|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Web hijacking by router - a new method of advertisement by Belkin
May be they simply flag your router to not redirect to any web site, but the router still goes every x hours to their site to verify the current redirect status of your product. This wouldn't require admin privileges on your box to be done... but could make every router with such firmware DoS'able; just blackhole the Belkin site and every such request would need to timeout before the router resumes normal behaviour. Rubens ----- Original Message ----- From: "Steven M. Bellovin" <[email protected]> To: <[email protected]> Cc: <[email protected]> Sent: Saturday, November 08, 2003 11:44 AM Subject: Re: Web hijacking by router - a new method of advertisement by Belkin > > In message <[email protected]>, [email protected] > an.net writes: > > > >Would be interesting to see if their current advertisement (every 8 hours) > >page would now be replaced with "We're so sorry that you're seeing this > >page, please make sure to download our latest patch so your router never > >bother you again and would keep us out of legal trouble" message... > > The Belkin posting reproduced on Slashdot indicates that when you > unsubscribe via their Web page, it modifies the configuration of your > router. Say, what? There are ways in which an external Web server can > change things on my box? How is that secured? I can think of lots of > bad answers to that question, and not very many good ones. > > --Steve Bellovin, http://www.research.att.com/~smb > > >
|