There is a recent spate of news surrounding the vulnerabilities that have been found in wireless routers and access points made by popular manufacturers such as Netgear, Linksys/Cisco and others. The most recent center on remote access and control via port 32764. A detailed article on this issue and two others that have come to light lately can be found on Computerworld.
There is a quick and easy way to check your wireless device for this flaw. First get your router’s IP address by going to www.whatismyip.com.
Then go to ShieldsUp at https://www.grc.com/x/portprobe=32764 and enter your IP address. If you see the following information, who are ok.
To check it from inside your local area network (LAN), enter the router address this way. Your router’s IP address may be different than the example. You might find it by running IPCONFIG from the command prompt and looking for the Default Gateway address. It should look something like 192.168.1.1, 192.168.0.254, 10.0.10.1.
To confirm this is your wireless router, open a browser and http:// and whatever the IP address for the gateway is. You should be presented with a password box requesting your user ID and password for the router.
Then add :32764 to the address and hit enter. Example: http://192.168.1.1:32764. If you get no response, that’s a good sign. If you get errors such as what follows, this indicates your router is safe from this exploit.
- The webpage cannot be displayed
- This web page is not available
- Unable to connect
- The connection has timed out
- The server is taking too long to respond
- Cannot open the page
On the other hand, if you can access your network this way, will need to get into the setting for your router and block this and other unnecessary open ports. You may want to find a computer tech to help you with this; if you block the wrong ports, it can cause you to have problems accessing the Internet. Leaving this and other ports open on your router can allow attackers to access your network and steal your user IDs, passwords, online shopping and online banking information. And you certainly don’t want to allow that!
ShareJAN
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com