Prevent DNS Rebind Attacks in New Firmware

Got a suggestion or want to add something to our future wishlist?
Post Reply
Robertoakley2
Posts: 4
Joined: Sat May 09, 2015 9:26 pm

Prevent DNS Rebind Attacks in New Firmware

Post by Robertoakley2 » Sat May 09, 2015 9:32 pm

Hi,

Almost all routers are open to this form of attack

http://youtu.be/0duYxPIx8gU

Would it be possible to focus on router security and assure us that a default rule is put in place to prevent these sorts of attacks?

billion_fan
Posts: 5203
Joined: Tue Jul 19, 2011 4:30 pm

Re: Prevent DNS Rebind Attacks in New Firmware

Post by billion_fan » Mon May 11, 2015 10:38 am

Robertoakley2 wrote:Hi,

Almost all routers are open to this form of attack

http://youtu.be/0duYxPIx8gU

Would it be possible to focus on router security and assure us that a default rule is put in place to prevent these sorts of attacks?
Checking with our engineers now

Robertoakley2
Posts: 4
Joined: Sat May 09, 2015 9:26 pm

Re: Prevent DNS Rebind Attacks in New Firmware

Post by Robertoakley2 » Wed May 20, 2015 7:53 pm

billion_fan wrote:
Robertoakley2 wrote:Hi,

Almost all routers are open to this form of attack

http://youtu.be/0duYxPIx8gU

Would it be possible to focus on router security and assure us that a default rule is put in place to prevent these sorts of attacks?
Checking with our engineers now
Any update on this?

Also the USB vulnerability. Does it affect Billion routers?

billion_fan
Posts: 5203
Joined: Tue Jul 19, 2011 4:30 pm

Re: Prevent DNS Rebind Attacks in New Firmware

Post by billion_fan » Thu May 21, 2015 1:37 pm

Robertoakley2 wrote:
billion_fan wrote:
Robertoakley2 wrote:Hi,

Almost all routers are open to this form of attack

http://youtu.be/0duYxPIx8gU

Would it be possible to focus on router security and assure us that a default rule is put in place to prevent these sorts of attacks?
Checking with our engineers now
Any update on this?

Also the USB vulnerability. Does it affect Billion routers?
What USB vulnerability are talking about??

billion_fan
Posts: 5203
Joined: Tue Jul 19, 2011 4:30 pm

Re: Prevent DNS Rebind Attacks in New Firmware

Post by billion_fan » Thu May 21, 2015 2:27 pm

billion_fan wrote:
Robertoakley2 wrote:Hi,

Almost all routers are open to this form of attack

http://youtu.be/0duYxPIx8gU

Would it be possible to focus on router security and assure us that a default rule is put in place to prevent these sorts of attacks?
Checking with our engineers now
Our engineers have checked it and the 7800 series seems unaffected (7800dx was tested with the following link http://www.dslreports.com/forum/r188037 ... ng-attacks)

Things to do to make sure you are not attacked (better safe then sorry I would suggest) and you should be fine

1. Change the router admin password
2. Use open DNS servers eg 208.67.222.222 and 208.67.220.220

Robertoakley2
Posts: 4
Joined: Sat May 09, 2015 9:26 pm

Re: Prevent DNS Rebind Attacks in New Firmware

Post by Robertoakley2 » Thu May 21, 2015 7:15 pm

This is the USB vulnerability

http://m.slashdot.org/story/276235

billion_fan
Posts: 5203
Joined: Tue Jul 19, 2011 4:30 pm

Re: Prevent DNS Rebind Attacks in New Firmware

Post by billion_fan » Fri May 22, 2015 9:25 am

Robertoakley2 wrote:This is the USB vulnerability

http://m.slashdot.org/story/276235
Checking with our engineers

tongclub62
Posts: 3
Joined: Tue May 05, 2015 9:57 am

Re: Prevent DNS Rebind Attacks in New Firmware

Post by tongclub62 » Sat May 23, 2015 4:20 am

Great. thank for sharing. ;)

Robertoakley2
Posts: 4
Joined: Sat May 09, 2015 9:26 pm

Re: Prevent DNS Rebind Attacks in New Firmware

Post by Robertoakley2 » Sat May 23, 2015 9:28 am

No problem. It's nice to find a company like yours that cares about security and listens to its customers.

billion_fan
Posts: 5203
Joined: Tue Jul 19, 2011 4:30 pm

Re: Prevent DNS Rebind Attacks in New Firmware

Post by billion_fan » Tue May 26, 2015 9:57 am

Robertoakley2 wrote:No problem. It's nice to find a company like yours that cares about security and listens to its customers.
Just got a reply from Broadcom, see below

"Broadcom reference software does not include any drivers from KCodes"

So we shouldn't be effected

Post Reply