Jump to content

Home Router Security Report 2020


Recommended Posts

Rui Carlos

Um estudo um pouco assustador, mas não totalmente surpreendente, sobre a segurança da generalidade dos routers para o mercado doméstico.

https://www.fkie.fraunhofer.de/content/dam/fkie/de/documents/HomeRouter/HomeRouterSecurity_2020_Bericht.pdf

Citação

[...]

Conclusion
Our analysis showed that Linux is the most used OS running on more than 90% of the devices. However, many routers are powered by very old versions of Linux. Most devices are still powered with a 2.6 Linux kernel, which is no longer maintained for many years. This leads to a high number of critical and high severity CVEs affecting these devices.

Since Linux is the most used OS, exploit mitigation techniques could be enabled very easily. Anyhow, they are used quite rarely by most vendors except the NX feature.

A published private key provides no security at all. Nonetheless, all but one vendor spread several private keys in almost all firmware images.

Mirai used hard-coded login credentials to infect thousands of embedded devices in the last years. However, hard-coded credentials can be found in many of the devices and some of them are well known or at least easy crackable.

However, we can tell for sure that the vendors prioritize security differently. AVM does better job than the other vendors regarding most aspects. ASUS and Netgear do a better job in some aspects than D-Link, Linksys, TP-Link and Zyxel.

Additionally, our evaluation showed that large scale automated security analysis of embedded devices is possible today utilizing just open source software. To sum it up, our analysis shows that there is no router without flaws and there is no vendor who does a perfect job regarding all security aspects. Much more effort is needed to make home routers as secure as current desktop or server systems.

 

  • Vote 1
  • Thanks 1
Link to post
Share on other sites
apocsantos

Ainda bem que os flasho todos com DD-WRT ou Open-WRT! ;)

  • Vote 1

"A paciência é uma das coisas que se aprendeu na era do 48k" O respeito é como a escrita de código, uma vez perdido, dificilmente se retoma o habito"

Link to post
Share on other sites
thoga31

@apocsantos Recomendas algum tutorial para aprender a flashar um router ASUS? E entre DD-WRT e Open-WRT, recomendas algum deles em particular para um principiante? Com este estudo fiquei muito interessado em flashar o meu.

Knowledge is free!

Link to post
Share on other sites
Rui Carlos

Por norma os próprios sites do firmware (DD-WRT e Open-WRT) têm instruções para os diversos modelos suportados, com indicações sobre limitações e afins.  Os Asus costumam ser bons para trocas de firmware, pois se algo correr mal durante a troca é fácil de recuperar o router.

O DD-WRT deve ser mais fácil de usar.  Mas do que me lembro é menos modular que o Open-WRT.  Usei ambos num Asus RT-n16, e tenho a ideia que o Open-WRT era um pouco pesado (acabando por deixar o router menos responsivo).  Contudo, o maior problema do Open-WRT com routers recentes está no suporte para o hardware, pois tenho ideia que eles apenas usam drivers FLOSS.

  • Thanks 1
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site you accept our Terms of Use and Privacy Policy. We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.