Millions Linksys and Netgear other routers and IoT devices are vulnerable to DNS poisoning
Click here to post a comment for Millions Linksys and Netgear other routers and IoT devices are vulnerable to DNS poisoning on our message forum
TheDeeGee
Still using a Netgear R7000 Nighthawk, it's running Xwrt-Vortex.
anticupidon
The S in the IoT stands for security.
Sarcasm aside, hope that a patch will be released soon.
Sylwester Zarębski
OpenWRT is not using uClibc/uClibc-ng since 2015: https://forum.openwrt.org/t/nozomi-dns-poisoning-bug-affects-openwrt/126768
Mufflore
I manually configure DNS on my network adapters.
Only needs to be done once.
Venix
Ub3rslay3r
Venix
AuerX
So, if one really isnt a network enthusiast/pro, how does one protect things from this?
Asking for a friend.
Mufflore
Ub3rslay3r
https://www.kb.cert.org/vuls/id/473698
If you really want to go for it, you can set-up your own DNS server, and ensure it doesn't use the affected libraries, but that opens up a lot of other possible issues and vulnerabilities, so I don't recommend it for individuals.
Basically what Mufflore said. Also, make sure your devices use the firewalls built into them whenever possible. Thankfully, most reputable manufacturers will update the firmware on their devices to patch issues like this fairly quickly, so also be sure to watch for firmware updates. If you want to keep an eye on the list of vulnerable devices as it's updated, check this when you can: