Wireless router questions

[Getback]

I have a wireless router that also has ports. Now I've never used the wireless part of it. It's a 2 Wire product from AT&T. First how do you set that up? 2nd if I haven't changed any passwords on it can it be easily hacked into? Then also what is the reach of that device?

Thanks in advance.

[Masherbrum]

I have U-verse and I access mine through the admin portal.

[RTHolmes]

I haven't changed any passwords on it can it be easily hacked into?

yes. the first thing you should do when setting up a router is change the admin password, like it says in the manual. you did read the manual right?

[bbosen]

I have a wireless router that also has ports. Now I've never used the wireless part of it. It's a 2 Wire product from AT&T. First how do you set that up? 2nd if I haven't changed any passwords on it can it be easily hacked into? Then also what is the reach of that device?

Thanks in advance.

As for the "reach" of that device, if the WiFi has not been deactivated, it will be advertising an "SSID" (a name for your network) to anybody within a couple of hundred feet. That range might extend out to a thousand feet or more for people that are equipped with specialized antennas. However, in all probability it has been set up to encrypt everything using some variation of "WPA", which will make it very difficult for anybody to connect unless you share the associated encryption key with them (which seems unlikely given the information in your post).

But you really should investigate to make SURE. If you are not using your WiFi at all, you should either disable it (if your router allows that) or lock it down with a long, complex WPA key. You should also check the administrative password used to access your WiFi router to make SURE it isn't using the well-known, default passwords that come with brand new devices. That will prevent passersby from using it without your knowledge.

I have published a series of articles and video clips that cover the basics of this subject. Look here:


http://www.askmisterwizard.com/WirelessNetworking/SettingUpAwirelessLanTheEasyWay/Part1of2TheWiredPortions/Html/SUAWLTEWsegment1of6.htm

Those articles start out VERY basic, and I can tell from your original posting that you've already got the wired portions working. You can just skip forward through the first few pages. It looks to me like you'll want to start out somewhere near the middle of page 6 in the "wired" portion. Here's a direct link:

http://www.askmisterwizard.com/WirelessNetworking/SettingUpAwirelessLanTheEasyWay/Part1of2TheWiredPortions/Html/SUAWLTEWsegment6of6.htm

Take a look at the video clip there, but Don't change anything in your router's setup until you've seen the entire clip... you've already got the first half of these items working. The last half of the clip talks about the administrative password, and you should verify or change that.

Subsequent pages will help you with the WiFi stuff. (Note that they are oriented toward setting up your WiFi in a secure, responsible manner. If you just want to DISABLE WiFi, you'll need to adjust the process somewhat, but all of the principles are explained and I'm confident you'll be able to get well set up either way.) Just keep clicking on "next" to step through the remaining pages and watch each of the brief video clips. They'll "hold your hand" through the entire process.
 

[Bizman]

Getback, check in the bottom of the router for a sticker saying something about SSID and WPA(2)-key. If there is one, then your wireless is already secured. If not, look in your computer's network settings, if it tells you about an available wireless network with a full signal strength. That probably is yours. If it says "unprotected", you'd better reset your router to factory defaults and then reconfigure it, either securing your wifi or disabling it.

Holmes and bbosen, I have always wondered why is the login password so important in wireless routers. Since you seem to know, would you please tell me why. IMHO if the wireless in a router is either disabled or password protected, I can't think there'd be any way to get into the settings without a network cable, even if there were no login password at all. OTOH, if the wireless has been available for all, giving everyone the possibility to change the router's settings, factory resetting would wipe all unwished settings off. So, is it possible to access a wireless router without hacking the wpa-key?

[katanaso]

The password on the 2wire isn't a standard password, or lack of a password, found on routers made by Linksys, Netgear, Buffalo, etc.  You don't need to change it, since it's unique to your device and is a seemingly random combination of letters and numbers, but changing it to something easier makes working on the device easier.

The system password and network key are both printed on a sticker which is located towards the bottom and side of the router.  They're going to be unique to your device too.

I can't remember if wireless is turned on by default, but the GUI is really simple to navigate and understand.  I'd suggest logging into the 2wire, checking the wireless security settings and selecting WPA2.  I believe it's set to WPA by default.

Setting up the wireless is simple on this device.  Enable the wireless, pick a SSID that you like - it's probably set to 2WIRE### or something now, and select WPA2 with either the default network key or create a long key with numbers, letters, symbols, and caps (something that wouldn't be easy to guess).  WPA2 takes some work for your neighborhood kids to crack...

 

[RTHolmes]

Holmes and bbosen, I have always wondered why is the login password so important in wireless routers.

because if it hasnt been changed from the default I can google the password in a second. then I can log into your router management over the net or over the wifi. I can then do what I like with it; allow connections to any of the client devices via the net, or even install my own router firmware and intercept every piece of data that goes through it, use it as part of a proxy chain, or as a bot for spamming, DDOS or brute-force cracking attacks etc. etc.

a few years back I had to wait for the ADSL install in my new flat for a coupla weeks, so I just pointed a directional antenna up the street opposite and used a PCMCIA wifi card (beefier reception than the builtin airport card.) there were 30-40 networks available, about 1/3 of them unsecured. almost all of the unsecured networks had the default SSID (the routers model name ...) which meant I had all the management passwords in minutes. almost all of these worked.

its amazing the stuff people leave in their public shared folders; resumes, dissertations, job applications, porn, mp3s etc etc.

I was bored one evening so, putting my white hat on, I copied a bunch of music off one guys PC, then wrote a thankyou note together with a short guide to securing his particular router and the reasons why he should, then printed it out the 3 or 4 pages on his HP laserjet, finishing with a nude picture of (what I gather was) his girlfriend. 2 days later his network was using WPA ...

[Wiley]

Holmes- Right, but those were unsecured networks.

Bizman's question is something I've wondered as well.  As a hypothetical, assume someone sets up a good WPA key for their router but doesn't change the admin password.  Remote admin is disabled by default on any router I've ever had.  Also assume no physical access to the router for a wired connection.

Is the default password for admin an issue in this scenario?

Wiley.

[RTHolmes]

unsecured WEP is by far the lesser of the risks - theres hardly any people wardriving past your house (as above) trying to access the LAN, but about 5 billion devices attached to the WAN side of your router. check your router logs, your probably being port scanned a couple of times an hour.


 



edit: I did a lil wardrive earlier this year, unsecured wifi was down to 10-20% so I guess people are starting to realise its important.

[bbosen]

Holmes and bbosen, I have always wondered why is the login password so important in wireless routers. Since you seem to know, would you please tell me why. IMHO if the wireless in a router is either disabled or password protected, I can't think there'd be any way to get into the settings without a network cable, even if there were no login password at all.

Good question. Think of it as an insurance policy against bugs and backdoors in the firmware. In an ideal world, you could just disable administrative access through the WAN (Internet) interface and lock down the WiFi with a good WPA encryption key and not have to worry. Unfortunately, the world isn't ideal. There have been several incidents recently in which usurpers have been able to access the administrative menus of popular routers via the Internet by exploiting bugs in the firmware ("buffer overflow" attacks and the like). In those cases, people that hadn't changed the default administrative password were easily compromised.
 

[katanaso]

RTHolmes, be careful about repeating what you did in your example.  There are laws now, in certain areas, that make it theft.  So if you happen upon some IT guy's honeypot, it could be a fine or more.  This is in the United States -- not sure about the United Kingdom or elsewhere.

In my opinion, it is always best practice to disable remote administrative logon through the WAN or wireless.  Make it so you can work on the equipment only if you're wired to the network.

But as I posted before, the 2wire routers come with a random admin password and a random network password on a sticker on the left side of the unit.  My random admin password is a 10 digit number.

On page 22 of the uVerse/2wire guide found at http://www.att.com/support_media/images/pdf/uverse/iNIDv2_UG.pdf:

"The default system password is automatically set five minutes after the iPSU is connected. You can find the
default system password on the iPSU front cover. "

It's not "admin/admin" or "admin/blank" or "blank/blank" (fortunately).

[Masherbrum]

Getback, put your IP address into your address bar and it will take you to your Router Admin.

[Getback]

Getback, put your IP address into your address bar and it will take you to your Router Admin.

I will do that.

[Bizman]

Getback, put your IP address into your address bar and it will take you to your Router Admin.

Err... shouldn't it be the Default Gateway, not the IP address to get to Router Admin?

And thanks, Holmes and bbosen. I'm still in a suspecting mood: If I published my IP here, I have strong doubts you could get into my router admin, although the login info is set to default. The IP for logging into the router is in the 192.168.#.# series and it can't be accessed through the Internet. Just tested with a friend, and as I suspected, her putting my public IP into the Address Bar resulted no connection. So I suppose the only way to access my router is to sneak into my house and plug an ethernet cable in. For a little while I might not notice an extra cable, nor the hole in the wall to get the other end of the cable outside the house. If you know how to use the Internet to access my router, PM me for a test. I'm interested in the results to give better protection to my clients. 

[RTHolmes]

default gateway (router) IP from the LAN side, public IP from the WAN side.


the least everyone should do to secure their network is:

1. change to a strong router admin password

2. make sure router admin from the WAN (internet) is disabled

3. change the wifi SSID to something which doesnt identify you or your router (eg DavesWIFI, 15HighStreet and WRT120N are all bad)

4. use the beefiest encryption available for wifi, with a strong passphrase

5. make sure there isnt anything enabled which allows incoming connections from the WAN (DMZ, VPN etc.)

6. keep the router firmware up to date.

these will give you a basic level of protection.