Taiwanese firm says flaw could allow hackers to access administrative settings

Router manufacturer D-Link Corp. today admitted that some of its routers have a vulnerability that could allow hackers access to a device's administrative settings. The Taipei, Taiwan-based form said that it has issued patches to fix the flaws.

According to a Jan. 9 blog post from SourceSec Security Research, some D-Link routers have an insecure implementation of the Home Network Administration Protocol (HNAP), which could allow an unauthorized person to change a router's settings.

SourceSec published a proof-of-concept software tool called HNAP0wn that would enable the hack -- a move that D-Link criticized.

"By publicizing their tool and giving specific instructions, the authors of the report have publicly outlined how the security can be breached, which could have had serious repercussions for our customers," D-Link said in a statement.

D-Link said it only appeared possible to hack the routers using the software tool and not just with stand-alone code.

D-Link and SourceSec differed over which models were vulnerable. SourceSec wrote that it suspected that all D-Link routers made since 2006 with HNAP support were affected, but they said they had not tested all of them.

D-Link said the models affected are the DIR-855 (version A2), DIR-655 (versions A1 to A4) and DIR-635 (version B). Three discontinued models -- DIR-615 (versions B1, B2 and B3), DIR-635 (version A) and DI-634M (version B1) -- are also affected.

The company said new firmware updates are being made available across its Web sites.

Source: ComputerWorld

I do a lot of answering questions concerning computers and computer hardware online and there is one question that has come up more than once. As such, I figured I would include it here in case any of our visitors have the same question.

The question concerns computer processors and what all those terms mean when you see a processor description. CPUs, or Central Processing Units, technically have 12 specifications, including things like Brand, Type, Series, Socket Type, etc. However, honestly, only 3 specifications really matter when it comes right down to it. They are, Frequency, L2/L3 Cache, and FSB, or Front-Side Bus.

Frequency: CPU frequency, or Clock Rate, is the rate that a processor cycles 'on and off' to process incoming requests. It is the biggest indicator of how fast a processor really is. The higher the frequency, the faster the processor processes.

L2/L3 Cache: L2/L3 Cache are memory locations built into the processor that it uses to store incoming requests until it has the chance to process them. This memory type is extremely fast, much faster than a computers RAM is. The larger the cache the better because it means that the processor does not have to go to the RAM as often to pull requests. The reason for the L2\L3 is because some processors have two such cache locations.

Front-Side Bus, or FSB: FSB is the 'bus' that carries the data from the CPU to the Northbridge chipset. The Northbridge controls the RAM and Video Card processing. So, essentially, the higher the FSB speed, the more bandwidth the system has to transport your requests out to the other components of the computer. These specifications are also per core. So, when you find a processor that is Dual-Core, or Quad-Core, etc, these specifications apply to each core individually.

Computer processors are extremely complex devices and the above descriptions are highly simplified. Entire books have been written concerning CPU specifications but hopefully this simplified explanation helps answer questions you may have had about what these terms mean.