Are most home broadband routers secure ?

Add to my custom PDF

Owning Your Home Network: Router Security Revisited

Digital Subscriber Line (DSL) routers have become an essential part of home networks as they provide the gateway to broadband Internet. This gateway function also makes these devices important from a security standpoint. As the frontline of increasingly sensitive home networks, DSL routers become the subject ofan important question. Are they secure enough or can DSL manufacturers make changes toimprove the security of all home networks ?

Niemietz and Schwenk conducted a study on the security of home network routers. The researchers chose routers from ten different manufacturers, based on Amazon’s top ten most popular list, to study the security vulnerabilities of these inexpensive products.

To analyze the security of the routers, the researchers began the study by launching a number of different attacks at the router’s Web interface. The goal of each attack is to gain full control of the router and the user’s network. Once full control is gained, the attacker can change critical settings, make the network unavailable for a specific time and use the access to build botnets.

They used the techniques of Cross-Site Scripting, Cross Site Request Forgery and User Interface redressing to manipulate the victim to click on a malicious link or unknowingly share their user and password information.

In the process of analyzing the vulnerabilities of home routers, this study found that:

  • All tested routers were vulnerable to Web-based attacks, allowing the researchers to gain full access to the network through the router
  • All tested routers had identical default passwords
  • Eight out of ten routers were vulnerable to Cross Site Script (XSS) attacks
  • None of the tested routers had protection mechanisms in place against User Interface (UI) redressing.

By proving that cheap routers can be easily hacked, the researchers were able to produce a list of simple countermeasures for manufacturers to use in enhancing the security of their product.

  • Create randomly generated default login data. The attacker has a 55% chance of guessing the right login data due to common default passwords.
  • Minimize information leakage by using a randomly generated string for default naming printed on a label (ex. Router Login XXX rather than TP-Link WR841N)
  • Use only signed SSL/TSL certificates from a certification authority
  • Validate User input on interfaces as many attacks rely on input sinks, which are not properly validated
  • Use X-Frame Options to protect against attacks using iFramea
  • Set the window.name variable to a random value
  • Flag cookies

The implications of this study are not limited to DSL routers as many other devices share the web interface internet connectivity feature and possible vulnerabilities such as: network switches, smart TV systems, network-attached storage devices, etc.

This study gives a representative overview of the security of current home router Web interfaces, and the possibilities to gain full access through Web-based attacks. The flaws of these systems put home networks at risk. The countermeasures listed are well known; therefore this study is a necessary security evaluation for manufacturers and purchasers of DSL routers.

Home DSL Router security is poor and can be greatly improved by small changes made by manufacturers.