Lack of Wireless Security

Staying at an inn outside of Princeton University, which I won’t mention the name of, I connected up to the wireless (that has no security, WEP or WAP) and began surfing the web. After a while that got boring, so I glanced down at my wireless information. Doing a quick ipconfig found the wireless router’s IP address, and I typed it into Firefox just to see what it was. Up came a radware router’s password prompt. How boring, but what if… I contemplate possible passwords for a moment, and then begin typing,

Administrator: Administrator

Password failed.

admin: admin

Password failed.

radware : radware

Password accepted.

Yes, hacking into a wireless access point from connection to control of the router is more often than not just that easy. In this case, the amusing part was that on this type of router you could actually set up user accounts. The inn owners had made a nice little account with an unknown password, but had left the default radware account enabled as well, which made it entirely pointless. If you own a wireless access point, which most of you probably do, just follow these bloody tips! Ignorant people give me endless free wifi, don’t be one of them.

• Use WAP (not WEP!)
• Only allow certain MAC addresses
• Change the username and password of the access point
• Disable any default admin accounts