Your Router May Be One Of the 120,000 Vulnerable Australian Routers.



Are you having problems with the home internet speed and with surprisingly high internet bills?

Maybe your router is one of the 120,000 used by Australians that is vulnerable to a new type of scam being leveraged by criminals who use them to launch cyber attacks.

The IT security firm Nominum discovered that as many as 24 million routers around the world are affected by a simple configuration issue that hackers can leverage.

The results of these hackers’ attacks are slowed internet speed and potential rise in the internet bills. The reason is that, through various techniques, small DNS query are turned into a much larger payload directed at the target network. The attacker composes a DNS request message of approximately 60 bytes to trigger delivery of a response message of approximately 4000 bytes to the target. The resulting amplification factor, approximately 70:1, significantly increases the volume of traffic the target receives, accelerating the rate at which the target's resources will be depleted. This is what is known as a distributed-denial-of-service (DDoS) system amplification attack.

Bruce Van Nice, a director at Nominum says “"People may see that their internet service starts to slow down either because their access connection is congested with traffic or because their home gateway is busy proxying these queries and forwarding huge answers back to a target. But they have no idea that their home router is potentially being bombarded with [these] queries.''

DNS amplification is one of the more popular attack types.  It's hard to defend against DDoS attacks. There are actually two separate issues: keeping your network from being attacked by others and hardening your machines so they can't be compromised and used in attacks.

The first step is to protect your own network against being attacked. This is hard to do, since any network is vulnerable to being overloaded by seemingly-legitimate traffic. Turning on ingress filtering will help screen out junk packets. In addition, there are a number of settings that you can adjust to harden it against common attacks. Here's what to do:

  1. Go to Microsoft's security bulletin site. Download all the pertinent patches that you don't already have installed.
  2. Configure your firewall to block traffic on any port you don't actually need.
  3. Review the TCP/IP hardening settings described in " Security Considerations for Network Attacks ". Apply them to any server which is exposed directly to the Internet.

Unfortunately, protecting your machines against attacks can be difficult because attackers keep changing their modus operandi. It's simpler to prevent your computers from becoming zombies and contributing to the DDoS problem.

For more information on how to protect your machine visit our website or contact us.

Feel free to contact us


If you are looking for a trustworthy Managed IT Service Provider, you have come to the right place.


Our Partners 

lenovo partner
autotask partner
avg partner
storagecraft partner
vmware partner
pacnet partner
office 365 partner
webroot partner
cisco partner
microsoft partner
malwarebytes partner
business partner hp
business partner hp
Go to top