Open House: Unsecure wireless networks

[Smallville]

http://www.smartcomputing.com/editorial/article.asp?article=articles/2010/s2101/41s01/41s01.asp

I found this interesting, as I still see wide open networks in my neighborhood. Most of my neighbors are learning, but there's still some that don't secure their networks.

Tales From The Trenches: Open House

by Gregory Anderson

Hi. Welcome to our open house. We’re not here. All the lights are off, but feel free to look around anyway. If you find something interesting or valuable, feel free to take a copy. While you’re at it, if you want to use our Internet connection, go right ahead. We don’t really care whether you’re doing something harmless, such as checking email, or nefarious, such as sending barrages of spambot V1agr@ ads. We’ll probably never even know you were here. Enjoy.

As strange as this sounds, I’ve received similar invitations from several of our neighbors, and even from complete strangers. Avoid hosting these kinds of open houses by making your wireless network more secure.

Let’s start with turning on encryption. Despite all the dire warnings in every article ever written about wireless networks, a few people still fail to require even a basic passkey to access their network. A couple times we’ve been without an Internet connection when moving or switching providers. While searching for one of Philadelphia’s famous (and very elusive) “city-wide” Wi-Fi access points, I’ve discovered the occasional home network that’s completely open to the public. No password, no encryption, no nothing. In fact, more than once the upstairs computer, which doesn’t get a strong signal from our router downstairs, has automatically connected to someone else’s WLAN (wireless local area network). We usually don’t even notice until we try and access our network-shared printer. I can’t say that I’ve never hitched a ride on one of these networks to do a quick email check while we’re sans Internet, but usually I’ll just cash in on the excuse to head to the coffee shop. Still, you shouldn’t tempt me and others worse than me. Take ten minutes and apply WPA (Wi-Fi Protected Access) encryption to your router and configure each (authorized) machine that’s going to connect.

You don’t have to be so obvious to be vulnerable, however. I recently helped a neighbor set up a wireless printer at his new home office. It was the same model I’d helped him set up at work, with the same laptop traveling back and forth. He wisely set a strong passkey for his wireless network and wrote it down for me. So far so good, except we ran into some trouble getting the computer connected through the router to the printer. I wanted to know if the printer was even a recognized device on the network, which you can always tell from a router’s admin utility. He was away, on a quick trip to the office for manuals and CDs, so I took a guess. I simply navigated to his gateway address and tried the default password for his router model. Sure enough—I was in. Now, I was there as a helpful friend (and in exchange for gardening assistance), so I wasn’t about to hijack his network. But the next guy making the same guess probably wouldn’t have been so magnanimous. Moral of the story? Change your router’s default admin password.

While you’re at it, give your network a non-personal SSID (Service Set Identifier) name. I can’t count how many networks I’ve seen named simply “comcast” or “linksys”—which are dead giveaways that the owners have left most of the defaults in place. I’ve also seen network SSIDs named for their physical address. Wireless security has come a long way, but a dedicated and knowledgeable hacker with a few basic software tools can still find a way to break into most consumer-grade networks. If someone can combine sensitive electronic information (account numbers, email addresses) with sensitive physical artifacts (paper bills or statements from the mail or trash), they can do a whole lot more damage than with just one of the two. So don’t name your network after your address or unit number. Yes: Mister or Miss “wireworks125,” I’m talking to you.

Some of the same people who’d never dream of leaving the house unlocked, even for a quick run to the corner store, are completely unconcerned with leaving their wireless networks wide open. Of course, I’m one of the good guys, so I’d never take advantage of such opportunities. But can you always count on the people living in (and visiting) your neighborhood to be so upstanding?


Gregory Anderson is a regular contributor to Smart Computing and several other technology publications. He keeps a sharp eye (with the help of thick glasses) on computing trends and enjoys working with geeks of all stripes—most of the time.

 

[jefffann]

That's why I have a house full of Cat cables.

 

[ShankyMcShanks]

I need to make mine secure but its just sooooooo much work and alot of yelling at my router haha

 

[thedue]

Great post Smally. While mine is well protected, I see neighbors here that are not. A funny story, while on a trip to SE Kansas we had no way to get connected with our laptop. I noticed the neighbor had a protected lan, so I asked Liz's mother what the dog next door was named. You guessed it, I was on in a minute and had all my email downloaded, hehe. I thought bad of it after I was done, but they need better pass codes.

 

[bonknhead]

As my brother-in-law has helping me watch the turkey as I deep-fried it on Christmas Day, he pulled out his iPhone and tried to find an unsecured Wi-Fi network. His phone saw several wireless network (6 or 7 IIRC), but all were secured. He couldn't even figure out which one was mine. I live within 5 miles of three Intel campuses and several other high tech employers so my neighborhood is very tech-savvy.

 

[Dent]

unfortunatly I forgot the admin password to my wireless router, and now my network is unsecure. It's open and I'm sure some people are using it. I can't add security on it.

 

[Smallville]

What kind of router Dent?

 

[Dent]

What kind of router Dent?

Netgear. It is a really crappy one, but it does the job better than my D-Link did.

 

[Smallville]

There should be a reset button. Press and hold it for 90 seconds and it should reset it to factory. Might take a little longer, might take a little shorter. At least I hear that should work.

 

[Dent]

There should be a reset button. Press and hold it for 90 seconds and it should reset it to factory. Might take a little longer, might take a little shorter. At least I hear that should work.

What do i Do after it has been reset? once i reach the login page how do i know what was the default log in?

 

[Smallville]

Which model do you have?

Username is probably admin, password is probably password.

 

[Dent]

I'll give it a try, thanks Smalls.

 

[mytime]

Which model do you have?

Username is probably admin, password is probably password.

Yep. I'm in Dent's network as of right now.

 

[Smallville]

That's a heckuva long way to skip a signal mytime! hehehe

 

[Dent]

Yep. I'm in Dent's network as of right now.

Maybe my router is so strong it can send signals across USA. I'm sure I'm like the verizon commercial right now, with everyone in the US attached to my network.

"Do you get my wireless now? Good."

 

[ClairefromClare]

We're secure at home, but have yet to figure out how to set security on our travel router that we ourselves can actually get into. So we're unsecure on the road, and I know that stinks.