how can I check a router to see if it has been tampered with?

By chrisj1968
in Hardware Hangout

 Share

Recommended Posts

Grand Master

chrisj1968

Posted
Posted

source link: http://www.theguardian.com/books/2014/may/12/glenn-greenwald-nsa-tampers-us-internet-routers-snowden

 

I'm not getting into all of this smoke and mirrors or conspiracy stuff, I know I did in the past but now.. PFFTT!  but I really wanna ask my compadres here, if the NSA DOES in fact tamper with our routers, is there a way to login to it and find it and eradicate it?

 

I've often thought about hoping there's a update to overwrite what they have done or completely reset the router to its defaults?

 

I don't like the "prospect" of someone in my house so-to-speak and wanted to toss this at any real diehard or hardcore It techs?

 

thanks.

 

Chris

Link to comment
Share on other sites
Mentor

Cnónna

Posted
Posted

you could always put a custom open source firmware on it. :ninja:

 

if your routers one of the ones that they make them for that is. :argh:

 

Link to comment
Share on other sites
Grand Master

Dot Matrix

Posted
Posted

I'm not getting into all of this smoke and mirrors or conspiracy stuff

On the contrary, that is precisely what you are doing.

 

No amount of firmware upgrades are going to do anything. If the default firmware is compromised, what do you think updating it will do? You could install a Linux based firmware, but then again, who's to say that hasn't been tampered with, either?

  • Dick Montage
  • Like 1
Link to comment
Share on other sites
Grand Master

chrisj1968

Posted
  • Author
Posted

Because if they had "tampered with your router" then they'd leave signs, right?

 

my thinking was, there'd have to be something in there somewhere a well seasoned IT pro could find.

On the contrary, that is precisely what you are doing.

 

No amount of firmware upgrades are going to do anything. If the default firmware is compromised, what do you think updating it will do? You could install a Linux based firmware, but then again, who's to say that hasn't been tampered with, either?

 

thanks for the good point about the updates being tampered with.. thanks DOT.

Link to comment
Share on other sites
Grand Master

Dick Montage

Posted
Posted
my thinking was, there'd have to be something in there somewhere a well seasoned IT pro could find.

 

And my thinking was that the NSA hire better, well seasoned IT pros

Link to comment
Share on other sites
Grand Master

Dot Matrix

Posted
Posted

Long story short, I think the NSA have better things to do than tamper with Joe Person's router. If you're that worried over it, then being online isn't something you should be doing.

Link to comment
Share on other sites
Mentor

gohpep

Posted
Posted

You could install a Linux based firmware, but then again, who's to say that hasn't been tampered with, either?

Linux is open source. Surely, someone would notice a backdoor?

Here's a list of router firmware that's safe. https://prism-break.org/en/categories/routers/

This may be of note: https://www.neowin.net/news/some-routers-found-to-be-listening-on-undocumented-port

http://grc.com/portprobe=32764

Link to comment
Share on other sites
Grand Master

Dot Matrix

Posted
Posted

Linux is open source. Surely, someone would notice a backdoor?

Here's a list of router firmware that's safe. https://prism-break.org/en/categories/routers/

This may be of note: https://www.neowin.net/news/some-routers-found-to-be-listening-on-undocumented-port

http://grc.com/portprobe=32764

You would think everything would be noticed in OSS, but that didn't stop Heartbleed from lingering around for *ahem* years. :pinch:

Link to comment
Share on other sites
Mentor

gohpep

Posted
Posted

You would think everything would be noticed in OSS, but that didn't stop Heartbleed from lingering around for *ahem* years. pinch.gif

There are other more well maintained projects from GNU, like GnuTLS that did not have this flaw.

Link to comment
Share on other sites
Grand Master

#Michael

Posted
Posted

Linux is open source. Surely, someone would notice a backdoor?

Here's a list of router firmware that's safe. https://prism-break.org/en/categories/routers/

This may be of note: https://www.neowin.net/news/some-routers-found-to-be-listening-on-undocumented-port

http://grc.com/portprobe=32764

 

And how long did it take for the internet community as a whole to discover the heartbleed openssl cluster######?  Just because it is open source doesn't mean that the checks&balances will discover every bug.

Link to comment
Share on other sites
Mentor

gohpep

Posted
Posted

And how long did it take for the internet community as a whole to discover the heartbleed openssl cluster####?  Just because it is open source doesn't mean that the checks&balances will discover every bug.

Again, there are other open source solutions other than OpenSSL, like GnuTLS that did not have this vulnerability, besides the Heartbleed was a bug that resulted directly from the heartbeat feature, so it was integrated in the feature, not specifically coded into the program as a backdoor.

Link to comment
Share on other sites
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.