A Comparative Study on Home Router Security

Akshat Kumar
2020 International Journal for Research in Applied Science and Engineering Technology  
As we know Routers are vulnerable to attack by the way they are configured. Like having credentials already defined over the internet can allow cyber criminals to compromise our security by the brute force attack. Another major concern is when an attacker use entry point to infiltrate our network. A normal home router contains services such as Dynamic Host Configuration Protocol(DHCP),Domain Name System(DNS),Trivial File Transfer Protocol(TFTP),Telnet and so on but they do not run any
more » ... software such as anti-virus. The more and more use of non-Internet features such as network storage or voice over IP into the routers raises many security concerns. In this research paper, we investigate the issue regarding these cases and importance of these devices to be secured. We conclude by suggesting ways to protect routers from botnets without users interaction, which is possible with the use of ISP, this way while respecting the privacy of the user we can identify what further work needs to be done to the Routers. I. INTRODUCTION A. Motive Behind It Routing devices are a very common devices present in almost every local environment. It is usually provided by Internet Services Provide(ISP) to the customers and is mostly already configured so the user can start the connection as soon as he buys it.The user can connect home environment to the router after configuring the credentials of the router. Mostly no extra configurations are added to the router because either user doesn't want to or he does not have the knowledge to do so or in some cases they are to tired and think it as an extra work to do for no benefit at all . Because of this reason, by default the security which is provided by router is very poor as a wireless router are not configured with encryption by default . A router is always provides with a firewall in order to prevent any unsolicited connection to your computer when it is connected over the Internet . A good and trusted router provides a full protection using the firewall but a bad router have various issues as well as some loop holes present in their firewall. A normal router contains four Ethernet ports which are used for wired connections. Because of the increase in wireless devices the use of the Ethernet port has been decreased. Now some of consumer routers are provided with only one Ethernet port. On the other hands some of the high end router still have four or more Ethernet ports. In order to connect with two different ISPs high end router are provided with multiple ports. For example, one can be connected to the DSL modem and other can be connected to a cable modem. This type of example is applicable for the location having high need of Internet Access. By this the devices are connected to one or another modem even if any of the modem fails. These routers are not only used for the small scale like home network but combining together its provides a large network which is used by large scale industries or corporate environment. Mostly these routers are used by small industries and large firms because they do not want to or can't or even have to send a large amount of money simply on the infrastructure. Like these company not all companies are IT Firms(Information technology) so they do not see the importance of securing these devices . This is no different than a user at home because the router have already have default configuration which seems to work just fine. This papers research is based on the analysis of web interfaces security against different kinds of web based attacks and our special focus would be on the UI redressing attacks as well as cross site scripting. Our main motive is to change important default settings in the router so that we can give a perfect control to the user. After the attacker gains access to the router inside house their is a different kind of senerio we face. The first is that attacker can disguise himself as the middle person and can change the default setting like DNS or IP gateway according to his or her need like he can gain full access to the home network along with all its traffic. Second is that he can make router to reboot itself anytime so you cannot access the internet when needed. Third and the most important of all is that he could built bots using your router.
doi:10.22214/ijraset.2020.5380 fatcat:feehkg5pbbewpgb4qp2b2jf2kq