After reading about the recent surge in Linksys router port scans, I'm concerned that our home users may have vulnerable...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
devices through which they're connecting to the enterprise network. Are port-scanning surges alone a cause for concern? Do you have any suggestions to mitigate the risk?
Any enterprise that has home users has increased information security risks. The latest findings about Linksys routers being vulnerable to remote attacks is certainly part of the equation. The last thing enterprises need is for users to connect to the corporate environment or expose confidential login credentials from a network that has been breached.
The surge in router port scanning alone isn't necessarily problematic. What matters here is whether the devices themselves are vulnerable. If you're not sure, enterprises should scan employees' IP addresses using a tool like the free SoftPerfect Network Scanner from the office. (Note: Be sure to have employees go to whatismyip.com or a similar site to determine their current IP address so you don't scan someone else.) Users can also run ShieldsUP from their home computers. Alternately, enterprises could run a deeper vulnerability scan using a tool such as Nexpose or LanGuard. If you see questionable ports that are open or related vulnerabilities, you'll know you need to dig in further.
The good news is that many of these routers are hidden behind cable and DSL modems that lessen the issue, providing at least one layer of protection between the router and the open Internet. However, the exploit could get ugly not only for your users but for your enterprise as a whole. While you won't know until you get more information, enterprises would be wise to ask employees to provide the make and model of their home networking equipment. Test it and have them upgrade (or replace) the devices if needed. I wouldn't necessarily recommend this to users, but there are third-party firmware versions enterprises can install such as OpenWrt to resolve the issue.
Ask the Expert!
Perplexed about network security? Send your network security-related questions today! (All questions are anonymous.)
Related Q&A from Kevin Beaver
When replacing an email security gateway, should a Web security gateway be used or another email gateway? Expert Kevin Beaver explains.continue reading
Expert Kevin Beaver explains how organizations should address end-of-software development dates, and what they ultimately mean to enterprise security.continue reading
Are read-only domain controllers a more secure option for setting up domain services in a DMZ than using a separate domain? Expert Kevin Beaver ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.