And the captcha is meant to ensure it’s a human entering the password, which in itself can be a bit of a pain if you want to yourself automate routeraccess to be honest, that’s made impossible to do easy if it worked as planned, but I guess people that want to automate would get a router that allows custom linux firmware to be installed and use that route, if you pardon the pun.

First thing is most routers by default dont allow you to access the config from the WAN port, only if you are on the LAN. So unless you go in and change this, or, this is something that has changed in some these new routers I think that would prevent outsiders from gaining access.

Now if you have an open AP, and, a client with an infected machine comes on the AP then I guess the Captcha could add an extra level, but you already have issues with an open AP and allowing people on your “trusted” network.
Also I thought most new routers require you to set them up properly to work and no longer “work out of the box” to prevent default password.

The whole point of malware bots breaking into routers has nothing to do with stealing peoples wifi.
The primary purpose of a malware bot breaking into somebodys router is to modify the routers DNS tables so certain site requests can be manipulated. For example every bank web address you type in is redirected silently in the background without you even known and without tipping of any of your browser security or phishing filters to a rouge site which then caputres your details. And you wont know a thing about it becouse the site looks identical, you just wont be able to log it, it will take your details and then say “Sorry – Server error, try again later” or something like that.

the other reason malware Bots would try to break into routers is becouse Firewalls can be a pain. However if you break into the admin area of a router you can practically disable the firewall, allowing a human operator to them zombie all the PC’s behind the router firewall at leisure.

HAcker/cracker leaves this bot running to do the leg work for him over night, wakes up in the morning and has a whole screen long list of address’s where the routers now forward all bank requests to silent phishing sites and, a list of routers than have possiblely hundreds of avaliable PC’s ready for dronning.
Considering MOST pc’s are behind external modem routers these days, Malware has addapted.

Malware that directally and automatically compromises your gateway to the internet is this fashion is as frightening to us computer security guys as it is interesting.

Can gurantee once a router is hacked, your’ll never be able to trust any site again.

(Ask yourself this question, how many people do you know with broadband…. and how many of them would even know if somebody had loggin into their router? 90% of the people I know have never touched the thing after the initial setup.)

They own your DNS.
Trust me router bots are not “Pointless” they are frightening and the next big thing.

i have heard of forum sign up captchas being broken allowing spammers to automate sign ups to spam the board.

the only ways i know to totally secure it is.

1. remove the remote admining feature (force user to be at pc to admin the router.

2. for those with older routers that the makers refuse to make firmware that removes the remote admining you can hope your isp has and strictly enforces the “no servers on residential account” and actually blocks the standard server ports 21,80,443 from accessing from the outside.

As long as the Bin file of OpenWrt installs It fixes all problems with these routers.

Honestly, If you have any advanced education you should be using OpenWRT or DDWRT and not the crap firmware in these routers.

But then if you have even a high school education you know to set the password to something that is not easily cracked.

Yes, Most Americans dont even have a high school education as far as I am concerned. you are a RETARD if you dont understand Computer basics.

On the other hand Linksys has become crap.

What good brand is there left?