software free The Most Powerful Free Android Data Recovery Software EaseUS MobiSaver intended for Google android Fre...
  • What is an software?
    What is an software? the programs and other operating information used by a computer. Software  means computer instructions or data. Anythin...
  • Qmobile E950 free java j2me apps mobile apps software
    Qmobile E950  free java j2me apps mobile apps  software   Safari Tiny allows you to carry ones whole World-wide-web experience on you...
  • Aadobe Photoshop 7.0 free Download
    Adobe Photoshop 7.0 free download Download Info: The program you want to download will be downloaded through Brothersoft Down...
Powered by Blogger.

Total Site Visits

Test Footer

AMT-APK

Recent Posts

Test Footer 2

  • Home

 
Copyright © 2011 Computer and Mobile Software | Powered by Blogger
Design by NewWpThemes | Blogger Theme by Rehmat Jan - Distributed by: free blogger templates 2011 fashionblogger template | breaking news site allgbnews.blogspot.com