An open source router built for security

Secure Networker

Article from Issue 196/2017
Author(s):

Home routers are known for weak security. Turris Omnia is an attempt to build a better router through the power of open source.

Hundreds of Internet routers inhabit the IT consumer marketplace. However, the little boxes that connect our home or work offices to the Internet are continually causing a stir. At the end of November 2016, 900,000 customers of a German telecom company were cut off from the Internet for hours – and even for days – because the Speedport router supplied by the company fell victim to a denial of service attack.

Strangely enough, the attack was not even intended for the routers. Instead, the attackers wanted to penetrate the vulnerable remote maintenance interface of a completely different device type. In order to exploit an existing vulnerability of the targeted routers, and thus integrate them into a botnet, the attackers indiscriminately flooded the Internet with port-knocking packets to open a communication channel to the affected systems.

An investigation revealed that the company had left port 7547/TCP wide open on the devices; customers had warned the company as early as 2014 of this potential and completely unnecessary vulnerability, but for whatever reason, many devices were still vulnerable.

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • OpenWrt with Mwan3

    Redundant Internet uplinks are standard on big corporate networks, but they are still the exception for the home and small-office sector. If you're ready to experiment, you can set up redundant Internet connections on your own home router with OpenWrt and the powerful Mwan3 extension.

    more »
  • WebThings

    The smart home is gaining momentum, and Mozilla joins the fray. Mozilla WebThings is billed as an open platform for managing IoT devices. We decided to investigate.

    more »
  • Security and SOHO Routers

    Home and small office networks typically place their security in the hands of an inexpensive device that serves as a router, DHCP server, firewall, and wireless hotspot. How secure are these SOHO router devices? We're glad you asked …

    more »
  • Psyb0t Attacks Linux Routers (Update)

    A botnet named psyb0t has been nesting for a few months in consumer devices that run on Linux with MIPS CPUs, notably routers. Infested devices connect through a botnet over a private Internet Relay Chat (IRC) server to await commands.

    more »
  • Gaping Hole in DD-WRT: Router Software with Back Door

    The free router software DD-WRT opens in its version 24(SP1) a huge door due to a vulnerability in its HTTP daemon server.

    more »
comments powered by Disqus