Home routers vulnerable due major OpenSSL bug

We’ve just posted the following news: Home routers vulnerable due major OpenSSL bug[newsimage]http://static.myce.com//images_posts/2014/04/myce-opensll-heartbleed-95x75.png[/newsimage]

Not only servers but also home routers are vulnerable due to the Heartbleed bug in encryption software OpenSSL.

            Read the full article here: [http://www.myce.com/news/home-routers-vulnerable-due-major-openssl-bug-71095](http://www.myce.com/news/home-routers-vulnerable-due-major-openssl-bug-71095)

            Please note that the reactions from the complete site will be synched below.

Remote management disabled,no SIDD broadcasting,no wireless connections allowed from unapproved mac adresses en I change my router settings only via LAN…not much more else I can do as home user…:disagree:

[QUOTE=roadworker;2724841]Remote management disabled,no SIDD broadcasting,no wireless connections allowed from unapproved mac adresses en I change my router settings only via LAN…not much more else I can do as home user…:disagree:[/QUOTE]

That’s pretty much all you can do and enable the strongest encryption your router supports as well as strong passkey.

Nothing’s immune though as non-broadcasted SSIDs can be discovered with the right software and MAC addresses can be spoofed.

[B]Wombler[/B]

[QUOTE=Wombler;2724842]Nothing’s immune though as non-broadcasted SSIDs can be discovered with the right software and MAC addresses can be spoofed.[/QUOTE] Yes, these two settings won’t keep hackers out but they can be a p.i.t.a. for legitimate use, so it’s a bit like scratching your things so that thieves don’t want to steal them - you’re mostly punishing yourself. :smiley:

With decent (WPA2) security the old myth security measures are pointless, and without it, they are of dubious effectiveness.

If your router SSID is unbroadcast, clients have to “connect even when not broadcast” which makes it easier to hijack a client as the SSID they are looking for is easily detected. I’d also much rather the router “marks my channel” as I try to avoid clashing and hope other intelligent users would do likewise.

Mac filtering is also possible to evade by spoofing.

At best, those measures may deter a casual prober or a guest who has been given the key but who you no longer wish to have access

[QUOTE=Wombler;2724842]MAC addresses can be spoofed.[/QUOTE]
I remember hearing about hackers doing this to hijack paid Wi-Fi acess over unencrypted Wi-Fi. Basically, the way most paid Wi-Fi networks work (e.g. at airports, hotels, etc.) is that when someone buys an hour of access or logs in with a prepaid voucher/account, the Wi-Fi provider recognises the paying user by its MAC address. Once the user is logged in, a hacker just needs to sniff the network for Internet traffic (e.g. browsing Google, Facebook, etc.) and check the MAC addresses used for that data, then spoof the MAC address on their laptop to get Internet access.