Occasionally it would be nice to have your router undergo a security check. An appropriate test page that you can visit should do this. Here is a short info about such a page.
One problem are vulnerabilities in the router firmware that were not closed by an update. In July 2020 I had oublished the German blog post Fraunhofer-Test: Sicherheitsmängel bei Home-Routern about that topic. But even with a fully patched router, unnecessarily opened ports can pose a security risk. Therefore, it might be a good idea to quickly test your router and the network behind it for obvious security flaws.
(Port Scan from German site heise)
There are several test pages that perform such tests. German site heise, for example, provides this test page for scanning for open ports. The screenshot above shows a section of the result page of my router – green lines means good, while red entries indicates security issues.
Friday I saw the above tweet from security researcher Michael Horowitz. Horowitz has set up a page with various resources about security tests around routers. After 5 years he finds out that it has been accessed 1 million times – not bad. While the port scan by heise mentioned above shows potential security problems with the router very quickly in the sense of a traffic light system (red= bad, green=good), Horowitz has more extensive resources.
Horowitz has not set up his own tests on his site, but links to various sites that allow for a number of tests. For example, the search engine shodan.io is linked to the IPv4 address of the page visitor. This way you can find out what this search engine may know about your network behind the router. There is also a link to the page censys.io, which shows what is known about the public IPv4 address (in the best case it is called “no publicly accessible services”).
Maybe one or the other of the readership might like to browse the Horowitz website. And if you know of any other sites for testing, or if you have additions or objections, you can leave a comment.
Cookies helps to fund this blog: Cookie settings