wireless

Drive-By Pharming: Symantec Says to Change Your Passwords

Filed in archive Wi-Fi by jeff goldman on February 17, 2007

Drive-By Pharming: Symantec Says to Change Your Passwords

CNET News' Joris Evers reports that Symantec this week announced the results of security research, conducted with the Indiana University School of Informatics, which found that it's possible to change the DNS setting of a router by tricking the owner into viewing a fake Web page with JavaScript code. The company calls it 'Drive-By Pharming.'

"I have been able to get this to work on Linksys, D-Link and netgear routers," says Symantec researcher Zulfikar Ramzan. "You can create one Web site that is able to attack all routers. My feeling is that it is just a matter of time before phishers start using this."

According to Ramzan, the attack works on any brand of router, but only if the default password hasn't been changed -- the JavaScript code uses the default password to gain access. While most router manufacturers recommend changing the default password, it's still easy to set up a router without doing so.

Symantec's page explaining the attack is here.

More here from InformationWeek ... and more here from InfoWorld.

Related Entries:

Don't Forget About 802.20 - 24 January 2006
Mac Hack Part XVIII: End of the Story? - 01 March 2007
Beware the Evil Twin! - 26 April 2007
Hacking the Moscow Marriott - 14 May 2007
Avis Offers Mobile Wi-Fi for $10.95 a Day - 22 May 2007
San Francisco Mayor Expresses Frustration About Muni Wi-Fi - 22 May 2007
Whoops: Duke University Dropout Was Cisco's Fault, not Apple... - 23 July 2007

« Hitachi Announces an RFID... | Main | UK Department of Health W... »

Permalink: Drive-By Pharming: Symantec Says to Change Your Passwords

Tags: driveby pharming symantec indiana university wireless router dns hack hacking wifi wifi wi+fi java j

Trackback: http://publish.creative-weblogging.com/publish/mt-tb.pl/54122

Addthis

Ask

Blinklist

del.icio.us

Digg

Fark

Facebook

Google

Lycos

Ma.gnolia

Add this page to Mister Wong

Mr Wong

Netscape

Netvousz

Newsvine

Reddit

StumbleUpon

Slashdot

Tailrank

Technorati

Wink

Yahoo

Vote for Drive-By Pharming: Symantec Says to Change Your Passwords:

Currently 6.75/10
1
2
3
4
5
6
7
8
9
10

Rating: 6.75 out of 4 vote(s) cast.

Response from: University Update

Add your response to Drive-By Pharming: Symantec Says to Change Your Passwords:

Name: *

Email: (will never be shown)*

URL:

(* marked fields are required)

Notify me if more comments appear?

Subscribe to The Wireless Weblog newsletter? (Newsletters are sent out weekly).

Remember me

Security Code: *
(Please help us to sort out spam.)

Please enter your comment here: (Sorry, no HTML is allowed - URLs will be made clickable automatically if you add http:// to your URL.)

We welcome your comments, however all comments are moderated. Offensive or off-topic comments will be deleted and not displayed.

Share It

Marketplace

mobile broadband

Use the search to look for other interesting posts

Popular posts from our other blogs:

RSS	See all blog subscribe options
Google	What is RSS?
Yahoo!
Addthis
Bloglines
Newsletter
Twitter	Follow us on Twitter!

Tagcloud

Categories

Most popular

Archives

March 2010 (5)
February 2010 (8)
January 2010 (5)
December 2009 (6)
November 2009 (6)
October 2009 (6)
September 2009 (5)
More

Advertise with us

Interested in sponsoring this site? Learn more about all our advertising options or email advertising - at - creative-weblogging.com or give us a call at +1 (650) 331 4900.

Contributors (Last 90 days)

Jason Giacchino (5)
Linda Roeder (1)
Shawn Hessinger (2)
Jeff Goldman (12)
Creative Weblogging (1)

This site has 1247 entries and is powered by Creative Weblogging since January 2006.

Recent Comments

Subscribe to this blog on your phone

Our Editors recommend

Disclaimer

Creative Commons License

Some of the contents of this site are protected Creative Weblogging Inc. 2004-2010.

Check out our Sponsored Blogs!

Business Computer Blog (UK)

Are you interested in writing a blog in our network?

See which positions are currently open.

Testimonials

'I would highly recommend you to this well written and informative site.'

Other blogs in the same channel in the Creative Weblogging Network: Wireless & Mobile

Tech Without Wires

Tech Without Wires

The Mobile Technology Weblog

The Mobile Technolo...

The RFID Weblog

The RFID Weblog

The Smart PDA

Supplychainer

About the company | Advertise with us | Disclaimer | Privacy Policy | Refund/Return Policy | Memcache Hosting | Domain Search | People Search | Breaking News | Gourmet Lunch

All Creative Weblogging sites are built in accordance with the Google Webmaster Guidelines and IAB guidelines.