•  
  •  
 

Publisher

The Association of Digital Forensics, Security and Law (ADFSL)

Abstract

In theory, an ADSL router can provide an additional layer of security to a wired and wireless network through; access control, wireless encryption, firewall rule sets, and network event logging. An ADSL router may also contain the users’ usage habits and broadband account credentials. However, end-users may be unaware of the intricacies of the security measures available and the potentially confidential information stored on their device. As a result a second hand ADSL router may contain a wealth of user-specific information if not wiped and disposed of in a secure manner. This paper shows the data that was acquired from a selection of second hand ADSL routers purchased during the first quarter of 2011. From the data acquired and analysed, individuals are not removing their personally identifiable information and are leaving confidential data which may lead to detrimental outcomes if misused. The paper also shows that end-user applied security on these devices was alarmingly low. Thus many consumers may fall victim to new and emergent Internet based crimes if the full security capabilities of their ADSL router are not applied

References

ABS. (2010). Internet Activity, Australia, Dec 2010. Retrieved July 8, 2011, from http://www.abs.gov.au/ausstats/abs@.nsf/mf/8153.0/

ATC-NY. (2010). Router Marshal. Retrieved December 29, 2010, from http://routermarshal.atc‐nycorp.com/index.php/about

Australian Government. (2011). What is the National Broadband Network. Retrieved April 22, 2011, from http://www.nbn.gov.au/content/what‐ national‐broadband‐network

Baume, T. (2009). Netcomm NB5 Botnet – PSYB0T 2.5L. Retrieved September 10, 2009, from http://users.adam.com.au/bogaurd/PSYB0T.pdf

Bigpond. (2011). Home Broadband. Retrieved July 8, 2011, from http://go.bigpond.com/broadband/setup/

Bridges, L. (2008). The changing face of malware. Network Security, 2008(1), 17-20. Caloyannides, M. A. (2009). Forensics Is So "Yesterday". Security & Privacy, 7(2), 18-25.

Čeleda, P., Krejčí, R., Vykopal, J., & Drašar, M. (2010). Embedded Malware - An Analysis of the Chuck Norris Botnet Paper presented at the 2010 European Conference on Computer Network Defense (EC2ND), Technische Universität Berlin, Germany.

D-Link. (2011). D-Link Xtreme N Storage Router. Retrieved December 6, 2010, from http://files.dlink.com.au/products/DIR‐685/Datasheet/DIR‐ 685_A1_datasheet_02.pdf

eBay. (2011). Advice for selling mobiles phones sasfely on eBay. Retrieved January 20, 2011, from http://pages.ebay.co.uk/buy/guides/mobile‐phone‐ advice/#1 Gerace, T., &

Cavusoglu, H. (2009). The critical elements of the patch management process. Communications of the ACM, 52(8), 117-121.

Hart, D. (2008). Attitudes and Practices of Students Towards Password Security. Journal of Computer Sciences in Colleges, 23(5), 169-174.

Ibrahim, T., Furnell, S., Papadaki, M., & Clarke, N. (2010). Assessing the Usability of End-User Security Software. Paper presented at the 7th International Conference on Trust, Privacy & Security in Digital Business, University of Deusto, Bilbao, Spain.

Jones, A., Valli, C., & Dabibi, G. (2009). The 2009 Analysis of Information Remaining on USB Storage Devices Offered for Sale on the Second Hand Market. Paper presented at the 7th Australian Digital Forensics Conference, Edith Cowan University, Perth, Western Australia.

Lashkari, A. H., Mansoor, M., & Danesh, A. S. (2009). Wired Equivalent Privacy (WEP) versus Wi-Fi Protected Access (WPA). Paper presented at the 2009 International Conference on Signal Processing Systems, Singapore.

Moscaritolo, M. (2010). Security risk to office equipment disposal. Retrieved April 22, 2011, from http://www.adelaidenow.com.au/business/security‐risk‐ to‐office‐equipment‐disposal/story‐e6fredj3‐1225877502647

Notoatmodjo, G., & Thomborson, C. (2009). Passwords and Perceptions. Paper presented at the 7th Australasian Information Security Conference, Wellington, New Zealand.

OpenWRT. (2010). D-Link DSL G604t ADSL 2/2+ Wireless Router. Retrieved July 9, 2011, from http://wiki.openwrt.org/inbox/dsl‐g604t

QNAP. (2011). QNAP Finder for Windows. Retrieved April 10, 2011, from http://www.qnap.com/download_description.asp?pl=1&p_mn=135&d_id=76 263

Seymour, B. (2010). Drive-by-hackers. Retrieved May 10, 2011, from http://au.todaytonight.yahoo.com/article/7907101/consumer/drive‐hackers

Sinclair, L. (2010). Half of home wi-fi 'can be hacked in under five seconds'. Retrieved March 21, 2011, from http://www.theaustralian.com.au/news/world/half‐of‐home‐wi‐fi‐can‐be‐ hacked‐in‐under‐five‐seconds/story‐fn3dxix6‐1225938812124

Symantec. (2009). Linux.Psybot—Is Your Router Secure? Retrieved March 2, 2010, from http://www.symantec.com/connect/blogs/linuxpsybot‐your‐ router‐secure

Szewczyk, P. (2009a). ADSL Router Forensics Part 2: Acquiring Evidence. Paper presented at the 7th Australian Digital Forensics Conference, Kings Hotel, Perth, Western Australia.

Szewczyk, P. (2009b). ADSL Router Forensics: Methods of Acquisition. Journal of Network Forensics, 1(1), 16-29.

Szewczyk, P., & Furnell, S. (2009). Assessing the online security awareness of Australian Internet users. Paper presented at the 8th Annual Security Conference, Las Vegas, NV.

Szewczyk, P., & Valli, C. (2009). Insecurity by Obscurity: A Review of SoHo Router Literature from a Network Security Perspective. Journal of Digital Forensics, Security and Law, 4(3), 5-16.

Valli, C., & Woodward, A. (2008). The 2008 Australian study of remnant data contained on 2nd hand hard disk: the saga continues. Paper presented at the 6th Australian Digital Forensics Conference, Edith Cowan University, Perth, Western Australia.

Westnet. (2011). Westnet Broadband Hardware. Retrieved July 8, 2011, from http://www.westnet.com.au/hardware‐and‐software/broadband‐ hardware.html

Xynos, K., Harries, S., Sutherland, I., Davies, G., & Blyth, A. (2010). Xbox 360: A digital forensic investigation of the hard disk drive. Digital Investigation, 6(2010), 104-111.

DOI

https://doi.org/10.15394/jdfsl.2011.1098

 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.