Linksys Router Security Flaw Reported
Brady & Associates, LLC. Firewall Reporting Tools
Linksys Router Security Alert!
Recently, it has come to the attention of the media that another type of DDOS (distributed denial of service) attack is occurring on the Internet. The new attack has been dubbed mDDOS or miniature denial of service. These attacks are small enough to get under the radar of an ISP and deny service to individual computer users to deprive them of access to the Internet. This is of particular concern to small businesses who perform a majority of their transactions online.
The key to maximizing the likelihood that you will not become a victim of a mDDOS is to ensure your IP address is not being detected by port scanners and mDDOS scripts. While many people now run personal firewall software on their computers, such as BlackICE or ZoneAlarm, thereby isolating the ports on their computers, there is apparently another vulnerability that can kill your internet access.
Many Internet users today have small networks in their businesses and homes which rely on the use of the Linksys line of broadband routers and gateways. Arguably, the most popular brand available.
Unfortunately, the default settings for the router leave it vulnerable to an mDDOS attack as not all ports are ‘stealthed’. In particular, port 113 or the IDENT port.
This port used to be used by IRC servers to determine whether or not an actual connection is being made between your computer and the IRC server, however in recent years this practice has become virtually non-existent.
To keep the IP address of your Linksys router from being detected on the Internet you need to manually ‘stealth’ port 113. If you go to www.grc.com and use their Shields Up! port scanning tools you will probably find port 113 return a CLOSED state as opposed to a STEALTH state.