The securitycartoon.com website has an excellent series about why it's important to change your modem's password. Click on any of the cartoons in this article to see a full-size version of it in a new window.

In addition to translating (modulating and demodulating) the analog signal in the phone line to and from a digital signal that your computer can understand, today's modems also connect to Domain Name System (DNS) servers. Hence, they may also be called "routers," "residential gateways," or "default gateways."

Infecting routers is just one example of "pharming," a hacking technique related to phishing that involves sending users to bogus, counterfeit websites so that their password and other credentials may be stolen.  The difference is, phishing involves taking a user to a site that looks similar to another but has a different URL, while pharming involves changing the IP address of the site the URL points to.

A related exploit is the practice of DNS server hijacking.  Rather than changing the addresses of the name servers your router uses, this involves changing the DNS server itself.  A report published recently by Georgia Tech estimates that there are currently 68,000 rogue DNS servers.  If this doesn't concern you, well, it should.

Wireless Modems: Vulnerable to Drive-by Pharming 

Home users' wireless modems are especially vulnerable to "drive by pharming," which involves logging into a wireless modem and changing its DNS servers and even its firmware.

This is analogous to someone changing your phone so that every call you make can, at the whim of the hacker in control of the bogus DNS server, optionally go to an imposter rather than to the business you are trying to contact.

Although changing your modem's password does not completely prevent you from falling victim to this type of exploit, it is a very simple step you can take in the right direction.

Be Sure to Use a Strong Password

It is essential to choose a strong password - that is, one that is not easy to guess.  Many if not most routers do not have the capability to prevent a "dictionary attack."

Another way to help prevent falling prey to this exploit is to be sure that any time you make sensitive information available over an internet connection, that it is through a secure connection.  Anytime you perform a financial transaction online, ensure it is through a connection using HTTPS rather than HTTP.  

The HTTPS protocol transfers information over a Secure Socket Layer (SSL) and requires a  certificate.  To ensure you are at the correct site, you must pay close attention to any warnings your browser may display about the certificate being invalid.

If You've Never Changed Your Modem's Password

How can you tell if your modem has been compromised?  Unless you're comfortable logging into your router and changing its settings, it's probably best to call your ISP.

In some cases they may have already set or reset the password for you, and in other cases they may be able to do so if you ask them to.  They should at least be able to tell you which DNS servers are correct, and how you can check them.

If your set up is similar to mine and includes a wireless router behind a modem issued by your ISP, they may tell you that you are on your own.  In this case, if you never changed your password it may be best to play it safe and paperclip your router, returning it to its default settings, and start from scratch.  As you've no doubt noticed, I'm a bit paranoid, and therefore have always protected my routers with strong passwords.

This is just one example of the type of information available at the securitycartoon.com website.  I find the field of computer security to be fascinating, and as soon as I stumbled on this site I dropped everything and read all of the cartoons.  Among other things, reading these cartoons made me realize that since my laptop died I was no longer using the wireless router, so I disabled that feature.

I think it is awesome that the authors of the securitycartoon.com site have done their best to help simplify these extremely important yet sometimes all too complicated concepts!

I have been assuming that joomla! is masked in portage for the same reason my friend's site got hacked a few years back: because of an exploit known as cross-site scripting (XSS).

As it turns out, joomla! is susceptible to an exploit that is new to me cross-site request forgery: (CSRF).  It took a little while to digest how this might work, so I will not attempt to improve on the excellent explanation of CSRF attacks at wikipedia.org (which is where that last link takes you).

It came as some surprise to me that combining online banking with surfing an insecure yet otherwise ostensibly trustworthy forum could enable a criminal to steal from you!  I'm almost afraid to ask: what will they think of next?!?

What is worth saying here is that once I get to a good stopping point (or run out of savings or both) I will want to find another "real job"
and will not be able to monitor this site on a daily basis. Developing these sites is fun but I will not let them interfere with whatever duties are mine when I find and accept the next opportunity.

And it's for these reasons - CSRF attacks and my being a strictly part-time webmaster - that I have no intention of enabling comments here at any time during the near future.

Sorry to disappoint you but this is indeed for your own protection! 

It's funny sometimes how one thing can lead to another.

A prime example is when I was clicking around google.com while researching how to display those Adsense ads here.  That led to learning how to make this site Search Engine Friendly.  This led to the very interesting site stopbadware.org - interesting to me because at home I mostly use Linux (and more recently Mac OS), and so have limited experience with adware, spyware, etc.

And it was in one of the blogs at stopbadware.org that I stumbled upon securitycartoon.com.  What a great site!

I immediately stopped what I was doing and read them all, starting at the beginning, and I strongly recommend that you do the same.