ASUS RT Wireless Routers Easy to Hack, Easy to Patch

[Marshall Honorof]

An inventive hack could hijack your entire Internet experience if you don't update your ASUS RT router quickly and carefully.

ASUS RT Wireless Routers Easy to Hack, Easy to Patch : Read more

 

[cklaubur]

I'm glad I put Tomato on my RT-N53, then.

Casey

 

[firefoxx04]

Tomato > OEM firmware.

Im running 2 RT-N16s, both with Tomato and I have not looked back.

 

[bit_user]

ASUS should sign their firmware images. That way, they couldn't be spoofed.

In order to preserve the ability to use opensource firmware on them, any firmware lacking a signature could present users with a warning and an option to install it anyway. Or maybe they could place an option on one of the admin pages to disable the check.

 

[Paul NZ]

Glad I don't own one

 

[phishdontlie]

Another reason to disregard default firmware. I get all the Asus routers for my IT projects from FlashRouters - http/www.flashrouters.com/routers/brands/asus because they pre-install and test open-source DD-WRT and Tomato firmware.

 

[goinginstyle]

This was fixed back in July, old news. And the process to target a particular router on earlier firmware plus enable the hack described is fifty times more difficult than a standard phishing attack using this site's credentials.

 

[wekilledkenny]

What idiot wrote this article?
"first find a friend with a different brand of router"
How about taking the ethernet cable out of the WAN port of the router and plugging it directly into a computer? Seems approximately 1e6 times better and simpler than "find a friend to update your router".

 

[bit_user]

What idiot wrote this article?
"first find a friend with a different brand of router"
How about taking the ethernet cable out of the WAN port of the router and plugging it directly into a computer? Seems approximately 1e6 times better and simpler than "find a friend to update your router".

Now you're giving up the security of the router and putting your box directly on the internet? Nice. Plus, my broadband provider used to make me call them when I replaced my router. The cable modem will only talk to that MAC address (though I could obviously spoof it). Maybe some still do this.