Router Attacks

The attack vectors

Your router is vulnerable to several attack vectors if you don't change the administrative password of your router. But even if you do change it, there are other vectors that attackers can use (drive-by pharming).

The UPnP attack vector
Drive-by Pharming
More information
It's likely there are more undiscovered attack vectors. :-(

Defensive measures

Change your router's administrative password: Use a strong password.
Turn off UPnP on your router when it's not needed: (You only need it on when you're adding new UPnP enabled devices to your network.) UPnP (universal plug and play) lets devices self-configure on your network. An attacker can use UPnP to redirect your browser to malicious sites or open a hole in your router’s firewall. You'll need to open your router's administrative interface from your browser to change UPnP settings.
Use OpenDNS as a pre-emptive measure: Your computer's TCP/IP options usually have natural priority over DNS addresses in external devices. By setting your computer's Internet protocol (TCP/IP) to use OpenDNS, you can override malicious DNS settings in your router, and usually, public hotspots. [instructions] [video] OpenDNS will also improve your computer's Internet connection performance, and provide other safeguards.
Update: Trouble using OpenDNS on some VPNs (virtual private networks) has been reported.

• wifi home
• wifi basics
• wifi router setup
• wifi & router security
:: key elements
• wpa2 and encryption
• wifi connection
• security at hotspots
• more wifi on the web

• home page
• navigating at this site

• search for things at this site
• map of this site

Basic Law of Construction: Cut it large and kick it into place.