Saturday, July 25, 2009

Full Spectrum Dominance

A friend asked, out of curiosity, why I was researching this topic... I was concerned that the open port (4567) could lead to malicious use of the router by those outside the U.S government and law enforcement. Specifically countries like North Korea who have been rumored to deploy large bot nets in order to cause wide scale denial of service attacks across the global information grid as well as China who has been reported as having hacked into many U.S. Government networks. If the default password for port 4567 is not changed it could lead to wide spread misuse, not just by foreign state sponsored entities but also by crime syndicates like those operating out of Eastern Europe, Russia, South America and even those within the continental U.S. Especially alarming is that this seems to be the default configuration on all Fios enabled ISP provided home gateway/routers. My bandwidth up is 20Mbps. Imagine having hundreds or possibly thousands of these nodes under the full control of an enemy of the state. The fact that the operating system is Linux 2.6 adds more to my concern because it is quite simple to write custom tools and scripts that would execute whatever code the malicious user wishes. There are hundreds of API libraries available for Linux and the complexity of the tools that could be written makes this apparent flaw even more noteworthy. The ability to compose custom network packets and the high bandwidth available are really the top two concerns. Another one of my friends understands the gravity of this situation, this blog is hopefully going to get some attention so the problem gets addressed.

1 comment:

  1. y halo thar... have you noticed that your config file is now encrypted (or encoded)

    i find it interesting that my router when out and updated itself.. and how the config is obfuscated/encrypted/whatever.

    higB -