Exploits Team Pages

Massads Closers Services Abuse Open Proxy Exploits Cybercafe

Ident FAQ
Windows Ident
Macintosh Ident
Unix Ident
Microsoft ICS
Proxies & Firewalls
Routers
Security Check
Akill Information
Specific Fixes
Contact Us

DSL Routers

If you are connecting to the internet using a DSL or Cable connection you may require to take action to secure the router against abuse. Many DSL and Cable routers may ship with an insecure initial configuration which can allow attackers to gain remote access to the router and use it in malicious ways unless corrected by the installer or user.
Gaining access to the router does not necessarily mean they have gained access to your PC.

Users with ISP Supplied and managed routers should contact their ISP's technical support department for advice on how to secure their router if required. In some cases this may require a service visit by a technician.

Users with unmanaged or independantly purchased routers should see the instructions below or contact the router manufacturer for advice on how best to secure their product. Once again, in some cases a service visit may be required.

We have provided links to information on securing DSL routers from two of the more popular manufacturers below. This does not imply these are any more or less secure than other models, we are providing links to this information for the conveneince of our users only.

For Cayman Routers, please see the following URL's :

To disable administrative access from the Internet please follow the instructions on :
http://www.cayman.com/en-us/equipment/tech/c_faq.html#secu_no_6

To regain access to a router which has been compromised follow the instructions on :
http://www.cayman.com/en-us/equipment/tech/c_faq.html#ts_no_6
You will need to fully reconfigure the router after performing this procedure, please ensure you have all relevant information available before proceeding.

For those with Cisco routers, please refer to Cisco's documentation :

http://www.cisco.com/univercd/cc/td/doc/product/dsl_prod/c600s/cbos/cbos240/03chap03.htm#xtocid458112

http://www.cisco.com/univercd/cc/td/doc/product/dsl_prod/c600s/cbos/cbosug/index.htm

or our own guide to securing Cisco routers at http://kline.dal.net/exploits/proxysec.htm

For those with Zyxel routers, please see the following URL's :

http://www.zyxel.com

It appears there is no information currently available in either the knowledgebase or support notes on how to disable WAN access to the router's admin interface. It's reasonable to assume it's achieved using filter rules (unnecessarily complex!) but we cannot verify this at the present time. We'd suggest contacting zyxel's support team or your vendor for detailed instructions on how to secure these devices.

In addition to securing your router, you should take steps to ensure your PC(s) and local network are secure and have not been compromised. You can find information on how to secure your local network on the following URL's :

http://kline.dal.net/exploits/trojan-dsl.htm
http://www.cert.org/tech_tips/home_networks.html

© DALnet IRC Network 2003.
DALnet treats copyright violation extremely seriously.
You are expressly forbidden to copy, mirror or otherwise duplicate the content, style or look and feel of these pages without express written permission from an authorized DALnet official. Copyright violators will be dealt with severly.