ROUTER ATTACKS AND PREVENTION

BY:

Piyush Mittal

Nit Rourkela

WHAT IS ROUTER

• A router is an electronic device that interconnects two or more computer networks, and selectively interchanges packets of data between them.

HOW IT WORKS

TYPES OF ATTACKS

• WEP Cracking

• CSRF on web based router configuration

• Enumeration of private router data

• Packet sniffing, searching for sensitive data

WEP CRACKING

• Definition:

WEP (Wireless Encryption Protocol) is a protocol that adds security to wireless local area networks (WLANs) based on the 802.11 Wi-Fi standard. WEP is an OSI Data Link layer (Layer 2) security technology that can be turned "on" or "off." WEP was designed to give wireless networks the equivalent level of privacy protection as a comparable wired network.

Typical WEP encryption allows for of 64, 128, 192 &

in some cases 256 bit encryption. In each case

the actual key size is X - 24 bits. So 64 bit WEP

encryption has a 40 bit security key. The 24 bits are used as the IV (Initialization Vector). Together they form the RC4 “traffic key”. These

are then XORed with the plain text to form the encrypted cipher text.

FLAWS

• Because RC4 is a stream cipher, the same traffic key must never be used twice. The purpose of an IV, which is transmitted as plain text, is to prevent any repetition, but a 24-bit IV is not long enough to ensure this on a busy network. The way the IV was used also opened WEP to a related key attack. For a 24-bit IV, there is a 50% probability the same IV will repeat after 5000 packets.

CSRF on web based router configuration

• The more popular CSRF exploits work by having malicious code or a link on a Web page that gives the attacker access to a Web application that the user has already been authenticated to use. If the session is enabled in the browser (different tab), the attacker then has control of that particular Web application.

A real-world example of this is the ability of attackers to commandeer certain Web-based e-mail accounts. The

required steps to gain ownership are shown in the following example:

• I log into a Web-based e-mail account.

• I want to surf the Internet while waiting for an important e-mail, so I open a new tab in the browser.

• The Web site I surfed to contains hidden code. My surfing activates the code and sends a HTML request to my e-mail Web server. It just so happens that this request is to delete all my e-mail.

Packet sniffing, searching for sensitive data

• A packet analyzer (also known as a network

analyzer, protocol analyzer or sniffer, or for particular types of networks, an Ethernet sniffer or wireless sniffer) is a computer program or a piece of computer hardware that can intrcept and log traffic passing over a digital network or part of a network. As data streams flow across the network, the sniffer captures each packet and, if needed, decodes and analyzes its content.

PREVENTION OF THESE ATTACKS

• Configure your router to use WPA encryption

• Change the default password on your router

• Change the management port on your router to something non-standard (if supported)

Configure your router to use WPA

encryption

Change the default password on

your router

Change the management port on your router to something non-standard

Refrences

• www.wikkipedia.com

• www.securecomputing.com/SWAT/SWAT_web2.0ex.html

• www.sourcesec.com/Lab/soho_router_report.pdf

• www.Siemens.com/Answers

Thanks