Tip: Router security test pages

Posted on 2020-10-18 by guenni

Occasionally it would be nice to have your router undergo a security check. An appropriate test page that you can visit should do this. Here is a short info about such a page.

Advertising

One problem are vulnerabilities in the router firmware that were not closed by an update. In July 2020 I had oublished the German blog post Fraunhofer-Test: Sicherheitsmängel bei Home-Routern about that topic. But even with a fully patched router, unnecessarily opened ports can pose a security risk. Therefore, it might be a good idea to quickly test your router and the network behind it for obvious security flaws.

Port Scan heise
(Port Scan from German site heise)

There are several test pages that perform such tests. German site heise, for example, provides this test page (deleted) for scanning for open ports. The screenshot above shows a section of the result page of my router – green lines means good, while red entries indicates security issues. 

Tweet Router Security Test

Friday I saw the above tweet from security researcher Michael Horowitz. Horowitz has set up a page with various resources about security tests around routers. After 5 years he finds out that it has been accessed 1 million times – not bad. While the port scan by heise mentioned above shows potential security problems with the router very quickly in the sense of a traffic light system (red= bad, green=good), Horowitz has more extensive resources.

Advertising

Horowitz has not set up his own tests on his site, but links to various sites that allow for a number of tests. For example, the search engine shodan.io is linked to the IPv4 address of the page visitor. This way you can find out what this search engine may know about your network behind the router. There is also a link to the page censys.io, which shows what is known about the public IPv4 address (in the best case it is called "no publicly accessible services").

Maybe one or the other of the readership might like to browse the Horowitz website. And if you know of any other sites for testing, or if you have additions or objections, you can leave a comment.

Advertising
This entry was posted in Security and tagged , . Bookmark the permalink.

One Response to Tip: Router security test pages

  1. Holger Danske says:
    2020-10-18 at 16:25

    This test is a total dud.
    Without Javascript enabled it does nothing.!

    That must mean it tests from the inside(browser), not outside like any normal threat.

    If the enemy is already inside your network, security gets really difficult!

    Steve Gibson does this properly, at grc.com.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).