Jump to content
House Price Crash Forum

Archived

This topic is now archived and is closed to further replies.

interestrateripoff

'contagious' Wi-Fi Virus Created By Liverpool Researchers

Recommended Posts

http://www.bbc.co.uk/news/technology-26352439

A computer virus that can spread via wi-fi like a "common cold" has been created by researchers in Liverpool.

In densely populated areas with lots of wi-fi networks, the virus can go from network to network finding weaknesses.

Once in control of a wi-fi access point, it leaves computers on the network extremely vulnerable.

The team's lead researcher told the BBC it was working on software to prevent such attacks being possible.

"Rather than rely on people to use strong passwords, you want to integrate intrusion detection systems to the access points," said Alan Marshall, professor of communication networks at the University of Liverpool.

He would not go into detail about the methods in order to prevent the attack being used on real victims but said a proof-of-concept attack had been developed at the university.

'Under control'

The virus, dubbed Chameleon, seeks out wi-fi access points - devices that transmit the wi-fi signal, found in many homes - that have not had their admin password changed.

This password is different from the one used to log on to the wi-fi network itself, and is often left unchanged from the default setting.

Once an access point is under a hacker's control, new firmware can be installed.

Interesting I'm surprise it's taken this long to create.

However how many HPC's have changed the default password for the wifi router which is admin / password. I change mine as soon as it's plugged in.

Share this post


Link to post
Share on other sites

+1 :angry:

http://127.0.0.1 or whatever the IP is of the router? Sometimes written on it, or you can google what your provider typically puts as the IP

(im quite sure it's not 127.0.0.1 but it's the only IP number I remember from my geek days, it might be your own computer actually )

Share this post


Link to post
Share on other sites

No, that's the wireless network login password. This article is talking about the router admin password, the defaults for which can be found at http://www.routerpasswords.com/

You naughty hacker! I don't think "joe public" are taught to change these! Esp as BT seem to give out routers with unencrypted wifi, but I'm not wicked enough, although,I am sure some are! :blink:

Share this post


Link to post
Share on other sites

http://127.0.0.1 or whatever the IP is of the router? Sometimes written on it, or you can google what your provider typically puts as the IP

(im quite sure it's not 127.0.0.1 but it's the only IP number I remember from my geek days, it might be your own computer actually )

Most routers ip are 192.168.1.1 or 192.168.0.1 or if your a BT customer 192.168.1.254

Share this post


Link to post
Share on other sites

No, that's the wireless network login password. This article is talking about the router admin password, the defaults for which can be found at http://www.routerpasswords.com/

However, you can't even get to the router admin login screen unless you're connected to that router in the first place, and to connect to the router you need to know the wireless network login credentials.

Therefore I can't see how this virus would work if the network login had been changed from the default, but the admin password had not, unless it is introduced via a machine that is already connected. Likewise, if you use MAC filtering on your router (i.e. you configure it so that it will only accept connections from devices with a list of specific MAC addressees), that should prevent the virus from getting into the router unless it is through a machine that is already connected, even if both passwords have been left on their defaults.

That having been said, router passwords left on their defaults can be a problem. A few years ago (probably in '07 or '08), a friend of mine, who lived in a block of flats, asked me to check out why her Internet connection was slow. When I checked the list of devices connected to her router, there were something like 50! Because she was probably the only household in the block who had broadband, pretty much everyone within signal range had helped themselves to her connection. She got some hostile glares in the corridors and lift after I changed the password and set up MAC control for her...

Share this post


Link to post
Share on other sites

You naughty hacker! I don't think "joe public" are taught to change these! Esp as BT seem to give out routers with unencrypted wifi, but I'm not wicked enough, although,I am sure some are! :blink:

Yes.. One of my neighbours has that - once when I was installing windows, it managed to auto connect and start downloading stuff before I realised..

Share this post


Link to post
Share on other sites

However, you can't even get to the router admin login screen unless you're connected to that router in the first place, and to connect to the router you need to know the wireless network login credentials.

Therefore I can't see how this virus would work if the network login had been changed from the default, but the admin password had not, unless it is introduced via a machine that is already connected. Likewise, if you use MAC filtering on your router (i.e. you configure it so that it will only accept connections from devices with a list of specific MAC addressees), that should prevent the virus from getting into the router unless it is through a machine that is already connected, even if both passwords have been left on their defaults.

That having been said, router passwords left on their defaults can be a problem. A few years ago (probably in '07 or '08), a friend of mine, who lived in a block of flats, asked me to check out why her Internet connection was slow. When I checked the list of devices connected to her router, there were something like 50! Because she was probably the only household in the block who had broadband, pretty much everyone within signal range had helped themselves to her connection. She got some hostile glares in the corridors and lift after I changed the password and set up MAC control for her...

Unsecurred routers ie no wifi password, can get you access to the network. Or a brute force attack on WEP securred access points is simple, you do this from your phone now with a downloaded app

Share this post


Link to post
Share on other sites

Pretty much all new routers use WPA as the default now, don't they? If you want WEP, you have to choose to downgrade in the admin settings, which I'm guessing that no-one would do unless they have a specific reason. The last few routers I've set up all used WPA (or one of the later variants thereof) by default.

Share this post


Link to post
Share on other sites

Pretty much all new routers use WPA as the default now, don't they? If you want WEP, you have to choose to downgrade in the admin settings, which I'm guessing that no-one would do unless they have a specific reason. The last few routers I've set up all used WPA (or one of the later variants thereof) by default.

Yes alot do, but i can show you at least 2 wifi access pointd in every mile that is totally unsecure, ie the perzon has removed/turned off security. Also i can show you people who have old access points with WEP, and other people who have new access points, but they revert back to WEP and password of an old router so they dont need to re-setup all their wireless devices

Again. Its all well and good routers commibg with security, but if people change them or turn them off then its their fault

Share this post


Link to post
Share on other sites

Better routers can prevent control via wireless...making the virus impotent as control of the OS cant be undertaken wirelessly.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

  • The Prime Minister stated that there were three Brexit options available to the UK:   219 members have voted

    1. 1. Which of the Prime Minister's options would you choose?


      • Leave with the negotiated deal
      • Remain
      • Leave with no deal

    Please sign in or register to vote in this poll. View topic


×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.