-
Linksys Routers
:eek:
I had updated the firmware on my Linksys router, and the newer firmware comes with remote administration. This is all fine and good. however I had left my default password in, because no one really comes in to my network, the linksys is set to block wan requests, so its not visible to the basic user. Im sure it could be found if you really wanted to, but I wasnt aware that the REMOTE ADMINISTRATION is ENABLED by DEFAULT!!!
so after hearing this, I tried to access my linksys and what do you know?!
I was in!! :eek:
So I promptly changed my password.
then I got curious and did a scan on one of the local broadband ranges around here, and set it to report open 8080.
I found 4 open routers in 5 minutes.
So if some of you have linksys' routers and are NEW to this game, please change your password or disable remote admin!
Avenger
-
You run into that problem a LOT. Many admins don't change their password because "no one comes in to my network" ;) It isn't just linksys either. I have seen a lot of different systems like this.
btw, 8080 isn't just the linksys router remote admin port. It does have other uses also, so the others may not have been the same thing....although if you go to it, you can always check ;)
-
Re: Linksys Routers
On my Sitecom router remote management not enabled[also port 8080]
I only do firmware upgrade with a windows util.Never TFTP.[TFTP not enabled]
-
Linksys makes a great router, I'm playing with Gigafast as well since it has a print server for less than $100.00
What gigafast doesn't offer that Linksys does is a log viewer so you can better see what and who is hitting your network without logging onto the actual router. You can download it here , you want the logviewer.exe. Once you install it, point logging to 255 and you'll be all set. Much easier to read and more details are offered. I'm waiting for Gigafast to do the same yet I'm not holding my breath.
TC
-
linksys log viewers
There are a lot better activity loggers and viewers available for the linksys and any other network device that supports sending snmp traps. The one from linksys is very simple and does very little. There are products out there that will provide graphs as well as have built in explanations for a lot of the traffic you see. For the ones that can identify traffic they usually categorize the traffic into different threat levels. So you can see who is trying to backorifice you, as opposed to who is trying to ftp,http something.
-
Thank you Mohaughn, I didn't know that. I agree that the one from linksys was simple but it was still better than what comes standard with the router.
Could you please provide some links?
TC
-
yes I use linklogger for mine. its amazing how much it tells you :)
-
Here ya go. Would have put it in my original but didn't have the link handy. I believe link logger is one of the utils that I have used and found it to be very useful. If it is the one I'm thinking of, the graphing is really nice.
http://www.practicallynetworked.com/...m#linksys_util
There are several different loggers at this site, so you can pick the one that fits your needs. It is also pretty simple to code this type of logger if you need something really custom.
I would recommend that if you are not using SNMP on your network, that you disable it on all machines except for the logging machine. One the logging machine you should set SNMP traffic to only be accepted from the routers IP(usually 192.168.1.1). Do not think that because you are behind a firewall you are safe. You should use multiple layers of security.
Also apply the appropriate SNMP security patch from your respective vendor. A major flaw was discovered in SNMP and it spans almost every OS/device that uses SNMP.
-
Thanks Moughn!
I prefer a complete log and that's asking a lot of inexpensive routers, I'm hoping something works with the gigafast but I'm not holding my breath until I see a firmware update.
-
Quote:
Originally posted here by TechieChick
I prefer a complete log and that's asking a lot of inexpensive routers, I'm hoping something works with the gigafast but I'm not holding my breath until I see a firmware update.
Here ya go TC. This is a nice progy for Linksys. It has three modules. A watcher, reviewer, and a IP to URL. It's a nice progy. Just be sure to download the common controls for it and unzip them into the same folder as the progy as it won't function proper with the comms in the system32 folder.
Hope this helps.... :D
Dooh!!!!!!! Almost forgot the link.
http://www.sonic.net/~sraaii/wallwatcher/Index.html
