An open source router built for security

Secure Networker

Article from Issue 196/2017

Home routers are known for weak security. Turris Omnia is an attempt to build a better router through the power of open source.

Hundreds of Internet routers inhabit the IT consumer marketplace. However, the little boxes that connect our home or work offices to the Internet are continually causing a stir. At the end of November 2016, 900,000 customers of a German telecom company were cut off from the Internet for hours – and even for days – because the Speedport router supplied by the company fell victim to a denial of service attack.

Strangely enough, the attack was not even intended for the routers. Instead, the attackers wanted to penetrate the vulnerable remote maintenance interface of a completely different device type. In order to exploit an existing vulnerability of the targeted routers, and thus integrate them into a botnet, the attackers indiscriminately flooded the Internet with port-knocking packets to open a communication channel to the affected systems.

An investigation revealed that the company had left port 7547/TCP wide open on the devices; customers had warned the company as early as 2014 of this potential and completely unnecessary vulnerability, but for whatever reason, many devices were still vulnerable.


Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Security and SOHO Routers

    Home and small office networks typically place their security in the hands of an inexpensive device that serves as a router, DHCP server, firewall, and wireless hotspot. How secure are these SOHO router devices? We're glad you asked …

  • Psyb0t Attacks Linux Routers (Update)

    A botnet named psyb0t has been nesting for a few months in consumer devices that run on Linux with MIPS CPUs, notably routers. Infested devices connect through a botnet over a private Internet Relay Chat (IRC) server to await commands.

  • Gaping Hole in DD-WRT: Router Software with Back Door

    The free router software DD-WRT opens in its version 24(SP1) a huge door due to a vulnerability in its HTTP daemon server.

  • Wireless LAN Security

    WLANs give you Internet access without a bird's nest of wiring. But if you don't take security seriously, you might find yourself with uninvited guests.

  • Configuring a Virtual Web Server

    A virtual server with a dynamic DNS service might just be the easiest way for a home user to implement an Internet website.

comments powered by Disqus

Direct Download

Read full article as PDF:

Price $2.95