In a blogpost on Tuesday (Feb 24), Vantage Point’s Senior Security Consultant Lyon Yang highlighted “critical vulnerabilities” in three brands of routers – Zhone, Aztech and Asus. These vulnerabilities “allow an attacker to become at least a network administrator, and in most cases also gain a remote root shell, with relatively low effort”, he said.
So far the the given residential software and hardware used by many households are safe from vulnerabilities. No reported cases have be issued yet. Nonetheless safety is the utmost importance when surfing the net.
Protecting home routers against attacks
For all Singapore users, it is advisable to:
- Change the default user/admin passwords;
- Disable all network services (especially remote access) on the router.
Securing ZHONE GPON
Through the internet, access to your router via HTTP and telnet is turned on by default.
1. Access your Zhone router web administrative console (http://192.168.1.1)
2. Click on Configuration -> Firewall -> Mgmt Access:
Description of Network Interfaces:
brvlan7 – ViewQwest Internal Access
brvlan923 – Internal Network
eth0.v923 – Public Network (Internet)
brvlan899 – One Voice
3. Click Apply/Save
4. Get your Public IP Address via http://www.whatismyip.com/
Access your public IP directly via your web browser to confirm that it has been turned off successfully.Stay Safe!