Update Your Router Yet Again...

up-n-atom

DARKLY Regular
These major router vulnerabilities keep cropping up every 6 or so months but most users are unaware.

http://arstechnica.com/security/201...outers-vulnerable-to-critical-hijacking-hack/

PDF for the list of routers affected if you don't wish to read the article.

http://mis.fortunecook.ie/misfortune-cookie-suspected-vulnerable.pdf

If your router is listed and doesn't have an updated firmware you may want to look at what the WRT projects provide. These firmwares will void your warranty but it's not like these companies value it anyway.

Search for your model on the DD-WRT router database:

http://www.dd-wrt.com/site/support/router-database

Search for your model on the Tomato router database:

http://en.wikibooks.org/wiki/Tomato_Firmware/Supported_Devices

Shibby Tomato:
http://tomato.groov.pl/?page_id=69
http://www.linksysinfo.org/index.php?threads/tomato-shibbys-releases.33858/

Asus RT series owners can check if their model is supported by Merlin:

http://asuswrt.lostrealm.ca/about

If you're looking for a new router please consider a more reputable vendor. Some suggestions with comparable pricing:

http://www.ubnt.com/products/
http://routerboard.com/

Remember it's not the hardware but the software and regular updates are important to the security of your home networks. Most consumer brands are throwaway products and they're marketability is valued in months not years.
 
Last edited:

$alvador

TD Member
Nice vid, it's a pretty sweet exploit but actually developing arbitrary functions to run ummm not so easy.
 

TinanaBoa

DARKLY Regular
I remember the Belkin routers going down a couple months ago.
Atom, are you suggesting updating the firmware only provided by the manufacturers [unmodified routers]?

I run DD-WRT and Tomato on my routers, should I update those to the latest version as well?
I'm running micro versions because of the limited ram they have, so I would like to avoid updating them if I don't have to.
 

up-n-atom

DARKLY Regular
Atom, are you suggesting updating the firmware only provided by the manufacturers [unmodified routers]?

Not a chance ;) Some devices don't have 3rd party support or the user doesn't know better. In that case they should update their firmware to the latest provided by the manufacturer. Below is why you need to update WRT forks.

I run DD-WRT and Tomato on my routers, should I update those to the latest version as well?
I'm running micro versions because of the limited ram they have, so I would like to avoid updating them if I don't have to.

There may or not be a benefit to updating to the latest version. If it's a matter of security then definitely, yes.

Misfortune Cookie is specific to RomPager and there is a list of affected devices. Other vulnerabilities for 2014 have been Shellshock (BASH), Heartbleed (OpenSSL), AiCloud (Asus Specific), and HNAP (Linksys E Specific) to name a few.

I couldn't tell you if your version of DD-WRT or Tomato are susceptible to Heartbleed. They are less likely to be susceptible to Shellshock because BASH is not installed by default, although, some packages do install it. Both issues have been patched in recent versions of DD-WRT and some Tomato Mods.

These two links may have an answer to DD-WRT and Heartbleed.

http://security.stackexchange.com/questions/55085/heartbleed-and-routers-asas-other
http://www.dd-wrt.com/phpBB2/viewtopic.php?t=260167

Shibby's Tomato has an announcement about patching Heartbleed in version 117.

For other Tomato mods you can read their release threads:

Victek Tomato
Toastman Tomato
Shibby Tomato

Too much fragmentation, it's hard to keep up with these SOHO routers that's why I don't use them but when I recommend something a bit better (nothing is perfect) I get shit on. I know all too well the problems that lie beneath these embedded firmwares because I develop and support a OpenWRT port for SCADA systems.
 
Last edited:
Top