Web admin access to home router

Jones, Scott (GE Money, consultant) Scott.1Jones at ge.com
Fri Apr 17 14:47:26 MDT 2009


> Here's my question: If I can access the router remotely, then I should

> fairly easily get access to my server box established, is this
correct?

Yes, enabling remote management has that great benefit.  You can change
port forwards on the fly from any location.

> The other question: Is it even adviseable to allow web access or is 
> that asking for trouble? How hackable is a router, in the face of a 
> determined hacker?

Yes, this is the drawback of remote management.  Increased usability
often comes with reduced security.  A determined hacker could, in
theory, attempt to brute force your router's password to get access to
your internal network.  I haven't heard any reports of this being a
common occurrence, but it would be a very smart thing to program a bot
army to do this.  So you might want to think about that before enabling
it.

Lonnie: 

Let's say I can get things set up so that ssh works, both to my server
box inside my home network, AND to the router. Should I open up ssh to
the router? I believe that is another access point. Is it any safer than
just web access to the router's web interface? Or is that just as
insecure, in face of a brute force attempt? 


--lonnie

/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/



More information about the PLUG mailing list