Leave a comment

Critical flaw unlocks millions of routers to hackers

Critical flaw unlocks millions of routers to hackers
Photo courtesy of Shutterstock

Securing your router is one of the most important things you can do for your digital security. A secure router keeps hackers and snoops off your wireless network and out of your computer and other gadgets.

Setting up router security isn't too hard either. Click here for the easy-to-follow instructions.

Of course, nothing is perfect and there are still some sneaky ways hackers can get around the basic security. Here are some of the things hackers can do and how to stop them.

There, that should do it to keep your network secure. Or at least it did before today.

Security company Rapid7 has discovered a serious flaw in an estimated 1.2 million routers. The flaw lets hackers see what's going on within your network, intercept outbound traffic or clog up a router with random traffic.

The flaw itself is fairly technical. It revolves around a feature built into many routers called NAT-PMP, which stands for "Network Address Translation - Port Mapping Protocol."

I'll give you the short version of what it does. Sometimes, you have gadgets on your network you want to access from outside your network - like a security camera, file server, media server or game server. NAT-PMP makes it easier to set up the connection.

In a world of perfect security, the only way to turn on and configure NAT-PMP is if you're already connected to your wireless network. However, it turns out that on some routers NAT-PMP is on by default and will let anyone outside the network configure it.

The result is that a hacker can snoop on and sometimes control things going on within your network, or that you're monitoring from outside the network. That includes snooping on your Internet browsing, re-directing your browsing to malicious sites, peeking at your security camera video or seeing what Internet-enabled gadgets you have in your home.

Unfortunately, at this time no one knows exactly what routers are affected. NAT-PMP is often a feature on Apple, ZyXEL, Linksys and Netgear routers, but the models that might have the wrong settings are unknown. There also might be routers from other companies affected.

Security firms are trying to make a list, but it's going to be slow going. In the meantime, you'll just have to check for yourself.

To check if you're affected, you'll need to log in to your router. Open your browser of choice and type in the router's IP address. You can find this in your router manual - click here to download the manual if can't find it.

Once you're inside, you'll need to poke around the settings looking for "NAT-PMP." You'll probably see "NAT" or "Network Address Translation" on its own as well. Don't worry about that.

If you see a setting about NAT-PMP and "external" or "untrusted" interfaces, you'll want to turn that option off and save the settings. This keeps hackers from making changes to NAT-PMP from outside your network.

If you don't see this setting anywhere, then you probably have nothing to worry about. However, you can also look at your "port forwarding" settings to make sure there's nothing on the list you haven't set up.

Anything on the list is a potential weak spot in your security if you don't know what it does.

Having a wireless router is no good if it has a weak signal. Here are some simple ways to extend your wireless network.

Next Story
Source: Mashable
View Comments ()
Cybercriminals terrorize federal judge. Now they've done something really scary
Previous Happening Now

Cybercriminals terrorize federal judge. Now they've done something really scary

The race to replace your wallet
Next Happening Now

The race to replace your wallet