Sign In

Communications of the ACM

ACM News

Web Attack Knows Where You Live

Ethernet hub

The attack exploits the way routers handle requests for ID information.

Credit: Picture Nation

One visit to a booby-trapped Web site could direct attackers to a person's home, a security expert has shown.

The attack, thought up by hacker Samy Kamkar, exploits shortcomings in many routers to find out a key identification number.

It uses this number and widely available net tools to find out where a router is located.

Demonstrating the attack, Mr Kamkar located one router to within nine meters of its real-world position.

Many people go online via a router and typically only the computer directly connected to the device can interrogate it for ID information.

However, Mr Kamkar found a way to booby-trap a Web page via a browser so the request for the ID information looks like it is coming from the PC on which that page is being viewed.

From BBC News
View Full Article


No entries found