With embedded devices permeating today's home networks, they have begun to attract a
higher level of scrutiny from the security community than in previous years. In particular, the
members of GNUCitizen have been relentlessly testing routers and wireless access points. Their
discovery of multiple vulnerabilities in the BT Home Hub router affected a wide range of home
networks in the UK [1], and their Router Hacking Challenge prompted a flurry of vulnerability
reports against a variety of popular home routers, including the venerable Linksys WRT54G [2].
Specific vulnerabilities in home routers range from traditional Web attacks, such as XSS and CSRF,
to authentication bypass attacks and buffer overflows; it is assumed that the reader has at least a
passing knowledge of the attacks described in this paper.
The purpose of this paper is to outline the security measures being taken by vendors to
prevent such attacks in their home routing products, what those security measures accomplish, and
where they fall short. We will use existing network tools to examine common vulnerabilities in a
range of popular devices and demonstrate weaknesses in the security of those devices; additionally,
we will examine common trends in security measures that have been duplicated across vendors, and
examine how those trends help and hinder the security of their devices. In particular, we will
examine the following home routers, which are some of the latest offerings from their respective
vendors at the time of this writing:
- Linksys WRT160N
- D-Link DIR-615
- Belkin F5D8233-4v3
- ActionTec MI424-WR
