owning your home network router security revisited
play

Owning Your Home Network: Router Security Revisited Marcus - PowerPoint PPT Presentation

Jan 11, 2023 •365 likes •623 views

Owning Your Home Network: Router Security Revisited Marcus Niemietz, Jrg Schwenk {marcus.niemietz, joerg.schwenk} @rub.de Ruhr University Bochum Table of

  1. Owning ¡Your ¡Home ¡Network: ¡ Router ¡Security ¡Revisited ¡ Marcus ¡Niemietz, ¡Jörg ¡Schwenk ¡ {marcus.niemietz, ¡joerg.schwenk} ¡@rub.de ¡ Ruhr ¡University ¡Bochum ¡

  2. ¡Table ¡of ¡Contents ¡ 1. IntroducKon ¡ 2. Web ¡AOacker ¡ 3. GeneralizaKon ¡ 4. Default ¡ConfiguraKon ¡ 5. Web ¡AOacks ¡ 6. FingerprinKng ¡ 7. Countermeasures ¡ 8. Conclusions ¡

  3. ¡IntroducKon ¡ • Routers: ¡center ¡of ¡private ¡home ¡networks ¡ • Web ¡stores ¡like ¡Amazon ¡offer ¡them ¡for ¡<$20 ¡ – ¡No ¡keys ¡and ¡no ¡displays ¡ – ¡Web ¡interface ¡ • Our ¡paper: ¡ Web-­‑based ¡aOacks ¡against ¡these ¡interfaces ¡ – Change ¡criKcal ¡se`ngs ¡

  4. ¡IntroducKon ¡ • ¡Methodology ¡ – 10 ¡most ¡popular ¡routers ¡from ¡Amazon ¡ • TP-­‑Link, ¡Netgear, ¡Buffalo, ¡... ¡ – Default ¡configuraKon ¡evaluated ¡ – UI ¡redressing, ¡Cross-­‑Site ¡ScripKng, ¡SSL/TLS ¡ – FingerprinKng ¡possibiliKes ¡analyzed ¡ – Countermeasures ¡analyzed ¡

  5. ¡Web ¡AOacker ¡ • Sets ¡up ¡a ¡website ¡ à ¡ lures ¡the ¡vicKm ¡to ¡this ¡site ¡ • Arbitrary ¡JavaScript ¡code ¡may ¡be ¡executed ¡ • May ¡send ¡requests ¡and ¡may ¡use ¡scripts ¡

  6. GeneralizaKon ¡ • ¡CondiKons ¡ – Web ¡interface ¡ – Connected ¡poinKng ¡device ¡(e.g., ¡mouse) ¡ • Routers, ¡network ¡switches, ¡smart ¡TV ¡systems, ¡ and ¡network ¡aOached ¡storage ¡devices ¡ • Router: ¡Widely ¡used, ¡complex, ¡important ¡ funcKonaliKes ¡

  7. Default ¡ConfiguraKon ¡

  8. XSS, ¡CSRF, ¡UIR, ¡and ¡SSL/TLS ¡ • XSS: ¡Focus ¡on ¡reflected ¡and ¡stored ¡XSS ¡ – Control ¡the ¡vicKm‘s ¡browser ¡ • CSRF ¡ – Manipulate ¡DNS ¡se`ngs ¡ – Change ¡default ¡passwords ¡(D-­‑Link ¡DIR-­‑615) ¡ • UIR: ¡Classic ¡Clickjacking ¡& ¡Tabjacking ¡ • SSL/TLS ¡

  9. UI ¡Redressing

  10. UI ¡Redressing

  11. UI ¡Redressing

  12. UI ¡Redressing

  13. UI ¡Redressing

  14. UI ¡Redressing <h1>Funny pictures</h1> <img src="lol.gif"> <button>Click me</button> <img src="lol.gif"> <iframe style="position:absolute; z-index:1; opacity:0.0; filter:alpha(opacity=0); left:-120px; top:95px;" width="300" height="200" src="http://www.bing.com"> </iframe>

  15. Web ¡AOacks ¡

  16. UIR ¡– ¡Fritz!Box ¡2170 ¡

  17. UIR ¡– ¡Fritz!Box ¡2170 ¡ <style>div, button { position:absolute; z- index:1; border:1px solid; pointer- events:none }</style>... <img src="kitten-1.png" draggable="true" ondragstart="event.dataTransfer.setData('tex t/plain','foobar')">... <div style="top:35px; left:300px">Tired</ div>... <button style="top:195px; left:425px">More kittens</button> <iframe src="http://192.168.178.1/cgi-bin/ webcm?getpage=...

  18. FingerprinKng ¡ • Get ¡unique ¡idenKfiers ¡ – HTTP ¡Basic ¡AuthenKcaKon ¡ • WWW-­‑AuthenKcate: ¡Basic ¡realm="VALUE" ¡ – Web ¡Interface ¡AuthenKcaKon ¡ • HTTP ¡ressources ¡

  19. FingerprinKng ¡

  20. FingerprinKng ¡ • Huawei ¡E5331 ¡ – SIM, ¡hOp://192.168.1.1/res/no ¡card.png ¡ • D-­‑Link ¡DIR-­‑615 ¡ – Logo, ¡hOp://192.168.0.1/pictures/wlan/masthead.gif ¡ • Fritz!Box ¡2170 ¡ – Logo, ¡hOp://192.168.178.1/html/de/images/fw ¡ header.gif ¡ • Belkin ¡F7D4301 ¡ – Logo, ¡hOp://192.168.2.1/images/head ¡logo.gif ¡

  21. ¡Countermeasures ¡ • ¡RandomizaKon ¡of ¡the ¡default ¡login ¡data ¡

  22. ¡Countermeasures ¡ • Minimize ¡InformaKon ¡Leakage ¡ – "TP-­‑Link ¡WR841N" ¡ è "Router ¡Login ¡XXX" ¡ • ¡SSL/TLS ¡ • ¡Input ¡ValidaKon ¡ • ¡X-­‑Frame-­‑OpKons ¡ • ¡Window ¡name ¡ – window.name="TOKEN" • ¡Cookie ¡flags: ¡ h"pOnly ¡and ¡ secure ¡

  23. ¡Conclusions ¡ • RepresentaKve ¡overview ¡of ¡the ¡security ¡of ¡ current ¡home ¡router ¡Web ¡interfaces ¡ • All ¡10 ¡Web ¡interfaces ¡are ¡vulnerable ¡ • Well-­‑known ¡countermeasures ¡like ¡ X-Frame- Options ¡ are ¡not ¡implemented ¡ ¡

  24. Thank ¡you ¡for ¡your ¡aOenKon. ¡ QuesKons? ¡

Recommend

Online Security Michael Hutchinson My First line of Defense Making Things Secure Router

Online Security Michael Hutchinson My First line of Defense Making Things Secure Router

Online Security Michael Hutchinson My First line of Defense Making Things Secure Router Security Anti-Malware Programs Browser Security Internet Searching Router Security Router is First Line of Defense Router typically

472 views • 23 slides
Wireless Router at Home 192.168.1.2 192.168.1.1 Modem 192.168.1.3 120.6.46.15 telephone line

Wireless Router at Home 192.168.1.2 192.168.1.1 Modem 192.168.1.3 120.6.46.15 telephone line

Wireless Router at Home 192.168.1.2 192.168.1.1 Modem 192.168.1.3 120.6.46.15 telephone line to ISP 192.168.1.5 192.168.1.4 Internet connection with public IP internal LAN with private IPs Wireless All-in-one Router at Home 192.168.1.2

326 views • 18 slides
Security AutoSecure Router HardeningAutomagically The process of turning off unnecessary

Security AutoSecure Router HardeningAutomagically The process of turning off unnecessary

Security AutoSecure Router HardeningAutomagically The process of turning off unnecessary services is called hardening a router to prevent attacks or exploits. The basic steps of router hardening are: 1) Administratively shut down

102 views • 8 slides
What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Signing a Linear Subspace: Signature Schemes for Network Coding David Mandell Freeman CWI &amp;

Signing a Linear Subspace: Signature Schemes for Network Coding David Mandell Freeman CWI &amp;

Signing a Linear Subspace: Signature Schemes for Network Coding David Mandell Freeman CWI &amp; Universiteit Leiden IPAM Retreat: Securing Cyberspace 9 June 2009 Network coding [ACLY00] recipient router router router sender router

330 views • 18 slides
IS OWNING A CAT BETTER Elie J. Diner, PhD SlideTalk THAN OWNING A DOG? University of Cat

IS OWNING A CAT BETTER Elie J. Diner, PhD SlideTalk THAN OWNING A DOG? University of Cat

IS OWNING A CAT BETTER Elie J. Diner, PhD SlideTalk THAN OWNING A DOG? University of Cat HUMANS HAVE DOMESTICATED MANY DIFFERENT TYPES OF ANIMALS AS PETS Canis lupus Oryctolagus Felis catus Carassius familiaris cuniculus auratus PHOTO

158 views • 11 slides
CS 598: Network Security Matthew Caesar February 7, 2011 1 This lecture Network devices

CS 598: Network Security Matthew Caesar February 7, 2011 1 This lecture Network devices

Lecture 4: Device Security and Router Mechanisms CS 598: Network Security Matthew Caesar February 7, 2011 1 This lecture Network devices Their internals and how they work Network connections How to plug devices together 2

1.41k views • 119 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
Network T elescopes Revisited From Loads of Unwanted Traffjc to Threat Intelligence Piotr

Network T elescopes Revisited From Loads of Unwanted Traffjc to Threat Intelligence Piotr

Network T elescopes Revisited From Loads of Unwanted Traffjc to Threat Intelligence Piotr Bazydo, Adrian Korczak, Pawe Pawliski Research and Academic Computer Network (NASK, Poland) Who are we Piotr Bazydo Head of Network Security

684 views • 40 slides
Courtyard House Anjuna Goa For Sale Imagine owning your own private forest your beautiful home

Courtyard House Anjuna Goa For Sale Imagine owning your own private forest your beautiful home

Courtyard House Anjuna Goa For Sale Imagine owning your own private forest your beautiful home nestled amidst trees every last detail perfectly fjnished all you need to bring are the keys Imagine low slung roofs and large bright windows the

913 views • 24 slides
1 Link Layer: setting the context two physically connected devices: host-router,

1 Link Layer: setting the context two physically connected devices: host-router,

Network Layer Overview: network layer services virtual circuit and datagram Goals: networks whats inside a router? understand principles behind network layer IP: Internet Protocol services: IPv4 datagram format

344 views • 16 slides
Cryptography and network security Firewalls slide 1 Firewalls Idea: separate local network

Cryptography and network security Firewalls slide 1 Firewalls Idea: separate local network

Cryptography and network security Firewalls slide 1 Firewalls Idea: separate local network from the Internet Trusted hosts and networks Firewall Router Intranet Demilitarized Zone: DMZ publicly accessible servers and networks

746 views • 31 slides
CNC Router What is it good for? About the CNC Full name is CNC Router but is shortened to CNC

CNC Router What is it good for? About the CNC Full name is CNC Router but is shortened to CNC

CNC Router What is it good for? About the CNC Full name is CNC Router but is shortened to CNC CNC stands for Computer Numeric Controlled (Router) Very Expensive Can only be used with proper training Trumans favorite

534 views • 7 slides
Hard State Revisited: Network Filesystems Hard State Revisited: Network Filesystems Jeff Chase

Hard State Revisited: Network Filesystems Hard State Revisited: Network Filesystems Jeff Chase

Hard State Revisited: Network Filesystems Hard State Revisited: Network Filesystems Jeff Chase CPS 212, Fall 2000 Network File System (NFS) Network File System (NFS) server client syscall layer user programs VFS syscall layer NFS VFS

430 views • 29 slides
Network Components Parts of a Network app router link host Computer Networks 2 Parts of a

Network Components Parts of a Network app router link host Computer Networks 2 Parts of a

Network Components Parts of a Network app router link host Computer Networks 2 Parts of a Network app router link host Computer Networks 3 Component Names Component Function Example Application, or app, user Generates Zoom,

820 views • 45 slides
New Butler Gallery at Evans Home Revisited South wing side garden Evans Home - City context

New Butler Gallery at Evans Home Revisited South wing side garden Evans Home - City context

New Butler Gallery at Evans Home Revisited South wing side garden Evans Home - City context Evans Home today - front faade View west View towards County Hall Work to date 2009 Design Team procured - McCullough Mulvin Architects team

347 views • 15 slides
Network Components Parts of a Network app router link host Computer Networks 2 Parts of a

Network Components Parts of a Network app router link host Computer Networks 2 Parts of a

Network Components Parts of a Network app router link host Computer Networks 2 Parts of a Network app router link host Computer Networks 3 Component Names Component Function Example Application, or app, user Uses the network

478 views • 44 slides
Owning the data centre, Cisco NX-OS George Hedfors Working for Cybercom Sweden East AB

Owning the data centre, Cisco NX-OS George Hedfors Working for Cybercom Sweden East AB

Owning the data centre, Cisco NX-OS George Hedfors Working for Cybercom Sweden East AB (http://www.cybercomgroup.com) 12 years as IT- and information security consultant Previously worked for iX Security, Defcom, NetSec, n.runs and

488 views • 21 slides
WiFi security Harald Vranken 1 Agenda Introduction to WiFi Open WiFi networks Home

WiFi security Harald Vranken 1 Agenda Introduction to WiFi Open WiFi networks Home

Advanced Network Security (2019-2020) WiFi security Harald Vranken 1 Agenda Introduction to WiFi Open WiFi networks Home WiFi network IEEE 802.11 WEP WPA/WPA2/WPA3 Personal/Enterprise Eduroam Attacks 2

674 views • 45 slides
Is Anybody Home? Inferring Activity from Smart Home Network Traffic Bogdan Copos Matt Bishop

Is Anybody Home? Inferring Activity from Smart Home Network Traffic Bogdan Copos Matt Bishop

Is Anybody Home? Inferring Activity from Smart Home Network Traffic Bogdan Copos Matt Bishop Karl Levitt Jeff Rowe University of California, Davis 1 / 21 2 / 21 3 / 21 4 / 21 Security Many things can go wrong... malicious firmware

803 views • 36 slides
Network Layer: The Data Plane Network Layer Overview Router Architecture Network

Network Layer: The Data Plane Network Layer Overview Router Architecture Network

Network Layer: The Data Plane Network Layer Overview Router Architecture Network Layer Functions and Service Models Network Layer Functions IP Addressing Network Service Models: Virtual Circuit vs. Datagram

1.18k views • 63 slides
Current W ireless Router C Current W ireless Router C Traditional Routing requires 4 time

Current W ireless Router C Current W ireless Router C Traditional Routing requires 4 time

Analog Network Coding Sachin Katti Shyamnath Gollakota and Dina Katabi Current W ireless Router C Current W ireless Router C Traditional Routing requires 4 time slots Current W ireless Router C Traditional Routing requires 4 time slots

602 views • 31 slides
Secure Your Home Network Vancouver ISSA - Community Outreach Program Security Awareness Training

Secure Your Home Network Vancouver ISSA - Community Outreach Program Security Awareness Training

Secure Your Home Network Vancouver ISSA - Community Outreach Program Security Awareness Training Overview of Securing your Home Network What do you need to protect? What are the threats? How do you protect against the threats? What

348 views • 31 slides
5 Network Layer Network Layer Network Layer Network Layer Example: Choosing among multiple ASes

5 Network Layer Network Layer Network Layer Network Layer Example: Choosing among multiple ASes

Network Layer Network Layer Network Layer Network Layer Network Layer Comparison of LS and DV algorithms Message complexity Robustness: what happens 1 Introduction 5 Routing algorithms if router malfunctions? LS: with n nodes, E

325 views • 4 slides

More recommend