If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Rate Thread | Display Modes |
#16
|
|||
|
|||
Win 8.1: DHCP no longer getting an IP address
In message , VanguardLH
writes: J. P. Gilliver (John) wrote: VanguardLH WROTE: If he doesn't know how to access the router's internal web server to get at the config screens then how did the wifi passwords ever get set? If he has never configured the router then it is still using the factory default for login (probably username = "admin" & password = "password") which means anyone can hack through his router to get his intranet hosts. What you say is right, other than calling them "the wifi passwords". The wifi passwords will (in UK anyway, for ISP-provided routers at least) usually be a string of characters, and on a label on the bottom of the router. The ones you are referring to are the router control access passwords (I don't know if that's the correct phrase, if there is a "correct" phrase) - you'd still need them even if accessing the router by other than wifi. Actually, on a recent ISP-supplied router I saw, the label gave those too - and although the username _was_ admin, the password was another string of characters, so maybe that door is (slowly) closing, too. I was referring to TWO logins: one for the wifi passphrase(s) and the other to log into the router's internal web server to configure it. Agreed. I wouldn't have called the second one a "wifi password", though, that's all I was saying. I remember finding a list of router models showing what are the default login credentials to the routers. They're publicly listed hence well known. That's why the first tweak a user should do to a router is to change its login password (the username "admin" is often fixed so all you get to change is the password string). The password should be changed to a STRONG password. It's the first portal (attack vector) that should get defended. If the low-level user hasn't a clue about doing any configuration of their router, as claimed, then it's likely the default login credentials are still defined in that router leaving it vulnerable to /easy/ attack. Agreed - though, as I said, I recently encountered an (ISP-provided) router that had strings of apparently random characters (shown on the label) for both the wifi and the admin passwords, rather than it being "password" or similar. Whether this is randomised (by the ISP) for each router I don't know, but I rather suspect that it is, much as the wifi one is. (The ISP was/is TalkTalk, one of the UK's largest - often considered to be also one of the worst, though [although I'm not a customer of theirs, I just help several who are] that hasn't been my experience.) -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf Where [other presenters] tackle the world with a box of watercolours, he takes a spanner. - David Butcher (on Guy Martin), RT 2015/1/31-2/6 |
Ads |
#17
|
|||
|
|||
Win 8.1: DHCP no longer getting an IP address
"VanguardLH" wrote in message
... NY wrote: MAC filtering is a good tip. That would cause what they're seeing. Fair point. But the user said everything was working perfectly until a few days ago when it suddenly stopped, possibly after a Windows update. He wouldn't know how to access the router to set up MAC filtering. If he doesn't know how to access the router's internal web server to get at the config screens then how did the wifi passwords ever get set? If he has never configured the router then it is still using the factory default for login (probably username = "admin" & password = "password") which means anyone can hack through his router to get his intranet hosts. That's no longer true with modern routers. They are usually (always?) given a unique admin password, a unique SSID (network name) and a unique wireless key as they are commissioned in the factory. These details are printed on a sticker on the router (and maybe on a removable plastic tab that can be taken from the router to the PC that needs to be configured with it). The days of routers with an admin password of "admin" or "password", and no wireless encryption (and hence no wifi key) are long gone - thank goodness. Of course there is nothing to stop a knowledgeable user changing the SSID, admin password and WPA key to ones of his own choosing. But the guy who had this problem wouldn't have had a clue how to do that - or how to set MAC filtering. |
#18
|
|||
|
|||
Win 8.1: DHCP no longer getting an IP address
NY wrote:
"VanguardLH" wrote in message ... NY wrote: MAC filtering is a good tip. That would cause what they're seeing. Fair point. But the user said everything was working perfectly until a few days ago when it suddenly stopped, possibly after a Windows update. He wouldn't know how to access the router to set up MAC filtering. If he doesn't know how to access the router's internal web server to get at the config screens then how did the wifi passwords ever get set? If he has never configured the router then it is still using the factory default for login (probably username = "admin" & password = "password") which means anyone can hack through his router to get his intranet hosts. That's no longer true with modern routers. They are usually (always?) given a unique admin password, a unique SSID (network name) and a unique wireless key as they are commissioned in the factory. These details are printed on a sticker on the router (and maybe on a removable plastic tab that can be taken from the router to the PC that needs to be configured with it). The days of routers with an admin password of "admin" or "password", and no wireless encryption (and hence no wifi key) are long gone - thank goodness. Of course there is nothing to stop a knowledgeable user changing the SSID, admin password and WPA key to ones of his own choosing. But the guy who had this problem wouldn't have had a clue how to do that - or how to set MAC filtering. Does this guy know how to straighten a paper clip to push into the hole in the router's backside to press for only a couple seconds to reset the router? Not much regarding scientific know-how for that. |
#19
|
|||
|
|||
Win 8.1: DHCP no longer getting an IP address
On Sat, 20 Jan 2018 20:19:20 -0000, "NY" wrote:
"VanguardLH" wrote in message ... NY wrote: MAC filtering is a good tip. That would cause what they're seeing. Fair point. But the user said everything was working perfectly until a few days ago when it suddenly stopped, possibly after a Windows update. He wouldn't know how to access the router to set up MAC filtering. If he doesn't know how to access the router's internal web server to get at the config screens then how did the wifi passwords ever get set? If he has never configured the router then it is still using the factory default for login (probably username = "admin" & password = "password") which means anyone can hack through his router to get his intranet hosts. That's no longer true with modern routers. They are usually (always?) given a unique admin password, a unique SSID (network name) and a unique wireless key as they are commissioned in the factory. These details are printed on a sticker on the router (and maybe on a removable plastic tab that can be taken from the router to the PC that needs to be configured with it). The days of routers with an admin password of "admin" or "password", and no wireless encryption (and hence no wifi key) are long gone - thank goodness. I believe you're referring to routers that are provided by an ISP to its customers. At least here in the States, those usually have a unique SSID and WiFi password configured, as well as a unique admin password. If you buy a router on your own, though, it'll naturally have the same SSID as every other router of that brand/model, as well as the same admin password. It's up to the new owner, in that case, to change those things. -- Char Jackson |
#20
|
|||
|
|||
Win 8.1: DHCP no longer getting an IP address
"Char Jackson" wrote in message
news The days of routers with an admin password of "admin" or "password", and no wireless encryption (and hence no wifi key) are long gone - thank goodness. I believe you're referring to routers that are provided by an ISP to its customers. At least here in the States, those usually have a unique SSID and WiFi password configured, as well as a unique admin password. If you buy a router on your own, though, it'll naturally have the same SSID as every other router of that brand/model, as well as the same admin password. It's up to the new owner, in that case, to change those things. You're right. I could have sworn my TP-Link router came pre-configured with unique SSID, WPA and admin password. But looking at the label on the bottom of it, they quote a default admin password, and probably default SSID and WPA (can't be arsed to out my reading glasses on to see the tiny print). I'd thought that off-the-shelf routers were also made unique like ISP-supplied ones. I was wrong :-( It was such a long time ago that I set up my router and I'm used to overriding the default SSID, WPA and admin password so I probably do it without registering whether I was changing from "admin" etc or from a random collection of characters. |
|
Thread Tools | |
Display Modes | Rate This Thread |
|
|