Mudcat Café message #1970389

The Mudcat Café ^TM
Thread #98389 Message #1970389
Posted By: JohnInKansas
17-Feb-07 - 01:38 AM
Thread Name: Tech: Grumble.. Windows Internet Explorer 7
Subject: RE: Tech: Grumble.. Windows Internet Explorer 7

On the subject of changing passwords:

IF YOU HAVE A ROUTER in your system, it directs your internet connection to a specific DNS Server site to translate the "common names" you use (website URLs) into the numerical addresses that the internet actually uses.

Researchers at Symantec and Indiana University have found, and have published, a method whereby a malicious website that you visit can change the "DNS Server" you expect to go to, substituting their own fake server, which can then send you to a fake site that looks exactly like your own bank or other place where you might enter personal data.

Merely visiting the site is sufficient. They DO NOT HAVE TO TRICK YOU INTO CLICKING ON ANYTHING once you've connected.

There have been no reports, as yet, of anyone using this method; but now that it's been reported it may be expected that someone will try to use it.

Normal Antivirus, Antispyware, and Antiphishing programs do not appear to be able to detect or to block this particular method.

There is, however, a very simple fix. The method requires that they know the password to get into your router to make the change. All routers come with a default password, and if you haven't changed yours, they know what it is.

If you CHANGE YOUR ROUTER PASSWORD to a secure one of your own, this pharming method should be completely disabled. (Just be sure that you record your new password in a secure place. Type it into a graphics program and save it as a .jpg if you must leave it on your machine?)

If you don't know the default password for your own router, you can go to Router Passwords to get it, just as easily as the criminals could.

The "discoverer's" explanation of this vulnerability is at:

Zulfikar Ramzan's explanation (at Symantec).

A brief "news flash" is at Change Your Router Password NOW!

Note that if you have a WIRELESS network or access, you probably have a separate password for access to network functions, which also has a default that you need to change. The password affected here is the one to access the innards of the router, and probably is a different one.

CHANGE ALL DEFAULT PASSWORDS that come with your equipment.

John