Router Vulnerabilities
Results 1 to 7 of 7

Thread: Router Vulnerabilities

  1. #1
    Junior Member
    Join Date
    Jul 2006
    Posts
    18

    Question Router Vulnerabilities

    In my organisation we have a number of routers. These are configured via telnet (which i know sends in clear text) and are not updated with security patches after vulnerabilties are released. Although these are secured with passwords, no logging is set up on these to monitor access. some of these accept dialup connections and other are used to router traffic between sites.

    Can anyone tell me what attacks are these routers vulnerable to? i'm guessing DOS attacks through people sniffing the clear test password and then screwing the config up, but could these also be vulnerable to someone diverting certain traffic elsewhere and operating at man-in-the-middle attack? or are there other types of attack that i should be more worried about?

    Thanks

    Thatch

  2. #2
    Yes, that's my CC number! 576869746568617's Avatar
    Join Date
    Dec 2003
    Location
    Earth
    Posts
    397
    What brand and model of router are we talking about, and what software/firmware version are they running? We can speculate all day long, but with specifics, we can give you a more thorough analysis that will be a targeted more to what you would actually be potentially vulnerable to.

    For example a Netopia R2020 router running firmare v4.11.3 will have different vulnerabilities than a Cisco 1720 running IOS v11.0.2, etc.

    CC
    Windows 9x: n. A collection of 32 bit extensions and a graphical shell for a 16 bit patch to an 8 bit operating system originally coded for a 4 bit microprocessor. Written by a 2 bit company that can\'t stand 1 bit of competition.


  3. #3
    Junior Member
    Join Date
    Jul 2006
    Posts
    18
    mostly cisco, but many different models.

    all i really need to know at this stage is the types of attack that are possible rather than specifics. i have a meeting soon which i would like to use the information i'm gathering to make my bosses aware that vulnerabilities exist even though we are beind a firewall. hopefully this will support my argument for proper training, policies and a user awareness programme.

  4. #4
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    why dont you just do a google search and do some reading

    http://www.google.ca/search?hl=en&sa...lities&spell=1



    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  5. #5
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    Off the bat, you're vulnerable to sniffing attacks on the router's credentials. Isn't that bad enough? Cisco recommends that you use SSH instead of telnet. There are tons of documents that can help you set this up.

    Personally, I use a management rail for infrastructure management.

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  6. #6
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    Originally posted here by thehorse13
    Off the bat, you're vulnerable to sniffing attacks on the router's credentials. Isn't that bad enough? Cisco recommends that you use SSH instead of telnet. There are tons of documents that can help you set this up.

    --TH13
    Yes. That is the first thing that came to my mind.

    Also, do you have ACLs that only allow access from certain machines/subnets?

    Cisco has quite a few vulnerabilities that allow compromise of the configs and DoS attacks depending on your featuresets.

    Security Forrest and Metasploit both have quite a few point and click or ready to run exploits in their databases.

    http://www.securityforest.com/wiki/index.php/Main_Page
    http://www.metasploit.com/

    Backtrack has a bunch of footprinting/enumeration/exploits already included in their live cd for various routers.

    http://www.remote-exploit.org/index.php/BackTrack
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  7. #7
    Junior Member
    Join Date
    Jul 2006
    Posts
    18
    Thanks for pointing me in the right direction guys, now i have a better idea what i'm looking for, i can go away and do some reading.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •