After reading about the recent surge in Linksys router port scans, I'm concerned that our home users may have vulnerable...
devices through which they're connecting to the enterprise network. Are port-scanning surges alone a cause for concern? Do you have any suggestions to mitigate the risk?
Any enterprise that has home users has increased information security risks. The latest findings about Linksys routers being vulnerable to remote attacks is certainly part of the equation. The last thing enterprises need is for users to connect to the corporate environment or expose confidential login credentials from a network that has been breached.
The surge in router port scanning alone isn't necessarily problematic. What matters here is whether the devices themselves are vulnerable. If you're not sure, enterprises should scan employees' IP addresses using a tool like the free SoftPerfect Network Scanner from the office. (Note: Be sure to have employees go to whatismyip.com or a similar site to determine their current IP address so you don't scan someone else.) Users can also run ShieldsUP from their home computers. Alternately, enterprises could run a deeper vulnerability scan using a tool such as Nexpose or LanGuard. If you see questionable ports that are open or related vulnerabilities, you'll know you need to dig in further.
The good news is that many of these routers are hidden behind cable and DSL modems that lessen the issue, providing at least one layer of protection between the router and the open Internet. However, the exploit could get ugly not only for your users but for your enterprise as a whole. While you won't know until you get more information, enterprises would be wise to ask employees to provide the make and model of their home networking equipment. Test it and have them upgrade (or replace) the devices if needed. I wouldn't necessarily recommend this to users, but there are third-party firmware versions enterprises can install such as OpenWrt to resolve the issue.
Ask the Expert!
Perplexed about network security? Send your network security-related questions today! (All questions are anonymous.)
Related Q&A from Kevin Beaver
Mobile devices are coming enabled for VoLTE for voice and video calling, but what are the risks? Network security expert Kevin Beaver explains.continue reading
The Border Router Security Tool aims to improve router security to boost Internet safety. Expert Kevin Beaver explains its place in the enterprise.continue reading
False positive security alerts are troublesome, costly and time-consuming. Expert Kevin Beaver explains how to reduce the number of false positivescontinue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.