ROOTED ROUTERS AND PRUDENT USERS
Most of what we’ve covered here will be more of interest to those wanting to defend their services than to home users. It’s hard to give general advice for protecting your home network. We’ve always told users to keep their software updated and to be wary of emails from princes needing somewhere to stash their fortunes. And in general that advice goes a long way—those princes aren’t real, and popular applications are patched quickly. The Linux kernel has second-to-none security processes, even in the face of Spectre and Meltdown vulnerabilities that will be here for a long time.
We put a lot of trust in our home routers, though, and perhaps that’s misplaced. Imagine if all the machines on your network were subject to the same probing and bothering that our honeypot endured over the past few days.
In 2018 a strain of malware dubbed VPNFilter was found to have infected half a million home routers worldwide. While no damage was ever recorded from this attack, the malware had the ability to siphon off traffic, collect personal information, or brick the host router entirely. A domain used as a command and control (CnC) server was seized by the FBI soon after it was discovered, paralysing it. As IPv6 gains adoption, and as more IoT devices are exposed to the internet without appropriate security, this kind of attack will become more prevalent.