Linksys Router Information (A collection)

Security Whitepapers

Beginner Security Articles

Hacking Articles

IT Certification Articles

Computer How-To's

Web Hosting Tutorials

Network Security Jobs

Consultants Directory

Exploit Articles

Internet Anonymity

General Security

Encryption Information

E-Mail Security

HTTP Protocol Security

Linux Security

Exploit Discussion

Complete PDF Archive of Security Manuals

In The News General Security Information Exploit & Vulnerability Mailing List Archives Product and Program Reviews GSO Tutorials System Security Windows Systems Beginners Section Linux & Unix Systems Trojan & Virus Errata Networking Security / Firewall / IDS / VPN / Routers System Hardening E-Mail Security Wifi Security Trial Member Uploads Upload discovered Trojans & Mal ware (25 posts) The Cork Board Network Security Consultant Directory Network Security Jobs The Archives Encryption Information General Network Security Internet Anonymity HTTP Protocol Security Linux Security MS IIS Information Exploit Articles Programming / Tool Design GSO Software Projects Public Downloads Microsoft Security Questions and Papers
	Database Security (Common-sense Principles)
	Places that viruses and trojans hide on start up
	Step-by-Step Guide to Using the Security Configuration Tool Set
	Improving the Security of Your Site by Breaking Into it
	Domain Name Robbery
	XDCC - An .EDU Admin's Nightmare
	Database Security
	Database Security
	Is Database Security an Oxymoron?
	Database security: protecting sensitive and critical information
	The database security blanket
	Database security in your Web-enabled apps
	Making Your Network Safe for Databases
	SQL Injection: Modes of Attack, Defence, and Why It Matters
	Database Security in High Risk Environments
	Linksys Router Information (A collection)
	Common Ports
	Protection of the Administrator Account in the Offline SAM
	Windows 2000 Security
	The dangers of ftp conversions on misconfigured systems
	Win98.BlackBat
	AnnaKournikova worm decrypted
	C/C++ made easy with GoGooSE 1.0
	UNIX Bourne Shell Programming
	BATCH ProgramminG
	Assembly for nerds using linux
	THE LATEST IN DENIAL OF SERVICE ATTACKS: "SMURFING"
	The Ingredients to ARP Poison
	Outlook 2002: can't send .exe file with Email
	Windows 9x/Me Security and System Restrictions
	Exploiting The IPC Share
	Local Windows hacking
	Windows Cryptic Error Messages
	Windows NT Registry Tutorial
	catch a macro virus
	Protecting Files with Windows NTXP
	Microsoft Baseline Security Analyzer V1.1
	A Beginners Guide To Wireless Security
	Default Logins and Passwords for Networked Devices
	How To Eliminate The Ten Most Critical Internet Security Threats
	About computer crime
	System Backdoor Information
	System Backdoors Explained
	Introduction to Buffer Overflow
	Donald Pipkin's Security Tips for the Week of December 23rd
	Getting IP data from numerous sources
	Rainbow Series Library [The One The Only]
	Honeypots (Definitions and Value of Honeypots)
	General Attack Descriptions
	Wireless Taping
	CYBERTERRORISM
	Security from a different angle

Linksys Router Information (A collection)

If this not work you can test the connection with tftp or maybe you must have an administrator tool for this cablemodem. I really don't know this software.

___________________________________________________________________________

Jun, 11 2002

Summary
Linksys Cable/DSL has been found to contain a security vulnerability that occurs when an administrator flashes (updates
the firmware) the product to the latest version. The vulnerability would allow remote administration even if it has been
specifically disabled in the product (The administration will be available via a different port than the normal
administration port).

Details
Vulnerable systems:
Linksys Cable/DSL version 1.42.7 (BEFSR11 / BEFSR41 / BEFSRU31)

Immune systems:
Linksys Cable/DSL versions prior to 1.42.7 (BEFSR11 / BEFSR41 / BEFSRU31)

After flashing the Linksys Cable/DSL with the new firmware (Version 1.42.7 that was released on May 1 2002), a new port
will open for remote administration, TCP port 5678. This port will open even if the "Block WAN" and
"Remote Admin" are set to disabled.

Additional information
The information has been provided by Tim Mayville

_________________________________________________________

Linksys Routers Found to be Vulnerable to SNMP Issues ========================================================================== Jan, 14 2002 Summary Linksys DSL routers suffer from serious information leakage problems, as well as a potential opening to be used as a DDoS initiator. Details Vulnerable systems: BEFN2PS4 (EtherFast Cable/DSL Router & Voice with 4-Port Switch) BEFSR81 (EtherFast Cable/DSL Router with 8-Port Switch) (confirmed version 2.37) Immune systems: BEFSR81 version v2.38.1 Querying the mentioned devices with the default community of 'public' causes them to set the address that queried as their snmptrap host, dumping traffic such as the following to that address: Enterprise Specific Trap (1) Uptime: 2 days, 19:00:23.36, enterprises.3955.1.1.0 = "@out 192.168.1.200 ==> 24.254.60.13[110]." Enterprise Specific Trap (1) Uptime: 2 days, 19:00:23.36, enterprises.3955.1.1.0 = "@out 192.168.1.200 ==> 216.120.8.23[5632]." Enterprise Specific Trap (1) Uptime: 2 days, 19:00:23.36, enterprises.3955.1.1.0 = "@out 192.168.1.200 ==> 216.120.8.3[5632]." Enterprise Specific Trap (1) Uptime: 2 days, 19:00:23.36, enterprises.3955.1.1.0 = "@out 192.168.1.200 ==> 216.120.8.4[5632]." Enterprise Specific Trap (1) Uptime: 2 days, 19:00:23.36, enterprises.3955.1.1.0 = "@out 192.168.1.200 ==> 216.120.8.5[5632]." Enterprise Specific Trap (1) Uptime: 2 days, 6:04:38.11, enterprises.3955.1.1.0 = "-->[U]Send OP: ^ps_status_q 15049C0DFC9B03166D55EA30474D04FB 9218583272 a .." Enterprise Specific Trap (1) Uptime: 2 days, 6:04:38.11, enterprises.3955.1.1.0 = "<--[U]Recv __: ^ps_status_r.15049C0DFC9B03166D55EA30474D04FB."".0.." It looks like a combination of debugging information as well as traffic logging; many customers never use the configuration page, let alone change the SNMP communities. To make matters worse, Linksys refuses to distribute an MIB for the device, which is not surprising considering the SNMP implementation on the device is rather broken (it goes into a continuous loop). Further, with the correct community string you could enumerate values, determine the internal network addressing, etc, and even add forwarding rules to access services on internal hosts. When a change is made, the trick is to find the SNMP var that acts as the switch to save the new config values and recycle with the new values. Some poking and some Linksys MIBS found on the Internet id'd/confirmed the software switch as: .1.3.6.1.4.1.3955.3.1.6.0 Integer valued ... set to '1' to save new values/recycle. Additional information The information has been provided by Matthew S. Hallacy and The Cyberiad.