linksys firewall router

Printable View

May 13th, 2003, 09:16 PM
Euclid

linksys firewall router

I have a linksys firewall router. I forget the model number but it is the standard everyday one.
Anyways, I have it set to allow me to connect and edit settings from a remote location. The thing is when I do I have to log in and the login box says :

Linksys BEFSX41

I would like that removed as to not really be able to identify what kind of router it is to the outside world.

I am thinking that is done via a .htaccess file wich will probably be in the linksys dir somewhere but I was kindof looking for a confermation of that or maybe someone that did it them selfs that could tell me about it
May 13th, 2003, 09:30 PM
Maestr0

LinkSys Router

I highly recommend you do not allow external access to your LinkSys router for the following reasons. Any decent portmapper such as Nmap will fingerprint it easily regardless of whether it announces itself or not and secondly Linksys routers dont really require a username only the password (at least that I know of) meaning someone can use a brute/dictionary attack on your router VERY easily and VERY quickly.

As an alternative allow a secure connection to a hardened linux box behind the router using port fowarding and once authenticated there you can use the linux box(having an internal address) to access the router.

-Maestro
May 13th, 2003, 09:41 PM
infosecguru2

Im with Maestr0 on this one. Also note that there have been recent vulnerabilities found with remote web administration on Linksys firewall/routers. Also, linksys doesn't provide any intrusion detection ability so all it takes is someone with an HTTP basic auth brute forcer like Brutus to brute force your password. If you need to remote admin, forward a port to an internal box with SSH and then connect to your router from there.
May 14th, 2003, 12:02 AM
t2k2

Ugh!!! At the risk of sounding redundant, do NOT use Remote Administration. You are inviting someone to brute-force your password, and believe me, it's really simple. If you can't setup a Linux machine behind the router to make the secure connection over the net, then configure it on your Windows box - if that's what you are working with. There are plenty of howtos for setting this up. Once you tunnel to this vpn server, you can administer the router from inside your network. Anyhow, you definitely want as secure a connection as possible when connecting to or behind your router.

Good luck.
May 14th, 2003, 01:49 AM
Highlander

Linksys Router

I use Linksys Routers for a number of my customers and I DO NOT USE Remote Admin
on the Linksys.
I use other methods which I will not go into to
manage the Routers.
Personally, The Linksys is a great piece of equipment
and I have not had any security problems with the Router...
As long as you use common sense....
May 14th, 2003, 02:01 AM
sickyourIT

also, and this is common sense, but dont' have your password be anything obvious. make it something silly like w00dr0w_W1ls0n or something. it may seem tedious, but the more complicated you make it, the more complicated it is for people to crack.

note: using words from foreign languages does work, but keep in mind that crackers don't all speak english...

just a thought.