Small Office Home (SOHO) routers are widespread network devices that are used by millions of users all over the world. A SOHO router is typically a single point of ingress to a local home or small office network and although it is called a router, it provides much more functionality then just routing. It serves as a DHCP server, Network Address Translator (NAT), firewall, wireless hotspot, etc. Besides these features it supports multiple services, e.g. HTTP(s), Telnet, FTP and UPnP. The rich service and feature sets come at a significant cost to security and they are source of multiple security issues.
Besides the problems that originate in the typical design and implementation of SOHO routers, manufacturers’ approach to security has also negative impact. They are trying to make the initial set up and usage of the devices as simple as possible and to reach that they often omit security mechanisms. Besides this, software updates for home devices that would patch found vulnerabilities are not being released often enough and moreover, most end users do not have sufficient technical skills to install them themselves. Security of SOHO routers is often underestimated by both manufacturers and end users and should be paid more attention.
The goal of the article is to analyse security risks of SOHO routers and to describe vulnerabilities that are caused by them. Using a proposed methodology and tools the article evaluates security of several devices that are supplied by Internet Service Providers (ISP) in the US. In the second chapter the security problems of SOHO routers are analysed. According to a technical report published by Independent Security Evaluators (ISE) these problems can be divided into four basic categories and the thesis discusses them all.
The third chapter covers categorization of vulnerabilities of SOHO routers. The categorization in this field is not steady and distinct papers and technical reports on security of home devices use different categories. For the purpose of the thesis categorization according to MITRE Corporation is used. MITRE assigns a unique CWE (Common Weakness Enumeration) identifier to each vulnerability category. The thesis focuses on a few categories that are the most common ones in the field and can have the most serious consequences.
In the fourth chapter security of several SOHO routers is evaluated. All ports of different devices were scanned using the Nmap tool from both LAN and WAN side. Resistance to denial of service attack was tested using the Slowloris tool that floods the device with incomplete HTTP requests and can cause overload of the web server. The web interfaces of the routers were checked for vulnerabilities using the tools Nikto, w3af, Nessus and Revok.
The thesis analyzes security issues originating in the typical design and implementation of SOHO routers. An audit methodology was proposed and it was used together with the chosen tools to evaluate security of several devices. The thesis focuses only on the most common vulnerability categories and in the future it would be contributing to discuss more categories and cover security of SOHO routers from a larger scope.