I read that certain Wi-Fi routers can potentially contain backdoors that make them vulnerable to remote attacks....
Are there any reliable ways to know if our gear is vulnerable?
There's been quite a bit of new research in this area recently that points to wireless routers containing backdoors. Apparently equipment from Netgear to D-Link to the seemingly unthinkable Cisco are all vulnerable to these basic backdoor attacks.
So how do you know if your system is vulnerable? You can do your own testing with vulnerability scanners (network/OS such as Nexpose or QualysGuard, and Web such as Netsparker or NTOSpider) to check for susceptibility on your router(s). You could also connect a network analyzer such as OmniPeek or CommView for Wi-Fi to your wireless routers and monitor for odd behavior such as disallowed protocols and workstations generating an enormous amount of traffic.
If you're technical enough, you could also do your own packet poking and prodding like researchers do. The real question becomes: Where are these routers located in your enterprise? If they're directly accessible over the Internet, then why? If you have a reasonable guest wireless configuration and have such routers connected to a dedicated DSL or similar connection that's completely disconnected from your business network, then it may not be an issue at all. However, if you've placed these routers behind your firewall, you could be opening your entire network up to people outside your four walls. Only you will know.
As far as finding out whether your systems are vulnerable, you could reach out to vendors directly, look at the links above or do your own Internet searches specific to your router model numbers to see if there's a known problem and/or solution. However, I'm not convinced that manufacturers are not complicit in these backdoors. I hope they're not and that they're as trusting (ignorant?) about all of this as the general public is.
Ask the Expert!
Want to ask Kevin Beaver a question about network security? Submit your question now via email! (All questions are anonymous.)
Dig Deeper on Network device security: Appliances, firewalls and switches
Related Q&A from Kevin Beaver
Android Oreo replaced the allow unknown sources setting with a new feature that enables users to selectively install unknown apps. Kevin Beaver ... Continue Reading
Equifax's Apache Struts vulnerability was an example of a scan not being read correctly. Kevin Beaver explains vulnerability scans and how issues can... Continue Reading
Several vulnerabilities were recently discovered in Android bootloaders via the BootStomp tool. Kevin Beaver explains how they work and what risk ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.