Presented by

  • Sachi King

    Sachi King
    @nakatoio

    Sachi is employed as a Systems Engineer, currently focusing on the stability of clustered container and data storage hosts. She has a history as an OpenStack developer and operator. She was also part of the linux.conf.au 2018 core team.

Abstract

Router Rooting and the Secrets of Their Daemons. Modems and routers are a ubiquitous part of many peoples lives, and over time these devices have evolved to be more and more user friendly. Internet Service Providers (ISP) no-longer simply provide a modem, they now provide modem-router combo devices, and they manage the whole device. A user is expected to be able to plug the device in, wait a few days for the ISP to connect it, then never have to think about it again. This makes routers part of the Internet of Things, but what does this mean for router security, your network, and how the router is configured? It is becoming harder to gain root access to consumer routers over the network, but this might not actually mark a positive trend in actual security for the devices. We'll be looking at an ISP provided router, its (ob)security, what been done right, where it has gone wrong, and what exactly is running on it. As a bonus, we'll compare this to a consumer bought device with it's manufacturer daemons.