 
inteller
Sociopaths always win.
join:2003-12-08
Tulsa, OK | 50%....yeah right. I'm glad to see IU is helping keep Symfrantic in the FUD business. | |
|
 | 
Rob
In Deo speramus
Premium
join:2001-08-25
Kendall, FL
 ·Comcast
| Re: 50%....yeah right. said by inteller  :I'm glad to see IU is helping keep Symfrantic in the FUD business. You don't think at least 50% of not changing their password to their router and (also) their SSID?
--
YourIP.US - It's Your IP .. and more!
rr.cx - Personal Site.. coming soon. | |
|
| | 
cableties
Premium
join:2005-01-27
Levittown, PA
| Re: 50%....yeah right. 50%? I say higher.
Login name: Admin, smcadmin or Root
Password: admin, password, or none
SSID: linksys, netgear, or model#
How many home user's I've had to upgrade and discover that their router (if they have one) is default with SSID broadcast (older than 2 years without firmware upgrade this isn't a feature to turn off) on. They wonder why their connection is slow in the afternoon, evenings and weekends.
FUD, maybe, but I've seen it. And fixed it. I just feel bad when I have to printout out all the settings and...well... you guessed it! They lose the printout!
(for those with FIOS, we are lucky the tech shouldn't leave until you setup the pass. And change username too!)  | |
|
| | | Tikker_LoS
join:2004-04-29
Regina, SK
 ·SaskTel Saskatchewan
| Re: 50%....yeah right. said by cableties :How many home user's I've had to upgrade and discover that their router (if they have one) is default with SSID broadcast (older than 2 years without firmware upgrade this isn't a feature to turn off) on. ssid is pretty meaningless in the scope of things
it's when they don't change default passwd, or turn on encryption that it gets fun | |
|
| | | |
| | | |
cableties
Premium
join:2005-01-27
Levittown, PA
| Re: 50%....yeah right. Actually, the new models force the user to FIRST install from the CD and walk them through, step-by-step.
However, I am sure most home users have no idea about WEP/WPA, security, NAT, and they sure are ignorant about passwords.
"Do I have to use 8 letters and numbers? What does WEP mean? Key? What is a MAC address?..."--true comments by new users | |
|
| | | | | 
sivran
God Save The Suite
Premium
join:2003-09-15
Arlington, TX
clubs:
·RoadRunner Cable
| Re: 50%....yeah right. said by cableties :Actually, the new models force the user to FIRST install from the CD and walk them through, step-by-step. Know any specific models? I'm considering upgrading from my ancient BEFSR41v2, and I'd like to avoid anything that demands the CD.
--
Think outside the fox...Seamonkey | |
|
| | | | | | matrix3D
join:2006-09-27
Deep River, CT
| Re: 50%....yeah right. Linksys WRT54GL... plus you can put third party firmware on it (I use DD-WRT v23 SP2 -- it kicks @$$) that offers all kinds of advanced features. I find the VPN server feature to be extremely useful when you need to do secure VNC, RDP or SSH sessions to your internal network from a remote location. | |
|
| | | | | |
| | | | | 
insomniac84
join:2002-01-03
Schererville, IN | I doubt anything actually forces you to run the cd. Everything linksys I bought came with a cd, but you don't have to use it. I guess they could not include the default password in the instructions, but that would be stupid. | |
|
| | | | | 
tttttttttttt
@qwest.net
| Some of us, tho not many on this board, don't view our computer as intertainment, per se. But rather as a tool to accomplish other ends. Some, like me, do pay attention to alerts etc. and do our best to keep our machines and lives secure. Not an easy task these days. I admit I'm no Tech.
Having said that, I'd like to know how to check my router password and change it if necessary. I don't use Wi-Fi due to security concerns but assume this threat could still apply to me even with a hard wired network. Any help would be appreciated! | |
|
| | | BIGHUSKER
join:2002-01-20
Minneapolis, MN
edit:
February 15th, @08:53PM
| said by cableties :How many home user's I've had to upgrade and discover that their router (if they have one) is default with SSID broadcast (older than 2 years without firmware upgrade this isn't a feature to turn off) on. They wonder why their connection is slow in the afternoon, evenings and weekends. Uhm, there's nothing wrong with broadcasting your SSID. Any decent wireless utility is going to detect networks whether they're broadcasting an SSID or not (even the intel proset utility does). I keep SSID broadcasting on both of my access points because it's much easier to roam around the house and have my laptop automatically detect which AP is closer.
I just use an extremely long WPA key. | |
|
|
| 
skelet0r
Premium
join:2004-04-26
Florence, AL | Re: Evil code? Malicious websites are the devil. | |
|
| | |
| |
| | 
bjl
Premium
join:2002-05-02
Laguna Hills, CA
| Re: Evil code? said by Maxo :Scary what the heck is that with the devil? a cheese grater? | |
|
| | | 
Maxo
Your tax dollars at work.
Premium,VIP
join:2002-11-04
Tallahassee, FL
clubs:
·Embarq
| Re: Evil code? said by bjl :said by Maxo :Scary what the heck is that with the devil? a cheese grater? Read the OPs link. | |
|
| | | | 
FiL
Premium
join:2005-08-16
Silver Spring, MD | Re: Evil code? looks like an ugly ass Mac...bah, eFF a "simple GUI!"...those are for noobs. | |
|
shadow520
join:2002-04-03
Warren, MI
| Open Routers Anyone using a default router password isn't looking at this or Symantec's site.
This time of year, I have my laptop in many different people's homes in many neigborhoods in my area. I can almost always find an unsecured router somewhere. I might not get strong enough signal to connect, but I can almost always find one.
--
Common sense is not all that common. | |
|
| bigjimc
join:2003-04-21
Middleboro, MA
 ·Verizon FIOS
| Re: Open Routers I just left my parents Condo in Florida and there was 6 open SSID broadcast connections available to me.
Not to mention Lisa's Printer and Pat's Printer and.....
Maybe we as the intelligent IT community should assist more people in WiFi security and not just relish in the fact that there are that many open connections.
Maybe we should tell people that they should read the directions and follow the steps to a secure WiFi. It takes only 15 additional minutes. | |
|
| | wtansill
Ncc1701
join:2000-10-10
Falls Church, VA
| Re: Open Routers said by bigjimc :I just left my parents Condo in Florida and there was 6 open SSID broadcast connections available to me. Not to mention Lisa's Printer and Pat's Printer and..... Maybe we as the intelligent IT community should assist more people in WiFi security and not just relish in the fact that there are that many open connections. Maybe we should tell people that they should read the directions and follow the steps to a secure WiFi. It takes only 15 additional minutes. OK. Please tell me though -- how do you go about identifying "Lisa's Printer" such that you can tie it back to a given individual? How about all the other open links? I'm being serious -- not busting your chops.
--
That which does not kill me merely prolongs the agony. | |
|
| | | 
Pirate515
Premium
join:2001-01-22
Brooklyn, NY
edit:
February 15th, @11:50AM
| Re: Open Routers said by wtansill :Please tell me though - how do you go about identifying "Lisa's Printer" such that you can tie it back to a given individual? How about all the other open links? I'm being serious - not busting your chops. Well, there are printers out there with wireless capabilities, and as soon as someone who has purchased one, unpacked it and turned it on for the first time, he/she was probably presented with a prompt to give it a name so that it can be identified to other wireless clients. Of course, "Lisa" or "Pat" probably never bothered to go beyond setting their names, never went into Security Settings and made sure that their printers only talk to their wireless routers and nothing else or at least asked for a user ID/password before accepting a print job. As a result, anyone who can connect is free to print pr0n to their printers.
--
Ask me no questions, and I'll tell you no lies...
A MESSAGE to the RIAA and the MPAA: You shouldn't wound what you can't kill...
| |
|
| | | bigjimc
join:2003-04-21
Middleboro, MA
·Verizon FIOS
| Lisa and Pat happen to be married and that was an easy one to ID in the Condo Association Listing. Then there were the Smiths, Jones Network, etc... (names changed to protect the ignorant) LOL. Plus they generally have to be withing 324 feet of the location. That limits it to about 60 condo units.
I would post on the bulletin boards for those who didn't know better that I would be available to set up secure WiFi for $50. Make some scratch. | |
|
| | | | wtansill
Ncc1701
join:2000-10-10
Falls Church, VA
| Re: Open Routers said by bigjimc :Lisa and Pat happen to be married and that was an easy one to ID in the Condo Association Listing. Then there were the Smiths, Jones Network, etc... (names changed to protect the ignorant) LOL. Plus they generally have to be withing 324 feet of the location. That limits it to about 60 condo units. I would post on the bulletin boards for those who didn't know better that I would be available to set up secure WiFi for $50. Make some scratch. Ah -- I thought that you meant that there was some way that you could physically trace a hotspot to an actual person. I assume that you could do that by triangulating with the appropriate gear, but I'm not up on the technology of doing so. Posting on a bulletin board could work if those with open hotspots bothered to read the stuff tacked onto the board.
--
That which does not kill me merely prolongs the agony. | |
|
| | | | | bigjimc
join:2003-04-21
Middleboro, MA | Re: Open Routers HA HA HA, I probably could but noooo nothing so sinister....Muuuuhhhhhhhhahhahhahhaha | |
|
| | AquaBlaze
Premium
join:2004-02-02
Encino, CA
| said by bigjimc :Maybe we should tell people that they should read the directions and follow the steps to a secure WiFi. It takes only 15 additional minutes. You want to be the one that has to allude to these people that they're technological dumbasses? I sure as hell don't.
...that and "just 15 minutes" kinda adds up when you'd have to do that to every other house in the LA area, lol. Clearly being unsecured is giving them no problems, so it shouldn't be my problem either. | |
|
weedahoe
join:2003-09-14
Duluth, GA | In my house.......... we use a Linksys and not only is the SSID changed but has been disabled from broadcasting, we use WPA2 with 128bit, MAC filtration and limit DHCP addresses to only 5 since I have one desktop, 2 laptops and 2 Xbox's. Good luck getting close to it. | |
|
| 
morbo
Complete Your Transaction
join:2002-01-22
00000
clubs: | Re: In my house.......... challenge accepted! your address please. | |
|
| | bigjimc
join:2003-04-21
Middleboro, MA | Re: In my house.......... That's funny.
I do the same thing. It bites when a friend comes over with a lap top and can't connect until I go to one of the MAC accepted computers and authorize their MAC in the list.
But it is worth it. | |
|
| | | 
MisterMarcus
join:2001-11-10
San Diego, CA
·RoadRunner Cable
| Re: In my house.......... I'm in the same boat. I don't bother doing anything above MAC restrictions at this point. My neighbors are either (1) clueless on wireless or (2) have their own router (which I can always pick up, and they're secured). It's tough, because I have the following devices using my wireless signal at varying times:
• PlayStation 3
• Nintendo Wii
• Sony PSP
• LocationFree Player
• My Personal laptop
• My other Personal laptop (which I just sold today)
• My Work laptop
• T-mobile MDA
• Friend 1's personal laptop
• Friend 1's school laptop
• Friend 2's PlayStation 3
AS you can tell, that's a lot of MAC addresses I have to manage, and my router doesn't let me nickname anything either, so I can't ever tell what's in there. But I always check the DHCP Client Table to make sure there aren't any devices I don't recognize. | |
|
| | |
sivran
God Save The Suite
Premium
join:2003-09-15
Arlington, TX
clubs: | MAC filtering? Worth it? Ever try changing the MAC address on your friend's laptop? You'll see how useless it is.
--
Think outside the fox...Seamonkey | |
|
| | | pabster
join:2001-12-09
Waterloo, IA
·Mediacom
| said by bigjimc :That's funny. I do the same thing. It bites when a friend comes over with a lap top and can't connect until I go to one of the MAC accepted computers and authorize their MAC in the list. But it is worth it. You do realize MAC filtering is the weakest form of wireless security, right? All it takes is a second to sniff the MAC of an authorized device on your network and spoof my NIC to match it.
It is fine as a "layer" of security but worthless. | |
|
| | | | bigjimc
join:2003-04-21
Middleboro, MA | Re: In my house.......... It is just 1 layer that I use. With the new 256 bit encryption breaker that was announced, it wount be long until the drivers start to cruise with that. | |
|
Derfel
join:2004-06-06
Winnipeg, MB
·MTS
| Two routers I have two wireless routers running from my condo. One is default through and through (I think the ID is linksys?) and it has no password. It's also not connected to any internet or computer or anything. The other is a WPA-passworded router with a new ID and such. I figure anyone who happens to war-drive by will spend their time on the former, and hopefully ignore the latter. | |
|
Trinijoy
Premium
join:2005-09-12
Brick, NJ | Yes Well 50% of users ACTUALLY READ the manuals, that wouldn't happen. I feel no sympathy. It's a wrong thing to do, but not anyones fault but the users if you didn't secure your network, or take time to educate yourself about it. | |
|
|
itisserious
@swbell.net
| Re: Yes Stealing is stealing whether it’s driving off from the gas stations with “free” gas or riding on someone else’s open WIFI.
It’s immoral to justify the act by saying they deserve it because they should know better. The morons pestering our lives with viruses use the same logic.
Congress should look into this and seek voluntary cooperation from the manufactures for better default security. They should also makes laws if necessary so that law enforcement can crack down on violators. | |
|
bigjimc
join:2003-04-21
Middleboro, MA
·Verizon FIOS
| Even worse The home laptop holdouts are now buying desktops with built in WiFi at CC and BB and then getting the free or discount Wireless router. Thinking its great. That number of unsecured wifi routers is on the climb.
PS. If I wanted an unsecured WiFi router I would go to FON!!! LOL | |
|
| 
mlerner
Premium
join:2000-11-25
Nepean, ON
·TekSavvy Solutions..
·Bell Sympatico
| Re: Even worse said by bigjimc :PS. If I wanted an unsecured WiFi router I would go to FON!!! LOL Actually, in a way FON is much better than other routers. You get a public and private SSID. The private SSID by default is protected by a WPA key which is the router's serial number. It is also completely configurable. | |
|
mikedalb
join:2003-07-17
Tallahassee, FL | Just for kicks I'm set up with a 21 character admin password with ssid off, wpa2-psk 64 character, mac limiting, 139 forwarded to invalid IP,DHCP limit of 7, and named my network linksys (not my router's brand). Some days I can barely find it. | |
|
PosterDude
@rr.com
| Inherent Flaw In Efficacy Of Attack Vector In order for this sort of "attack" to work, the javascript must know the gateway's ("router's") specific configuration URLs.
For example, my D-Link DI-624 version C3 with firmware version 2.75 Build 2 has the following URL for configuring the DNS servers manually:
»192.168.0.1/h_wan_dhcp.html
Notice that the javascript would need to be able to adjust to different IP addresses for the local gateway IP address (not that difficult), and, for the different configuration page name (difficult), and for the specific format of sending configuration data via URL (extremely difficult).
And obviously, that posted configuration URL doesnt show the format that the URL has to be in to send new configuration data on that page.
And thats just for one version of firmware, on one specific model of gateway, from one specific vendor.
Indeed, I've noticed that the URL (page name) for specific configuration pages has CHANGED from one firmware version to another, just with this model.
So, obviously, "one size fits all" URL/page name code in the javascript, is impossible. That means the code would have to be written in such a way as to be able to detect different vendors/models/firmware versions of the gateways, and be PRECODED with the specific URLs for EACH FIRMWARE VERSION OF EACH MODEL OF EACH VENDOR.
Clearly, no small task, at all.
In fact, a company (Pure Networks) attempted just such a feat a few years ago with a product named "Port Magic" that was designed to configure your gateway for port forwarding. It attempted to do so by just the same means as this supposed javascript does. Needless to say, they have long since discontinued the product, and no longer support it (I'm sure the insurmountable task of keeping a database of all the different vendors/models/firmware versions of different gateways and their different configuration URLs had nothing to do with it)
From the PDF:
"(5) The script attempts to
change the discovered router’s settings."
Attempts is the right word there. Its just not going to happen, what with the different page names/URLS/data formats that all the different firmware versions and models of gateway have.
Regardless, susceptibility to this method of attack is very low (I'd say probably less than 1 %) even without a password or with a default password, contrary to the silly 50% claimed. | |
|
peter_m
Premium
join:2005-07-13
Canada, QC
| Ignorance is not bliss My first thought was: Who cares? If your neighbor never locks his garage, front door, patio door and windows, why would anyone be surprised or care if he gets burglarized.
But after thinking about it, people just don't know any better. Most people think that just because they can purchase it at the local store, plug a few wires that it must be safe and properly installed. Same explanation for the 33 to 50% of on-line PCs that are infected one way or another... People just don't know any better.
Peter | |
|
| bigjimc
join:2003-04-21
Middleboro, MA
·Verizon FIOS
| Re: Ignorance is not bliss What if someone takes the prybar from your neighbors garage and uses it to break into your house?
What if you accidentally were logged into your neighbors router. Never know. Something happened and yours was unavailable at the time of connection but your neighbors was available. Now your connected to his unsecured WiFi and someone hacks through the neighbors router to your computer and viola....
That was hypothetical. But who knows?
Not a flame just a what if. But I agree that people who are ignorant deserve what they get. I personally have a preffered network selected. | |
|
GhostDoggy
join:2005-05-11
Duluth, GA
| Routers & Baby-Making They don't require people to get a license to make babies, why should they expect them to secure their Internet routers?
Heck, we expect our fellow man, and women, to get a license to fish because its all that more important to our societ than the consequences of the other two in/actions. | |
|
brothergrims
join:2007-02-26
Phoenix, AZ
| something is phishy about this? No i don't think if i was redirected to an odd website, id fall for it. i think i know the sites i deal with pretty well, and they have not been real quick to change formate. and i am not the guy who changes that stuff so if admin is there admin it says. My garage door code is still 1234! BUT>>>>
the strangest thing happened on the way to the internet a week ago. plodding along in my way my router stopped working. its a 3com and new so i figure the Verizon dsl is down, so I call. After the common twelve minute wait i got the operator that asked my needs. "Ping my modem." i blurted to her. she asked why i wanted my modem pinged, "because something just went pair shaped and i good reason to that my modem is bad" she then instructed me to unplug my router and connect directly to the modem and took me to a screen and explained to be how to ping my own modem. It was fine.
Here is the Phishey part. during the time while she retrieved the information on how to teach me her job, she stated "Verizon offers in home routers for your computer, would you be interested in the details?" and i declined. I thought it odd that they had routers on sale. just out of the blue, offering some special on in home routers and desided to have the tech support crew start pimping these things between explaining how to plug the modem into the wall and witch side up the CD should be placed,- you know, just then when my router went down. kinda felt she may have known i was coming.
so please let me get this strait and i request corrections if i don't have what i read correct. PLEASE.
They can send a little java thorn down the line, pop in and run, and reset the modem so that it... say.... didnt want to work with a verizon provided modem. Then sit back and wait for the calls from folks like me that, on a fluke, got it running the first time. passably except for one tiny little clunk. i was under the impression that Java don't run in Firefox. i use Firefox all the time except for this one day. i wanted to download a file from "rapidshare" and the only prog that works for me to do that is IE. and that leaves myself open for the Java train.
don't that sound Phishy?
Oh i know, its a bit "conspiracy-ee fiction" but if symantic can send a little bug that will infect mcafee so we all switch to Norton then mcafee sends out a little sticker and we all switch back, well i could see the possibilities here. Please let me know if its workable because me and routers don't mix.
thanks | |
|
|
|
|
Drive By Pharming
