77 Cisco routers vulnerable to drive-by pharming

Posted on Thursday, Feb 22 2007 @ 01:20 CET by Thomas De Maesschalck
Cisco warned users that 77 of its routers are vulnerable to a hack tactic:
Dubbed "drive-by pharming" by Symantec Corp. and university researchers who first publicized the danger in a paper, the attack involves luring users to malicious sites where a device's default password is used to redirect them to bogus sites. Once they are at those sites, their identities could be stolen or malware could be force-fed to their computers.

In an advisory posted Thursday, Cisco listed 77 vulnerable routers in the lines sold to small offices, home offices, branch offices and telecommuters. The advisory recommended that users change the default username and password required to access the router's configuration settings, and disable the device's HTTP server feature.

The paper, co-written by a Symantec researcher and two other researchers from Indiana University, urged a similar move by router owners.
Cisco advises its users to change the default username and password required to access the router's configuration settings, and disable the router's HTTP server feature.


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments