Re: Personal Data and Security

In article jollyroger-DC09A8.20490221082009@xxxxxxxxxxxxxxxxxxx, Jolly Roger
at jollyroger@xxxxxxxxx wrote on 8/21/09 9:49 PM:

In article <C6B4B7B4.43DA4%nicknaym@[remove_this].gmail.com>,
Nick Naym <nicknaym@[remove_this].gmail.com> wrote:

In article h6nehv024ah@xxxxxxxxxxxxxxxxx, J.J. O'Shea at
try.not.to@xxxxxxxxxxx wrote on 8/21/09 8:36 PM:

...
...

I've read that it's recommended that the default "admin" and "password"
username and password be changed. Are you saying that it really is not
necessary?

No. He's saying that the admin page username and password are not the same
as
the WPA or WEP key. They're not. You should change your admin username and
password, or someone who gets access to your network can lock you out. That
is exactly what happened to a certain gentleman in my neighborhood. He was
running a network with an open, unsecured, wireless router, and someone
thought it would be funny to go onto his network and set up MAC address
filtering... and not put any of his computers onto the filter list. And
then
to change the admin username and password. And to turn on WPA security. All
of which meant that he was locked out of his own network. (No, I didn't do
it. He did pay me to fix it...) It was amazing how fast all the unsecured
networks in the area became WPA-secured networks once word got around that
there were comedians in the neighborhood...

Having now implemented WPA (or even if I had left it at WEP), wouldn't that
prevent such mischief?

If the admin password is the default, then no. Anyone with an Ethernet
cable or access to one of your computers on the wireless network can
access the router's configuration web pages. Also, if the router happens
to have a bug that accidentally allows people on the internet side of
your router to access the admin pages, because you haven't changed the
admin password, access will be free flowing to them. It's just a bad
idea not to secure your admin access.


If someone sees my network listed in their Airport menulet, and tries to
gain access, he/she can't without my WPA passphrase, right?

Someone nearby apparently has an unsecured netgear router, because I often
see an unlocked network named "NETGEAR" in the menulet, and I know that
"NETGEAR" is the default name of netgear routers. I assume that I could
somehow access that person's router and wreak some havoc...but wouldn't that
be impossible if WEP/WPA was implemented, even if the default
username/password had not been changed?

--
iMac (24", 2.8 GHz Intel Core 2 Duo, 2GB RAM, 320 GB HDD) ? OS X (10.5.7)

.

Relevant Pages

  • RE: Draytek Router Passwords
    ... As you log in to the router's admin web page, of course you give it to the ... consultant can simply sniff the admin's password. ... network, whether it was possible for him to sniff your internal network, ... Subject: Draytek Router Passwords ...
    (Security-Basics)
  • Re: Personal Data and Security
    ... No. He's saying that the admin page username and password are not the ... or someone who gets access to your network can lock you out. ... Also, if the router happens ...
    (comp.sys.mac.apps)
  • Re: Personal Data and Security
    ... No. He's saying that the admin page username and password are not the ... or someone who gets access to your network can lock you out. ... And to turn on WPA security. ...
    (comp.sys.mac.apps)
  • Re: Personal Data and Security
    ... No. He's saying that the admin page username and password are not the same ... or someone who gets access to your network can lock you out. ... And to turn on WPA security. ...
    (comp.sys.mac.apps)
  • Re: Personal Data and Security
    ... No. He's saying that the admin page username and password are not the same ... or someone who gets access to your network can lock you out. ... And to turn on WPA security. ...
    (comp.sys.mac.apps)
Loading