Sign in to follow this  

how can I check a router to see if it has been tampered with?

Recommended Posts

chrisj1968    1,415

source link: http://www.theguardian.com/books/2014/may/12/glenn-greenwald-nsa-tampers-us-internet-routers-snowden

 

I'm not getting into all of this smoke and mirrors or conspiracy stuff, I know I did in the past but now.. PFFTT!  but I really wanna ask my compadres here, if the NSA DOES in fact tamper with our routers, is there a way to login to it and find it and eradicate it?

 

I've often thought about hoping there's a update to overwrite what they have done or completely reset the router to its defaults?

 

I don't like the "prospect" of someone in my house so-to-speak and wanted to toss this at any real diehard or hardcore It techs?

 

thanks.

 

Chris

Share this post


Link to post
Share on other sites
Cnónna    626

you could always put a custom open source firmware on it. :ninja:

 

if your routers one of the ones that they make them for that is. :argh:

 

Share this post


Link to post
Share on other sites
Nefarious Trigger    6,787

Because if they had "tampered with your router" then they'd leave signs, right?

Share this post


Link to post
Share on other sites
chrisj1968    1,415

Netgear WDNR4300 through my provider charter communication

Share this post


Link to post
Share on other sites
Dot Matrix    7,115

I'm not getting into all of this smoke and mirrors or conspiracy stuff

On the contrary, that is precisely what you are doing.

 

No amount of firmware upgrades are going to do anything. If the default firmware is compromised, what do you think updating it will do? You could install a Linux based firmware, but then again, who's to say that hasn't been tampered with, either?

  • Like 1

Share this post


Link to post
Share on other sites
chrisj1968    1,415

Because if they had "tampered with your router" then they'd leave signs, right?

 

my thinking was, there'd have to be something in there somewhere a well seasoned IT pro could find.

On the contrary, that is precisely what you are doing.

 

No amount of firmware upgrades are going to do anything. If the default firmware is compromised, what do you think updating it will do? You could install a Linux based firmware, but then again, who's to say that hasn't been tampered with, either?

 

thanks for the good point about the updates being tampered with.. thanks DOT.

Share this post


Link to post
Share on other sites
Nefarious Trigger    6,787
my thinking was, there'd have to be something in there somewhere a well seasoned IT pro could find.

 

And my thinking was that the NSA hire better, well seasoned IT pros

Share this post


Link to post
Share on other sites
Dot Matrix    7,115

Long story short, I think the NSA have better things to do than tamper with Joe Person's router. If you're that worried over it, then being online isn't something you should be doing.

Share this post


Link to post
Share on other sites
gohpep    434

You could install a Linux based firmware, but then again, who's to say that hasn't been tampered with, either?

Linux is open source. Surely, someone would notice a backdoor?

Here's a list of router firmware that's safe. https://prism-break.org/en/categories/routers/

This may be of note: http://www.neowin.net/news/some-routers-found-to-be-listening-on-undocumented-port

http://grc.com/portprobe=32764

Share this post


Link to post
Share on other sites
episode    568

The NSA doesn't give a ###### about your router.

Share this post


Link to post
Share on other sites
Dot Matrix    7,115

Linux is open source. Surely, someone would notice a backdoor?

Here's a list of router firmware that's safe. https://prism-break.org/en/categories/routers/

This may be of note: http://www.neowin.net/news/some-routers-found-to-be-listening-on-undocumented-port

http://grc.com/portprobe=32764

You would think everything would be noticed in OSS, but that didn't stop Heartbleed from lingering around for *ahem* years. :pinch:

Share this post


Link to post
Share on other sites
gohpep    434

You would think everything would be noticed in OSS, but that didn't stop Heartbleed from lingering around for *ahem* years. pinch.gif

There are other more well maintained projects from GNU, like GnuTLS that did not have this flaw.

Share this post


Link to post
Share on other sites
Hum    6,929

The NSA can zap your brain from Space.

  • Like 1

Share this post


Link to post
Share on other sites
#Michael    207

Linux is open source. Surely, someone would notice a backdoor?

Here's a list of router firmware that's safe. https://prism-break.org/en/categories/routers/

This may be of note: http://www.neowin.net/news/some-routers-found-to-be-listening-on-undocumented-port

http://grc.com/portprobe=32764

 

And how long did it take for the internet community as a whole to discover the heartbleed openssl cluster######?  Just because it is open source doesn't mean that the checks&balances will discover every bug.

Share this post


Link to post
Share on other sites
gohpep    434

And how long did it take for the internet community as a whole to discover the heartbleed openssl cluster####?  Just because it is open source doesn't mean that the checks&balances will discover every bug.

Again, there are other open source solutions other than OpenSSL, like GnuTLS that did not have this vulnerability, besides the Heartbleed was a bug that resulted directly from the heartbeat feature, so it was integrated in the feature, not specifically coded into the program as a backdoor.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.