* Posts by Kevin

1 publicly visible post • joined 24 Jan 2008

Spotted in the wild: Home router attack serves up counterfeit pages

Kevin
Flame

ISP's are half the problem

Now here is the biggest problem. Excluding attacks that enable access or make changes without the need for a password the ISP's are allowing compromise themselves. I have Comcast cable. They installed a cheap wireless router with the username "comcast" and the password "1234". They did not change this during the intstall nor did they mention it should be changed. To make matters worse they enabled the wireless and the guy told me that they were not allowed to set 128bit WEP, only 64 but that is ok because "look how long the password is!!!" rofl. He also did not give me the username or password to the router. I looked it up online in a default pw database. I logged into the router and:

- WEP is the only option. There is no WPA or WPA2.

- He used my last name as the SSID and also used the same name to generate the hash.

So, to compromise people on this very large national leading ISP the only thing needed is the broadcasted SSID. From there the network will be completely compromised in a matter of seconds. If the tech is diligent then the security is still based on WEP which again can be cracked in a few minutes regardless of what the tech says.

I have locked my router down as best as it could be and have tried to replace it with my own. So far they are not compatible with any routers beyond the ones they provide.