Improve router hygiene to protect against Russian state-sponsored targeting

  • Thread starter Thread starter nitro7
  • Start date Start date

nitro7

Established
You do not have permission to view the full content of this post. Log in or register now..

This one is specific to SNMP. I don't know if consumer (ISP-provided routers) even have the option to enable SNMP. This might make more sense for those running alternative firmware (WRT, etc.) on compatible ones, or using enterprise and even commercial grade routers - Mikrotik, Unifi, Grandstream, etc.

Obviously, there are bigger targets than you, the residential/consumer-level user, but this is a good reminder to be aware of security, and hardening your router against threats. 'tsaka andaming thread dito about häçking your neighbour's WiFi, eh. 😇

Mitigation
  • Disable Cisco Smart Install on all devices [You do not have permission to view the full content of this post. Log in or register now.].
  • Use SNMPv3 with “authPriv” configured to the most modern encryption standard that is supported by the device instead of SNMPv1 or SNMPv2 [You do not have permission to view the full content of this post. Log in or register now.].
  • Use strong, unique passwords for local accounts on network devices and configure credentials to be stored securely to prevent reuse of compromised passwords [You do not have permission to view the full content of this post. Log in or register now.].
  • Monitor and restrict access to SNMP OIDs using a Management Information Base (MIB) allow list [You do not have permission to view the full content of this post. Log in or register now.]. [5] Reference the vendor-specific MIB for the network devices and monitor OIDs for indications of reconnaissance or misconfiguration in logs or intrusion detection systems (IDS). IDS rules should be written for inbound SNMP Set-Requests that contain OIDs targeting sensitive device data [You do not have permission to view the full content of this post. Log in or register now.].
  • Restrict management protocols [You do not have permission to view the full content of this post. Log in or register now.].
  • Update network device software and firmware images, especially to ρá†ch known vulnerabilities, and upgrade end-of-life devices to supported ones.
 

About this Thread

  • 0
    Replies
  • 13
    Views
  • 1
    Participants
Last reply from:
nitro7

Trending Topics

Online now

Members online
1,201
Guests online
4,008
Total visitors
5,209

Forum statistics

Threads
2,288,096
Posts
29,048,991
Members
1,214,912
Latest member
BroChin
Back
Top