Ethical hacking: Attacking routers

Introduction

Routers are one of the most attractive points of a network for attackers to prey upon. These ubiquitous network devices often have more than one vulnerability, not to mention the effects that human error can have when administering these devices. 

This article will detail attacking routers from the ethical hacker’s perspective, including password-related issues, and will move on to more traditional router attacks that are not password-focused. Considering how common routers are on both enterprise and home networks, ethical hackers need to know about these attacks so they can better tighten security in their organization’s network defenses.

The elephant in the room

Routers have a major weakness and there is probably no technological measure that can remedy it — human error. Any enterprise router worth its salt uses a password, and unfortunately, many information security professionals and remote workers never change their default router password. The statistics say that the number of those who neglect the password change is 30% and 46% respectively, which is shocking (especially for the information security professional). 

Not changing your router’s password may be the biggest weak point on your organization’s router. Is that the sound of you changing it right now? I thought so. Don’t relax just yet, though — simply changing your default password is not enough to ward of router password attacks. For those using wireless routers (most are by this point), passwords can still be changed once data packets are captured by attackers. 

Wireless attacks

The password issue mentioned above has spurred an increase in wireless attacks. The main goal of these attacks to crack the password, normally by using default passwords and with dictionary cracks. 

The most popular tool used for this today is Aircrack-ng. Included in Kali Linux, this hacking program is a standalone (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Greg Belding. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/mmBZ1W2RCrE/