The ADSL Router Forensics Process

In 2010 the number of threats targeting ADSL routers is continually increasing. New and emergent threats have been developed to bypass authentication processes and obtain admin privileges directly to the device. As a result many malicious attempts are being made to alter the configuration data and make the device subsequently vulnerable. This paper discusses the non-invasive digital forensics approach into extracting evidence from ADSL routers. Specifically it validates an identified digital forensic process of acquisition. The paper then discusses how the approach may be utilised to extract configuration data ever after a device has been compromised to the point where a lock-out state has been initiated

Analysis of Data Remaining on Second Hand ADSL Routers

In theory, an ADSL router can provide an additional layer of security to a wired and wireless network through; access control, wireless encryption, firewall rule sets, and network event logging. An ADSL router may also contain the users’ usage habits and broadband account credentials. However, end-users may be unaware of the intricacies of the security measures available and the potentially confidential information stored on their device. As a result a second hand ADSL router may contain a wealth of user-specific information if not wiped and disposed of in a secure manner. This paper shows the data that was acquired from a selection of second hand ADSL routers purchased during the first quarter of 2011. From the data acquired and analyzed, individuals are not removing their personally identifiable information and are leaving confidential data which may lead to detrimental outcomes if misused. The paper also shows that end-user applied security on these devices was alarmingly low. Thus many consumers may fall victim to new and emergent Internet based crimes if the full security capabilities of their ADSL router are not applie

ADSL Router Forensics Part 2: Acquiring Evidence

The demand for high-speed Internet access is escalating high sales of ADSL routers. In-turn this has prompted individuals to attack and exploit the vulnerabilities in these devices. To respond to these threats, methods of acquisition and analysis are needed. The configuration data provides a wealth of information into the current state of the device. Hence, this data may be used to identify and interpret unlawful ways in which the device was used. This paper is centres around an empirical learning approach identifying techniques to address the device’s acquirable limitations taking into consideration that the owner may not willingly present login credentials to directly access the device. This paper demonstrates a procedural method of obtaining data of interest from ADSL routers. It further elaborates on the methods by detailing how to extract and understand this configuration data

ADSL Router Forensics Part 2: Acquiring Evidence

The demand for high-speed Internet access is escalating high sales of ADSL routers. In-turn this has prompted individuals to attack and exploit the vulnerabilities in these devices. To respond to these threats, methods of acquisition and analysis are needed. The configuration data provides a wealth of information into the current state of the device. Hence, this data may be used to identify and interpret unlawful ways in which the device was used. This paper is centres around an empirical learning approach identifying techniques to address the device’s acquirable limitations taking into consideration that the owner may not willingly present login credentials to directly access the device. This paper demonstrates a procedural method of obtaining data of interest from ADSL routers. It further elaborates on the methods by detailing how to extract and understand this configuration data

Analysis of Data Remaining on Second Hand ADSL Routers

In theory, an ADSL router can provide an additional layer of security to a wired and wireless network through; access control, wireless encryption, firewall rule sets, and network event logging. An ADSL router may also contain the users’ usage habits and broadband account credentials. However, end-users may be unaware of the intricacies of the security measures available and the potentially confidential information stored on their device. As a result a second hand ADSL router may contain a wealth of user-specific information if not wiped and disposed of in a secure manner. This paper shows the data that was acquired from a selection of second hand ADSL routers purchased during the first quarter of 2011. From the data acquired and analysed, individuals are not removing their personally identifiable information and are leaving confidential data which may lead to detrimental outcomes if misused. The paper also shows that end-user applied security on these devices was alarmingly low. Thus many consumers may fall victim to new and emergent Internet based crimes if the full security capabilities of their ADSL router are not applie

Usability and security support offered through ADSL router user manuals

ADSL routers are often used as either the target or the means for cyber crime. Many ADSL router threats could be mitigated through the effective use of inbuilt security controls and firmware updates available from vendors. Unfortunately, end‐users typically lack the technical expertise to correctly configure and secure the device. Subsequently, end‐users are reliant on well documented procedures provided by vendors in their user manuals and quick start guides. This study investigates the usability and security recommendations and encouragements put forth by vendors in their user manuals. The study demonstrates that user manual usability does not conform to ideal technical publication practices. In addition, end‐users are typically not encouraged to utilise the in‐built security features and in a few instances are actually deterred from securing their ADSL router

ADSL router forensics part 1: An introduction to a new source of electronic evidence

Currently there appears to be a lack of research in the area of developing tools, testing methodologies, and creating standards for ADSL router forensics. The paper examines a wide range of literature and introduces the concept of ADSL router forensics as a new and potential field of research for digital forensics investigators. It begins by examining why there is a need for router forensics by detailing some of the more common threats which consumers may experience while online. An outline will be provided discussing the feasibility, limitations and potential risks of router forensics. The paper will then examine one possible avenue for undertaking router forensics and how this applies to the Linksys WRT54g and finally portrays where the research will continue to hereafter

ADSL router forensics part 1: An introduction to a new source of electronic evidence

Currently there appears to be a lack of research in the area of developing tools, testing methodologies, and creating standards for ADSL router forensics. The paper examines a wide range of literature and introduces the concept of ADSL router forensics as a new and potential field of research for digital forensics investigators. It begins by examining why there is a need for router forensics by detailing some of the more common threats which consumers may experience while online. An outline will be provided discussing the feasibility, limitations and potential risks of router forensics. The paper will then examine one possible avenue for undertaking router forensics and how this applies to the Linksys WRT54g and finally portrays where the research will continue to hereafter

Usability and Security Support Offered Through ADSL Router User Manuals

ADSL routers are often used as either the target or the means for cyber crime. Many ADSL router threats could be mitigated through the effective use of inbuilt security controls and firmware updates available from vendors. Unfortunately, end‐users typically lack the technical expertise to correctly configure and secure the device. Subsequently, end‐users are reliant on well documented procedures provided by vendors in their user manuals and quick start guides. This study investigates the usability and security recommendations and encouragements put forth by vendors in their user manuals. The study demonstrates that user manual usability does not conform to ideal technical publication practices. In addition, end‐users are typically not encouraged to utilise the in‐built security features and in a few instances are actually deterred from securing their ADSL router

Ignorant Experts: Computer and Network Security Support From Internet Service Providers

The paper examines the advice and support provided by seven major Internet Service Providers in Australia through late 2009 and early 2010 in relation to computer and network security. Previous research has indicated that many end-users will attempt to utilise the support provided by Internet Service Providers as a simple and effective method by which to obtain key information in regards to computer security. This paper demonstrates that in many cases the individuals working at the help desk are either reluctant to provide IT security support or have insufficient skill to provide the correct information