After reading about the recent surge in Linksys router port scans, I'm concerned that our home users may have vulnerable...
devices through which they're connecting to the enterprise network. Are port-scanning surges alone a cause for concern? Do you have any suggestions to mitigate the risk?
Any enterprise that has home users has increased information security risks. The latest findings about Linksys routers being vulnerable to remote attacks is certainly part of the equation. The last thing enterprises need is for users to connect to the corporate environment or expose confidential login credentials from a network that has been breached.
The surge in router port scanning alone isn't necessarily problematic. What matters here is whether the devices themselves are vulnerable. If you're not sure, enterprises should scan employees' IP addresses using a tool like the free SoftPerfect Network Scanner from the office. (Note: Be sure to have employees go to whatismyip.com or a similar site to determine their current IP address so you don't scan someone else.) Users can also run ShieldsUP from their home computers. Alternately, enterprises could run a deeper vulnerability scan using a tool such as Nexpose or LanGuard. If you see questionable ports that are open or related vulnerabilities, you'll know you need to dig in further.
The good news is that many of these routers are hidden behind cable and DSL modems that lessen the issue, providing at least one layer of protection between the router and the open Internet. However, the exploit could get ugly not only for your users but for your enterprise as a whole. While you won't know until you get more information, enterprises would be wise to ask employees to provide the make and model of their home networking equipment. Test it and have them upgrade (or replace) the devices if needed. I wouldn't necessarily recommend this to users, but there are third-party firmware versions enterprises can install such as OpenWrt to resolve the issue.
Ask the Expert!
Perplexed about network security? Send your network security-related questions today! (All questions are anonymous.)
Dig Deeper on Network Intrusion Prevention (IPS)
Related Q&A from Kevin Beaver
How do self-healing networks function? Expert Kevin Beaver looks at the benefits such a network has to offer, as well as the key concepts ...continue reading
While there are numerous security benefits to a DNSSEC implementation, there are drawbacks as well. Expert Kevin Beaver explains.continue reading
The benefits of the OpenDaylight SDN platform are promising, but what about the recent Netdump flaw it experienced? Expert Kevin Beaver discusses why...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.