related to this. I had to help a friend today to apply a password to her D-Link wireless router. Someone had kindly renamed her SSID to "jumpstart" (followed by some numbers), and applied a password she didn't know. Seeing as she is on a DSL line (I think), someone was able to make use of her phone line via this ingress route. So it would seem at least. She says the "last time" this happened, she reset the router to fix the phone. But when she reset it, she didn't apply a password, so not quite the same issue Andrew makes note of.
But like Andrew, this friend is in Texas, so doing a service call is a little difficult.. :) Shawn Andrew Anderson wrote: > A word to the weary with all this talk of wireless routers and green > networks... > > Most of you are likely aware there are common authentication bypass > vulnerabilities on these consumer routers. > > I have now had one hit very close to home... A family member opened an > email which we believe to have been the culprit (who knows?). It wasn't > long before her antivirus was freaking out, but not before her wireless > access points SSID had been mysteriously changed. I had personally secured > the AP myself with WPA2 and a sizable passphrase on my last visit. I had > also secured the AP itself with a long, secure password. > > No real harm done. The machine is being cleaned before going on another > network and other precautions taken. Since the machine is in BC, I cannot > attempt any forensics :-( > > Again, a word to the weary... check your firmware versions. > > > Regards, > > Andrew. > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf > Of Shawn > Sent: Tuesday, July 22, 2008 10:33 PM > To: CLUG General > Subject: Re: [clug-talk] IP-Cop > > TekBudda wrote: >> IIRC connecting a LAN port from the WiFi router to the green card would >> pass through any DHCP information coming from the network provide the >> router DHCP server was disabled. Now connecting through a blue NIC, is >> there anything special I need to do? Is it possible to provide the two >> levels of access? > > connecting your access point to the green network would result in that > access point potentially having the same access as wired network drops. > In short you are just adding wireless access to the green side of > things. Sometimes this is all you really need though - with some > reasonable percautions (like a password required) on the access point. > > Connecting the access point to the blue network is treating the wireless > side as a completely different subnet. NOW you can lock down the blue > and restrict what they can see - typically this just means they have > Internet access (via the blue -> red network). Setting up blue -> green > type connections (or orange -> green even) takes a little more work. > There is a plugin to provide this type of access, and/or you might be > able to do it via port forwarding... But it would take more effort. > >> The thing is that this is an office of about 15-20 people (at max) and >> the traffic is primarily web & e-mail. I would have thought that a 1 >> GB CPU with even 256 MB RAM would have been more than adequate to handle >> that kind of load, but I could be wrong. I am basing this on the little >> gNet router that we are currently using now on a business DSL connection >> at the end of a long loop. I could be wrong though. > > My network consists of a similar box for the IPCop service. I have all > of 4 boxes possibly running simultaneously. My server (24/7), my > workstation, and two laptops in the house. My box cannot do the VPN and > the IDS reliably. one or the other gets dropped sooner or later if I > enable both. This suggests that adding in filtering, would require a > beefier box in my case. > > Seeing as you are not doing the VPN, this may be a non-issue for you. > > Shawn > > _______________________________________________ > clug-talk mailing list > [email protected] > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > **Please remove these lines when replying > _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
