Guest networks on routers are not as safe as they claim to be

Guest networks on routers are not as safe as they claim to be

Security researchers at the Ben-Gurion University of the Negev in Israel have discovered that a router's guest networking feature is not as safe as it seems.

Most routers have this feature, which allows a user to create a separate network for guests (hence the name).

This allows guests to connect to the router and enjoy an Internet connection but restricts them from accessing a user's private network, which might contain computers or NAS systems.

"All of the routers we surveyed regardless of brand or price point were vulnerable to at least some cross-network communication once we used specially crafted network packets. A hardware-based solution seems to be the safest approach to guaranteeing isolation between secure and non-secure network devices," as mentioned by the researchers.

They found that as long as the router hosted two networks, some level of cross-router covert channels exist and these can be exploited to steal data or to plant a malicious bug.

They also said that while some of these cross-channel communication can be patched with firmware updates, more pervasive ones are impossible to prevent and recommend that guest networks be hosted on different hardware.

In other words, what they are recommending is that you either disable guest networks on your router or host your guest network on a separate router.

This article was first published in Hardware Zone.

This website is best viewed using the latest versions of web browsers.