News
News Categories

Guest networks on routers are not as safe as they claim to be

By Kenny Yeo - on 16 Aug 2019, 9:31am

Guest networks on routers are not as safe as they claim to be

(Image source: Pure PNG)

Security researchers at the Ben-Gurion University of the Negev in Israel have discovered that a router's guest networking feature is not as safe as it seems.

Most routers have this feature, which allows a user to create a separate network for guests (hence the name). This allows guests to connect to the router and enjoy an Internet connection but restricts them from accessing a user's private network, which might contain computers or NAS systems.

The researchers said:

All of the routers we surveyed regardless of brand or price point were vulnerable to at least some cross-network communication once we used specially crafted network packets. A hardware-based solution seems to be the safest approach to guaranteeing isolation between secure and non-secure network devices.

They found that as long as the router hosted two networks, some level of cross-router covert channels exist and these can be exploited to steal data or to plant a malicious bug.

(Image source: Oren Lab)

They also said that while some of this cross-channel communication can be patched with firmware updates, more pervasive ones are impossible to prevent and recommend that guest networks be hosted on different hardware.

In other words, what they are recommending is that you either disable guest networks on your router or host your guest network on a separate router.

Source: Oren Lab