It continues to amaze me, almost halfway into 2006, that there isn't a more concerted effort by linksys and other major players for home market wireless routers, to make people aware of wireless security.
The other day I was I detected wireless entworks simply driving around with a laptop with built in wireless detection, through out the course of 3-4 hours in 10 towns, about 200 wireless networks have default login/password to their GATEWAY.
For new comers that don't know, when you setup a router, and just let it run with default configuration, a person can just do ipconfig /all in command prompt, or the equivalent in linux (which I do not know), and look for the gateway.
That is the wireless router serving out the dhcp in their usually
192.168.x.x network. If gateway = 192.168.1.1 simply http://192.168.1.1 and login with default credentials of the major makers, ie: linksys/netgear/d-link etc. You can find out the default login/passwords for these by pulling up the manuals for the respective routers on the manufacturer websites.Baffled. . . .
Can lock people out of their own router. Some people have in un- masked form, their email address and password in some configurations, where DSL requires it. Then imagine where you can go from there. . . scary
Companies now need to have some sort of complex protection auto enforcement instead of letting shit go default, a nice and easy to use automated GUI process, instead of letting the users do it, when the users themselves just leave it alone (not due to laziness) because their clueless.
:) __________________________________________________
3:16