Some people like to have WiFi routers. I certainly do – being able to work all around the house without worrying about wires is ideal. Whether it’s the Orange SPV M3100 on WiFi or my laptop, I can get connected to the internet.
My WiFi is secured down. You’ll need a password to get on and only I know what it is. However, others like to have “open” or “unsecured” networks. They may like the idea that anyone can borrow their connection – and that’s fine. However, you shouldn’t leave it totally open. What am I talking about? Well, I’ll show you.
Today I noticed that my own WiFi router was dropping out. Through experience I know that this usually happens if someone else is running another wireless router quite close on the same channel. So I had a look. I told my Windows XP to have a look for any wireless access points. This is what I found..
I’m currently connected to my own home network at the bottom. I’ve blurred some bits out here just in case my neighbour has stumbled upon this site (believe me, running this site is weird at times, I’ve had several emails from people living in Burntwood saying that they check the site daily). Anyhow… at the top you can see the unsecured wireless network that one of my neighbours has. I figured I’d try to connect to it. Usually people lock down “unsecured” networks by “MAC code”. A “MAC code” is given to every network device sold and you can strap your network down to that device. However, this one is wide open and it lets me in…
It lets me on, however I’ve got to check that I can browse – sometimes wireless networks may let you connect but they’ll not allocate you a working IP address. I decided to check my IP address on the router by typing “ipconfig” in a DOS box. Sure enough the router has given me an IP address and a gateway..
Now, I’ll try and check the IP address externally – so I browse to WhatIsMyIP.com. This is what I get back..
So now I know I’m no longer on my home net connection – I also know that I’ve got access to the internet and I know that I’m connected to another internet provider. How? Well, the IP address above – when you run it through the excellent dnsstuff.com it resolves to a BT Internet IP range. I don’t use BT internet, so now I know I’m fully robbing someones internet access that they’ve paid for.
Up until this point is fine. Having your internet access open is ok and it means that people parking outside your house or living close to you can borrow your internet. However, you really have to watch that you don’t make the mistakes my neighbour obviously has. Let me explain…
Above I found out that the gateway IP address is 192.168.1.1. Now, most wireless routers are configured by browsing to the IP address of the router and then sticking all the details in for the ADSL connection etc etc. Usually the router will be “locked down” so that people browsing from “outside” the router (i.e. on the internet) cannot browse to the router and configure it. However, people “inside” the router (i.e. on the network internally) can browse and configure it – if they’ve got the password.
So, if I type 192.168.1.1 I’ll found out if they’ve locked it down properly..
Ah – right, it’s asking for a password. I’ve found out that it’s a D-Link too. The username is already entered – I haven’t typed it in. So… anyone care to guess what the standard password is? Anyone want to gamble as to the regular password that’s entered with all D-Link routers?
The username “admin” has a password of…. “admin”. Enter this and….
Oh dear.. We’re in. Straight in. Now I can see that they’ve got a standard 2Mb ADSL connection which has been up for around an hour. Although this connection is slower than my ADSL (I’ve got the “up to 8Mb” ADSL connection) I could in theory use this for downloading all day and night to relieve my own bandwidth. Or I could do the reverse – I could use my own WiFi connection to download and just use their WiFi to browse the internet. The only way they’d know is if they went to their “Status” screen and checked the devices which are connected.
Hmmm.. so what next ? Well, if I was particularly nasty I could really mess around. Within the router is every setting you need to get onto the internet. Here’s the ADSL setting screen for this router – I could easily delete all this if I wanted, or change it all completely causing them to call BT Broadband to fix it. Then, when they get it fixed, I could hop back on and mess it up again..
Things get worse though. You’re effectively part of their internal network now. So all you need to do is click “DHCP Clients” on the router and you’ll instantly find out who’s connected to the router and what IP address they’ve been given by the router.
I know that I’ve been given 192.168.1.2 by the router, but look – there’s someone connected on 192.168.1.4. This is bound to be the person in the house who owns the router, but I’m on their network now, so all I need to do is check the network and..
Oh dear.. I could go further – I could easily check their PC for shared drives, I could send them messages and more. So, please please – at the very least check that your router has a proper password on it. I’d heavily advise sticking some sort of encryption onto your wireless network too. If you don’t then it’s all too easy for people to mess around with your network.
Unfortunately houses are being built closer together these days and house-builders are building “up” instead of “out” with three-story houses being the norm. All of this means that people are closer together and wireless networks are crossing over more and more. Make sure yours is secured!