Is Your Office or Home D-Link Wifi Vulnerable?

Office IT, Office Network, , ,
16
Oct 2013

DLink_Router

An easy hack that affects D-Link routers has recently been discussed in this article from devttys0.com. The writer of the article, Craig, goes through the steps of how the exploit works in great detail. If you are running a D-Link router in your home or office, should you be worried? We will go over a summary of the exploit here.

What’s the problem?

In a nutshell, if someone is connected to your home or office network they can change the user agent, which tells the website a little bit of information about your computer, giving them access to change the main settings of your D-Link router. The user agent needs to be set to “xmlset_roodkcableoj28840ybtide” which is backwards for “Edit by 04882 Joel Backdoor”, further pointing to this being originally used as a backdoor to the D-Link settings.

dlink-admin-page

Once an attacker is connected to your D-Link settings they can change passwords, network settings and wireless settings. A hardware reset should fix you right up if you are attacked.

How can I check my home/office wifi?

The first thing you want to do is to flip your D-Link router over and check if the model matches any of the following:

DIR-100
DI-524
DI-524UP
DI-604S
DI-604UP
DI-604+
TM-G5240

Several Planex routers also use the same firmware:

BRL-04UR
BRL-04CW

Even if your model number is not listed, there is no guarantee the D-Link or Planex router you are running will not have the same or similar problem. The exploit was tested on a specific version of the D-Link router software but there is no note of it being fixed. The only way to be 100% sure your D-Link device is not affected is to try the exploit explained in the above article yourself, or ask your office/home IT support staff.

What to do if I am running an affected router?

You do have a few options if you are running a D-Link router that could be vulnerable.

1. Make sure the settings of your router are not accessible from the internet. This will help prevent attackers from the internet, but if someone is connected to your wifi or network in your home or office you are still vulnerable.

2. Replace your D-Link router with a model that is not affected. This may be the only guaranteed way to avoid becoming a victim.

Onsite PC Solution is based in San Jose California and provides small and medium sized business IT support.

Read More

Is Your Business Sharing Too Much Data?

Office IT, Office Network, ,
02
Oct 2013

 

Network_Cables

In this article from Information Weekly, Brian Barnier explains some steps businesses can take to make sure they aren’t making costly mistakes when it comes to social media and how internal data is handled.  He goes into specific details in the article, but the main points he emphasizes are:

1. Decide what data is important to you

For example private customer information, the details given out on social media websites, and data gathered from your various sales, marketing and accounting departments.

2. Look for all in one packages

Make managing the above data as easy as possible with programs or solutions that handle everything.  An all in one solution will save time and in the end money.

3. Automate

Taking the all in one packages one step further and automating how your business data is managed will avoid possible breaches and problems in the future.  You can do this through office policies or through a set of processes.

Check out the article here!

Read More
1 2 3 4