Change Default Passwords!

[JungleFacedJake]

I know this mantra is repeated here frequently, but clearly there are those who just don't do it.

I have been mucking about with a security program I am testing, and I let it loose on a sample couple of Telkom ADSL IP ranges only to find about 4 of each of the 256-address ranges have routers still on default passwords.

Now I know you can jump down my throat for doing this, but PLEASE LISTEN! Once into your router, one can see your ISP login and password. So when changing your router password from the default PLEASE ALSO CHANGE YOUR ISP PASSWORD! Otherwise it might be possible with certain ISPs to access your mail, AND YOUR ACCOUNT/BILLING info. That is apart from someone stealing your bandwidth! From there your name. And people often use the same password for other things - a password that MIGHT NOW BE KNOWN. And use decent passwords - "qwerty" just doesn't do it!

I recommend that ISP's do checks of their clients to make sure that their equipment is not set to the defaults.

It's a jungle out there!

 

[|tera|]

I recommend that ISP's do checks of their clients to make sure that their equipment is not set to the defaults.

I'd agree with that statement, but they should also make an effort to inform people what the risks and or methods of changing passwords are,

 

[ziglet]

But then im going to have to buy my own account for an isp lol

 

[dabouncer]

Lol

 

[=ChaosTheory=]

At the risk of sounding completely stupid... how exactly do you change the password on your router?

 

[ziglet]

whats your ip address and make of your router? ill show you how

 

[Nickste]

If it's a telkom router, type 10.0.0.2 into your browser. Other routers can try 192.168.0.1 (Netgear) and 192.168.1.1 (Dlink I think?)
A box will pop up. Enter in the default password (should be in your help booklet that came with the router).

There should be a change administrator password link on the left hand side.

Cheers, Nick

 

[JungleFacedJake]

There should be a change administrator password link on the left hand side.

If the router has been online with the default password ALSO call your ISP's help desk and find out how to change your ISP password ( PPP password ) at their end, and then change that password setting on the router too. The router password merely lets the malicious person ( ziglet? ) in to the router in order to obtain the ISP (PPP) password which is in turn usable to steal your bandwidth, or to log in to your ISP's control panel to buy more bandwidth to steal at your expense.

Having seen how easy it is to get ISP login (PPP) passwords my advice is DO NOT even connect your new router to that ADSL line before changing the router default password! It takes just ONE login to your router to grab your PPP login and password!

 

[Nickste]

Yeah, good advice JungleFacedJake.

 

[flash99]

Security

I am getting my account tommorrow - using a guest one at the moment. I have changed the router password and will change the ISP one ASAP.

What other measures should I put in place on the router (have a Netgear DG834GT) and do I need to worry about firewalls on all of my PC's or is antivirus sufficient?

Thanks

 

[jacobstone]

I am getting my account tommorrow - using a guest one at the moment. I have changed the router password and will change the ISP one ASAP.

What other measures should I put in place on the router (have a Netgear DG834GT) and do I need to worry about firewalls on all of my PC's or is antivirus sufficient?

Thanks

DG834's are pretty tight, check your WAN setup under advanced and just check that port scan & DOS protection is not disabled and that your router is not responding to PINGs on its WAN port. It's set up like this by default though so unless you changed it, should be cool.

Oh and seeing as it's a GT make sure your wireless stuff is tight - SSID hidden, WPA-PSK encryption (with a decent non-english key), use MAC filtering if you can.

 

[flash99]

Thanks Jacobstone,
I feel happier now that that has been sorted out.

Much Appreciated.

 

[EchoZA]

and for people with routers with WiFi access, please make sure you have WEP enabled, I found 15 unsecured WiFi networks on the drive home from work the other day (it's a 7.5km drive)

 

[Nickste]

Even better than WEP is WPA - if your Access Point supports it. It's easier to setup, and is a LOT more secure

Cheers, Nick

 

[jacobstone]

Thanks Jacobstone,
I feel happier now that that has been sorted out.

Much Appreciated.

No trouble mate.