Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[jclarkw]

More paranoia:  I'm trying to determine whether my new DIR-645 is vulnerable to a 2010-vintage attack that easily exposes the router's administrative-login page if the router "routes" traffic sent to its WAN IP, apparently from within the LAN, to its LAN IP (if I understand it correctly).  There's an interesting article on this exploit at "http://www.esecurityplanet.com/views/article.php/3911966/Improve-Network-Security-with-Better-Router-Security.htm.."  The author says, in part,

"It's easy to test if your router is vulnerable to this attack.
You can learn your public IP address at many websites...  Just enter this address into your favorite Web browser and see what happens...
If you get prompted for a userid and password, your router is vulnerable to this type of attack. If you get an error that the Web page can't be loaded, you're safe."

Question:  Do I understand correctly that the recommended test must be executed from a browser **inside** the LAN (in which case my old Linksys BEFSR41 **WAS** vulnerable)?  Or should the test be done from a browser **outside** the LAN (in which case the Linksys was **not** vulnerable)?

Thanks for any clarification of these instructions. -- jclarkw

[FurryNutz]

Yes, input the public IP address into your browser while you are connected on the LAN side of the router and see if you get anything. It should not appear or display the routers log in page. Now if you input the LAN side router IP address, then of course, you should get the routers log in page.

[jclarkw]

Yes, input the public IP address into your browser while you are connected on the LAN side of the router and see if you get anything. It should not appear or display the routers log in page.

You are right.  With F/W Ver.: 1.03 at least, this vulnerability does not exist. -- jclarkw

[FurryNutz]

Probably wasn't there in the shipping version of the FW either. 

Enjoy.