Jump to content



Photo

how can I check a router to see if it has been tampered with?


  • Please log in to reply
14 replies to this topic

#1 chrisj1968

chrisj1968

    copyrighted!! ©

  • Tech Issues Solved: 3
  • Joined: 17-June 08
  • Location: United States

Posted 12 May 2014 - 23:32

source link: http://www.theguardi...routers-snowden

 

I'm not getting into all of this smoke and mirrors or conspiracy stuff, I know I did in the past but now.. PFFTT!  but I really wanna ask my compadres here, if the NSA DOES in fact tamper with our routers, is there a way to login to it and find it and eradicate it?

 

I've often thought about hoping there's a update to overwrite what they have done or completely reset the router to its defaults?

 

I don't like the "prospect" of someone in my house so-to-speak and wanted to toss this at any real diehard or hardcore It techs?

 

thanks.

 

Chris




#2 Cnónna

Cnónna

    Neowinian

  • Joined: 27-December 13

Posted 12 May 2014 - 23:41

you could always put a custom open source firmware on it. :ninja:

 

if your routers one of the ones that they make them for that is. :argh:

 



#3 +Nik L

Nik L

    Where's my pants?

  • Tech Issues Solved: 2
  • Joined: 14-January 03

Posted 12 May 2014 - 23:41

Because if they had "tampered with your router" then they'd leave signs, right?



#4 OP chrisj1968

chrisj1968

    copyrighted!! ©

  • Tech Issues Solved: 3
  • Joined: 17-June 08
  • Location: United States

Posted 12 May 2014 - 23:43

Netgear WDNR4300 through my provider charter communication



#5 Dot Matrix

Dot Matrix

    Neowinian Senior

  • Tech Issues Solved: 6
  • Joined: 14-November 11
  • Location: Upstate New York
  • OS: Windows 8.1
  • Phone: Nokia Lumia 920

Posted 12 May 2014 - 23:43

I'm not getting into all of this smoke and mirrors or conspiracy stuff

On the contrary, that is precisely what you are doing.

 

No amount of firmware upgrades are going to do anything. If the default firmware is compromised, what do you think updating it will do? You could install a Linux based firmware, but then again, who's to say that hasn't been tampered with, either?



#6 OP chrisj1968

chrisj1968

    copyrighted!! ©

  • Tech Issues Solved: 3
  • Joined: 17-June 08
  • Location: United States

Posted 12 May 2014 - 23:44

Because if they had "tampered with your router" then they'd leave signs, right?

 

my thinking was, there'd have to be something in there somewhere a well seasoned IT pro could find.


On the contrary, that is precisely what you are doing.

 

No amount of firmware upgrades are going to do anything. If the default firmware is compromised, what do you think updating it will do? You could install a Linux based firmware, but then again, who's to say that hasn't been tampered with, either?

 

thanks for the good point about the updates being tampered with.. thanks DOT.



#7 +Nik L

Nik L

    Where's my pants?

  • Tech Issues Solved: 2
  • Joined: 14-January 03

Posted 12 May 2014 - 23:44

my thinking was, there'd have to be something in there somewhere a well seasoned IT pro could find.

 

And my thinking was that the NSA hire better, well seasoned IT pros



#8 Dot Matrix

Dot Matrix

    Neowinian Senior

  • Tech Issues Solved: 6
  • Joined: 14-November 11
  • Location: Upstate New York
  • OS: Windows 8.1
  • Phone: Nokia Lumia 920

Posted 12 May 2014 - 23:49

Long story short, I think the NSA have better things to do than tamper with Joe Person's router. If you're that worried over it, then being online isn't something you should be doing.



#9 mastercoms

mastercoms

    Expert Microsoft Fanboy & C# Coder

  • Tech Issues Solved: 3
  • Joined: 21-May 13
  • Location: Marietta, Georgia
  • OS: W8.1U1 + Fedora 20
  • Phone: Lumia 928 WP8.1U1 Black

Posted 13 May 2014 - 00:12

You could install a Linux based firmware, but then again, who's to say that hasn't been tampered with, either?

Linux is open source. Surely, someone would notice a backdoor?

Here's a list of router firmware that's safe. https://prism-break....gories/routers/

This may be of note: http://www.neowin.ne...documented-port

http://grc.com/portprobe=32764



#10 episode

episode

    Neowinian Fanatic

  • Tech Issues Solved: 3
  • Joined: 11-December 01

Posted 13 May 2014 - 00:27

The NSA doesn't give a ###### about your router.



#11 Dot Matrix

Dot Matrix

    Neowinian Senior

  • Tech Issues Solved: 6
  • Joined: 14-November 11
  • Location: Upstate New York
  • OS: Windows 8.1
  • Phone: Nokia Lumia 920

Posted 13 May 2014 - 00:57

Linux is open source. Surely, someone would notice a backdoor?

Here's a list of router firmware that's safe. https://prism-break....gories/routers/

This may be of note: http://www.neowin.ne...documented-port

http://grc.com/portprobe=32764

You would think everything would be noticed in OSS, but that didn't stop Heartbleed from lingering around for *ahem* years. :pinch:



#12 mastercoms

mastercoms

    Expert Microsoft Fanboy & C# Coder

  • Tech Issues Solved: 3
  • Joined: 21-May 13
  • Location: Marietta, Georgia
  • OS: W8.1U1 + Fedora 20
  • Phone: Lumia 928 WP8.1U1 Black

Posted 13 May 2014 - 02:04

You would think everything would be noticed in OSS, but that didn't stop Heartbleed from lingering around for *ahem* years. pinch.gif

There are other more well maintained projects from GNU, like GnuTLS that did not have this flaw.



#13 Hum

Hum

    totally wAcKed

  • Tech Issues Solved: 10
  • Joined: 05-October 03
  • Location: Odder Space
  • OS: Windows XP, 7

Posted 13 May 2014 - 02:16

The NSA can zap your brain from Space.



#14 #Michael

#Michael

    Neowinian Senior

  • Joined: 28-August 01

Posted 13 May 2014 - 14:11

Linux is open source. Surely, someone would notice a backdoor?

Here's a list of router firmware that's safe. https://prism-break....gories/routers/

This may be of note: http://www.neowin.ne...documented-port

http://grc.com/portprobe=32764

 

And how long did it take for the internet community as a whole to discover the heartbleed openssl cluster######?  Just because it is open source doesn't mean that the checks&balances will discover every bug.



#15 mastercoms

mastercoms

    Expert Microsoft Fanboy & C# Coder

  • Tech Issues Solved: 3
  • Joined: 21-May 13
  • Location: Marietta, Georgia
  • OS: W8.1U1 + Fedora 20
  • Phone: Lumia 928 WP8.1U1 Black

Posted 13 May 2014 - 15:38

And how long did it take for the internet community as a whole to discover the heartbleed openssl cluster####?  Just because it is open source doesn't mean that the checks&balances will discover every bug.

Again, there are other open source solutions other than OpenSSL, like GnuTLS that did not have this vulnerability, besides the Heartbleed was a bug that resulted directly from the heartbeat feature, so it was integrated in the feature, not specifically coded into the program as a backdoor.