There is an interesting article over on SANS Internet Storm today – Johannes Ullrich has been tracking some public vulnerabilities in D-Link and Netgear devices that are not mentioned on the vendor pages and for many there are no patches available:
What’s the deal with these router vulnerabilities? – SANS Internet Storm Centre
Johannes suggests changing your router to a better supported device – he suggests OPNSense and PFSense both of which we have used but are probably not an option for smaller organisations lacking dedicated IT support. One of the most popular devices we use and recommend is a suitable router from the Draytrek range.
Clive Catton MSc (Cyber Security) – by-line and other articles
My advice: Either you or your IT support need to check whether these issues impact your systems. You need to have a master document that details your systems, hardware, software, online, networks, back-ups, suppliers etc – so when cyber security (or operational) issues arise you and your support teams can quickly check if you are affected. From there you can take fast, effective action.
