Archive for January, 2010

Wireless security checklistMany people setting up WiFi home networks rush through the job to get their Internet connectivity working as fast as possible. This is quite risky as many security problems can result.

Today’s wireless networking products don’t always help the situation as configuring their security features can be time-consuming and non-intuitive. The tips below go over the steps you should take to improve the security of your home wireless network.

  • Change the default wireless  settings

You can read about changing default setting (username, password ans SSID) here :
http://www.security4wireless.com/always-change-your-wireless-default-settings/

  • Enable WPA / WEP encryption

All wireless equipment supports some form of encryption. Encryption technology scrambles messages sent over wireless networks so that they cannot be easily read by humans.

Many encryption technologies exist for Wifi. Of course you will want to pick the strongest encryption that works with your network. However, the way these technologies work, all Wifi devices on your network must share the the same encryption settings. Consequently you may need to find a “lowest common demoninator” setting.

Read the rest of this entry »

default passwordChange your default username and password :

Most of wireless access points & routers permit an admin to manage their WiFi network through a special admini account. This root account provides complete superuser access to the device’s configuration settings with a special username and password.

Manufacturers set both the account user/pass at the factory. The username is often basically the word admin or administrator. The password is typically empty (blank), the words “admin,” “1234,” or “password,” or some other simple password.

To improve the security of a wireless network, you ought to change the administrative password on your wireless access point or router immediately when installing the unit.

The default passwords for popular models of wireless network gear are well-known to hackers & often posted on the Net. Most devices do not permit the administrative username to be changed, but if yours does, you have to change this name too.

Finally, to maintain home network security in the future, continue changing this root password regularly, not three times. Lots of experts recommend changing passwords every 30 days. Use words that would be impossible for others to guess.

Read the rest of this entry »

Wifi HackingWe can classify the attacks into two main groups: passive attacks and active attacks, which are obviously more dangerous.

  • Passive attacks:

In a wireless network passive listening is even easier than the media air is hardly controllable.

Often, the radio coverage of one access point goes beyond the private domain of a company or an individual. The passive attack the most common is the search for access point.

This attack (called Wardriving) became the “game” the favorite of many hackers, the access points are easily detected by a scanner (equipped with a laptop WiFi card and special software to search for PA.) These cards are equipped with wifi directional antennas (Yagi type) to listen to the radio traffic at a distance outside the coverage area of access point.

There are two types of scanners, liabilities (Kismet, WifiScanner, prismstumbler …) without leaving traces, virtually undetectable and assets (Netstumbler, dstumbler) detectable when listening, they send out “probe request” . Netstumbler only works on Windows, others work with Linux.

Read the rest of this entry »

default router password

This is a list of default usernames and passwords used in wireless routers.

You will know it now.. so don’t forget to change your default user/pass :P

This list is sorted by vendor and model  of the router.

Let’s start :

Read the rest of this entry »