Win 8.1: DHCP no longer getting an IP address

In message , VanguardLH
writes:
J. P. Gilliver (John) wrote:

VanguardLH WROTE:

If he doesn't know how to access the router's internal web server to
get at the config screens then how did the wifi passwords ever get
set? If he has never configured the router then it is still using
the factory default for login (probably username = "admin" &
password = "password") which means anyone can hack through his
router to get his intranet hosts.

What you say is right, other than calling them "the wifi passwords".
The wifi passwords will (in UK anyway, for ISP-provided routers at
least) usually be a string of characters, and on a label on the
bottom of the router. The ones you are referring to are the router
control access passwords (I don't know if that's the correct phrase,
if there is a "correct" phrase) - you'd still need them even if
accessing the router by other than wifi. Actually, on a recent
ISP-supplied router I saw, the label gave those too - and although
the username _was_ admin, the password was another string of
characters, so maybe that door is (slowly) closing, too.

I was referring to TWO logins: one for the wifi passphrase(s) and the
other to log into the router's internal web server to configure it.

Agreed. I wouldn't have called the second one a "wifi password", though,
that's all I was saying.

I remember finding a list of router models showing what are the default
login credentials to the routers. They're publicly listed hence well
known. That's why the first tweak a user should do to a router is to
change its login password (the username "admin" is often fixed so all
you get to change is the password string). The password should be
changed to a STRONG password. It's the first portal (attack vector)
that should get defended. If the low-level user hasn't a clue about
doing any configuration of their router, as claimed, then it's likely
the default login credentials are still defined in that router leaving
it vulnerable to /easy/ attack.

Agreed - though, as I said, I recently encountered an (ISP-provided)
router that had strings of apparently random characters (shown on the
label) for both the wifi and the admin passwords, rather than it being
"password" or similar. Whether this is randomised (by the ISP) for each
router I don't know, but I rather suspect that it is, much as the wifi
one is. (The ISP was/is TalkTalk, one of the UK's largest - often
considered to be also one of the worst, though [although I'm not a
customer of theirs, I just help several who are] that hasn't been my
experience.)
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

Where [other presenters] tackle the world with a box of watercolours, he
takes a spanner. - David Butcher (on Guy Martin), RT 2015/1/31-2/6

"VanguardLH" wrote in message
...
NY wrote:
MAC filtering is a good tip. That would cause what they're seeing.

Fair point. But the user said everything was working perfectly until a
few
days ago when it suddenly stopped, possibly after a Windows update. He
wouldn't know how to access the router to set up MAC filtering.

If he doesn't know how to access the router's internal web server to get
at the config screens then how did the wifi passwords ever get set? If
he has never configured the router then it is still using the factory
default for login (probably username = "admin" & password = "password")
which means anyone can hack through his router to get his intranet
hosts.

That's no longer true with modern routers. They are usually (always?) given
a unique admin password, a unique SSID (network name) and a unique wireless
key as they are commissioned in the factory. These details are printed on a
sticker on the router (and maybe on a removable plastic tab that can be
taken from the router to the PC that needs to be configured with it).

The days of routers with an admin password of "admin" or "password", and no
wireless encryption (and hence no wifi key) are long gone - thank goodness.

Of course there is nothing to stop a knowledgeable user changing the SSID,
admin password and WPA key to ones of his own choosing. But the guy who had
this problem wouldn't have had a clue how to do that - or how to set MAC
filtering.

NY wrote:

"VanguardLH" wrote in message
...
NY wrote:
MAC filtering is a good tip. That would cause what they're seeing.

Fair point. But the user said everything was working perfectly until a
few
days ago when it suddenly stopped, possibly after a Windows update. He
wouldn't know how to access the router to set up MAC filtering.

If he doesn't know how to access the router's internal web server to get
at the config screens then how did the wifi passwords ever get set? If
he has never configured the router then it is still using the factory
default for login (probably username = "admin" & password = "password")
which means anyone can hack through his router to get his intranet
hosts.

That's no longer true with modern routers. They are usually (always?) given
a unique admin password, a unique SSID (network name) and a unique wireless
key as they are commissioned in the factory. These details are printed on a
sticker on the router (and maybe on a removable plastic tab that can be
taken from the router to the PC that needs to be configured with it).

The days of routers with an admin password of "admin" or "password", and no
wireless encryption (and hence no wifi key) are long gone - thank goodness.

Of course there is nothing to stop a knowledgeable user changing the SSID,
admin password and WPA key to ones of his own choosing. But the guy who had
this problem wouldn't have had a clue how to do that - or how to set MAC
filtering.

Does this guy know how to straighten a paper clip to push into the hole
in the router's backside to press for only a couple seconds to reset the
router? Not much regarding scientific know-how for that.

On Sat, 20 Jan 2018 20:19:20 -0000, "NY" wrote:

"VanguardLH" wrote in message
...
NY wrote:
MAC filtering is a good tip. That would cause what they're seeing.

Fair point. But the user said everything was working perfectly until a
few
days ago when it suddenly stopped, possibly after a Windows update. He
wouldn't know how to access the router to set up MAC filtering.

If he doesn't know how to access the router's internal web server to get
at the config screens then how did the wifi passwords ever get set? If
he has never configured the router then it is still using the factory
default for login (probably username = "admin" & password = "password")
which means anyone can hack through his router to get his intranet
hosts.

That's no longer true with modern routers. They are usually (always?) given
a unique admin password, a unique SSID (network name) and a unique wireless
key as they are commissioned in the factory. These details are printed on a
sticker on the router (and maybe on a removable plastic tab that can be
taken from the router to the PC that needs to be configured with it).

The days of routers with an admin password of "admin" or "password", and no
wireless encryption (and hence no wifi key) are long gone - thank goodness.

I believe you're referring to routers that are provided by an ISP to its
customers. At least here in the States, those usually have a unique SSID
and WiFi password configured, as well as a unique admin password.

If you buy a router on your own, though, it'll naturally have the same
SSID as every other router of that brand/model, as well as the same
admin password. It's up to the new owner, in that case, to change those
things.

--

Char Jackson

"Char Jackson" wrote in message
news
The days of routers with an admin password of "admin" or "password", and
no
wireless encryption (and hence no wifi key) are long gone - thank
goodness.

I believe you're referring to routers that are provided by an ISP to its
customers. At least here in the States, those usually have a unique SSID
and WiFi password configured, as well as a unique admin password.

If you buy a router on your own, though, it'll naturally have the same
SSID as every other router of that brand/model, as well as the same
admin password. It's up to the new owner, in that case, to change those
things.

You're right. I could have sworn my TP-Link router came pre-configured with
unique SSID, WPA and admin password. But looking at the label on the bottom
of it, they quote a default admin password, and probably default SSID and
WPA (can't be arsed to out my reading glasses on to see the tiny print).

I'd thought that off-the-shelf routers were also made unique like
ISP-supplied ones. I was wrong :-(

It was such a long time ago that I set up my router and I'm used to
overriding the default SSID, WPA and admin password so I probably do it
without registering whether I was changing from "admin" etc or from a random
collection of characters.