We’re 4 days in from Cisco’s announcement of security vulnerabilities in some of their home networking products, and Rogers still has done nothing about it. Let’s Recap: On July 16, 2014, Cisco made an announcement saying that 9 of their home networking products had severe problems related to their security. This security problem will allow […]
I’ve been asked by some people what they should do if they also have the Cisco DPC3825 modem/router issue from Rogers. Here’s what I’d suggest: 1. Determine if you have the problem Look at your modem and see if it’s made by Cisco. I know that Rogers also uses modems from Hitron and Scientific Atlanta, […]
Yesterday I began to try to fix an issue I’m having with my home gateway – a Cisco DPC3825 that has recently been identified as one of the nine Cisco home networking products that has a major security vulnerability. My attempts were thwarted by some pretty poor customer service from my internet provider, Rogers who suggested […]
Yesterday, Cisco announced that nine of their home networking products had a critical security vulnerability that needs to be fixed. The problem stems from a buffer overflow that allows incorrect validation of HTTP requests, and will allow a hacker to run arbitrary code on your device. This new Cisco vulnerability was officially disclosed by Cisco as well […]
John Chambers, the CEO of Cisco Systems, has written a letter to President Obama asking him to stop the ongoing tampering of Cisco Networking equipment by the NSA. In his letter Chambers wrote: “if these allegations are true, these actions will undermine confidence in our industry and in the ability of technology companies to deliver […]
There’s been a lot of talk lately about the Heartbleed bug which affects systems that depend on the OpenSSL library. This bug could possibly allow unauthorized people to gain access to data that they shouldn’t in a supposedly secure and encrypted connection. Because of this bug, many websites that depended on OpenSSL to manage their […]
There’s a good article on home router security that’s worth taking a look at. It’s a bit of a survey and contains information about some of the current hot topics: The Linksys Moon worm HNAP issues UPnP issues CSRF problems Polish cybercrimes
Ever since the discovery of the Linksys “Moon” worm that relies on HNAP, many people have been interested in this protocol. What is it? What is it vulnerable to? HNAP or Home Network Administration Protocol was developed by Pure Networks for their Network Magic product – a system to make managing home networks more easily. This […]
Phil Purviance, a security researcher from San Jose in California has published a manifesto entitled Don’t Use Linksys Routers, which outlines a series of security vulnerabilities that he’s found in their products. In his post Purviance claims that: I hooked it up and spent maybe 30 minutes testing the security of the embedded website used to […]
Cisco Connect Cloud is a service offered by Cisco for some of their Linksys routers. It gives you the ability to manage your Linksys router through the Cisco website by means of “The Cloud”. Everything needs to mention “The Cloud” these days for marketing purposes, but it’s really unclear what advantages such a system has. […]