Two Common Router Security Threats

Syn Flood or Denial of Service Attack

Syn Flood attacks, often referred to as Denial of Service Attacks are caused through exploitation of the TCP protocol. The attacker sends a large number of TCP/SYN packets using a forged address. Because of this, the destination server is unable to successfully establish a proper connection due to the source being unreachable. Lawrence (n.d.). Each time the server attempts to establish a connection, resources are used up with the flooding of packets causing eventual slow down or non-responsiveness.

There are different methods that can be used to mitigate these types of attacks. One common mitigation strategy is called blackholing, where the service provider diverts all traffic into a ‘black hole’ in an effort to save resources. Cisco (2014). The problem with this strategy is that legitimate packets are also lost in the process. Access Control Lists is another method to control incoming traffic as well as firewalls. In their paper, Ioannidis & Bellovin (2002) discussed the implementation of Pushback, a process where functionality is added to each router to detect and preferentially drop packets that ‘probably’ belong to an attack.

You might also like:
Remote Access Trojans

Brute Force

Brute force attacks can occur when routers are subjected to an attacker attempting to guess the password and gain unauthorized access. These types of attacks can be used in conjunction with automated guessing tools and dictionary methods in order to attempt to crack the password.

There are several methods for defending against brute force attacks. Lockouts can be used to prevent too many password retries. Drawbacks of lockouts however include potential denial of service, diversion tactics by the attackers, and overall inefficiency. Better ways to deal with these types of attacks include injecting random pauses between retries, sending success HTTP 200 success codes to confuse the attacker instead of the typical 401, and better use of security or secret questions. System Administration Database (2007).

References:

System Administration Database. (2007) Blocking Brute Force Attacks. Retrieved from: http://www.cs.virginia.edu/~csadmin/gen_support/brute_force.php

Lawrence, M. (n.d.) Types of Attacks on Routers. Studio D. Retreived from: http://smallbusiness.chron.com/types-attacks-routers-71576.html

Cisco (2014). Defeating DDOS Attacks. Retrieved from: http://www.cisco.com/c/en/us/products/collateral/security/traffic-anomaly-detector-xt-5600a/prod_white_paper0900aecd8011e927.html

Ioannidis, J., & Bellovin, S. M., (2002). Implementing Pushback: Router-Based Defense Against DDoS Attacks. Retrieved from http://www.thefengs.com/wuchang/courses/cse5xx_OGI/cse581_winter2002/papers/pushback-impl.pdf

Image Credits: Photo by Isis França on Unsplash.

Series Navigation<< What are Rogue Access Points?Modern Application Frameworks, Legacy Browsers and Security Implications >>

More Similar Posts

3
Leave a Reply

avatar
3 Comment threads
0 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
3 Comment authors
facebookFACEBOOKcanon printer offline windows 10 Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
canon printer offline windows 10
Guest
canon printer offline windows 10

There are many security risks in a router which will lead to a great problem for the users. You must always protect your router with WPA 2 connection so that it becomes impossible for hacking.

FACEBOOK
Guest
FACEBOOK

Nowadays, everyone wants to keep their documents safely in DESKTOP or LAPTOP. Due to spamming issues like desktop security router security also very important. This is a very good blog to defending Brute force attacks. Here is lots of solution to get rid of from these issues.

facebook
Guest
facebook

Router security is of great concern nowadays as the digital era is growing day by day but as we know with the growth of the digital era some hackers are there to inflict harm upon our system. One of these threats is the brute-force attack which is an algorithm where random passwords were entered and password can be cracked by guessing method.

Menu
Share via
Copy link