interestrateripoff Posted February 26, 2014 Share Posted February 26, 2014 http://www.bbc.co.uk/news/technology-26352439 A computer virus that can spread via wi-fi like a "common cold" has been created by researchers in Liverpool.In densely populated areas with lots of wi-fi networks, the virus can go from network to network finding weaknesses. Once in control of a wi-fi access point, it leaves computers on the network extremely vulnerable. The team's lead researcher told the BBC it was working on software to prevent such attacks being possible. "Rather than rely on people to use strong passwords, you want to integrate intrusion detection systems to the access points," said Alan Marshall, professor of communication networks at the University of Liverpool. He would not go into detail about the methods in order to prevent the attack being used on real victims but said a proof-of-concept attack had been developed at the university. 'Under control' The virus, dubbed Chameleon, seeks out wi-fi access points - devices that transmit the wi-fi signal, found in many homes - that have not had their admin password changed. This password is different from the one used to log on to the wi-fi network itself, and is often left unchanged from the default setting. Once an access point is under a hacker's control, new firmware can be installed. Interesting I'm surprise it's taken this long to create. However how many HPC's have changed the default password for the wifi router which is admin / password. I change mine as soon as it's plugged in. Link to comment Share on other sites More sharing options...
Papa Serf Posted February 26, 2014 Share Posted February 26, 2014 I have and now I can't remember what the bloody thing is. Link to comment Share on other sites More sharing options...
swissy_fit Posted February 26, 2014 Share Posted February 26, 2014 I have and now I can't remember what the bloody thing is. +1 :angry: Link to comment Share on other sites More sharing options...
Snafu Posted February 26, 2014 Share Posted February 26, 2014 I will remind myself to change the default one. Link to comment Share on other sites More sharing options...
Downside Posted February 26, 2014 Share Posted February 26, 2014 Dont most routers now come with a random password as standard which is written on the router itself? Link to comment Share on other sites More sharing options...
Snafu Posted February 26, 2014 Share Posted February 26, 2014 +1 :angry: http://127.0.0.1 or whatever the IP is of the router? Sometimes written on it, or you can google what your provider typically puts as the IP (im quite sure it's not 127.0.0.1 but it's the only IP number I remember from my geek days, it might be your own computer actually ) Link to comment Share on other sites More sharing options...
yellerkat Posted February 26, 2014 Share Posted February 26, 2014 I have and now I can't remember what the bloody thing is. +1 :angry: Reset to factory settings and start again! Link to comment Share on other sites More sharing options...
interestrateripoff Posted February 26, 2014 Author Share Posted February 26, 2014 Reset to factory settings and start again! Yep, easy peasy. Link to comment Share on other sites More sharing options...
snowflux Posted February 26, 2014 Share Posted February 26, 2014 Dont most routers now come with a random password as standard which is written on the router itself? No, that's the wireless network login password. This article is talking about the router admin password, the defaults for which can be found at http://www.routerpasswords.com/ Link to comment Share on other sites More sharing options...
MrPin Posted February 26, 2014 Share Posted February 26, 2014 No, that's the wireless network login password. This article is talking about the router admin password, the defaults for which can be found at http://www.routerpasswords.com/ You naughty hacker! I don't think "joe public" are taught to change these! Esp as BT seem to give out routers with unencrypted wifi, but I'm not wicked enough, although,I am sure some are! Link to comment Share on other sites More sharing options...
Monkey Posted February 26, 2014 Share Posted February 26, 2014 http://127.0.0.1 or whatever the IP is of the router? Sometimes written on it, or you can google what your provider typically puts as the IP (im quite sure it's not 127.0.0.1 but it's the only IP number I remember from my geek days, it might be your own computer actually ) Most routers ip are 192.168.1.1 or 192.168.0.1 or if your a BT customer 192.168.1.254 Link to comment Share on other sites More sharing options...
The Ayatollah Buggeri Posted February 26, 2014 Share Posted February 26, 2014 No, that's the wireless network login password. This article is talking about the router admin password, the defaults for which can be found at http://www.routerpasswords.com/ However, you can't even get to the router admin login screen unless you're connected to that router in the first place, and to connect to the router you need to know the wireless network login credentials. Therefore I can't see how this virus would work if the network login had been changed from the default, but the admin password had not, unless it is introduced via a machine that is already connected. Likewise, if you use MAC filtering on your router (i.e. you configure it so that it will only accept connections from devices with a list of specific MAC addressees), that should prevent the virus from getting into the router unless it is through a machine that is already connected, even if both passwords have been left on their defaults. That having been said, router passwords left on their defaults can be a problem. A few years ago (probably in '07 or '08), a friend of mine, who lived in a block of flats, asked me to check out why her Internet connection was slow. When I checked the list of devices connected to her router, there were something like 50! Because she was probably the only household in the block who had broadband, pretty much everyone within signal range had helped themselves to her connection. She got some hostile glares in the corridors and lift after I changed the password and set up MAC control for her... Link to comment Share on other sites More sharing options...
fluffy666 Posted February 26, 2014 Share Posted February 26, 2014 You naughty hacker! I don't think "joe public" are taught to change these! Esp as BT seem to give out routers with unencrypted wifi, but I'm not wicked enough, although,I am sure some are! Yes.. One of my neighbours has that - once when I was installing windows, it managed to auto connect and start downloading stuff before I realised.. Link to comment Share on other sites More sharing options...
Monkey Posted February 26, 2014 Share Posted February 26, 2014 However, you can't even get to the router admin login screen unless you're connected to that router in the first place, and to connect to the router you need to know the wireless network login credentials. Therefore I can't see how this virus would work if the network login had been changed from the default, but the admin password had not, unless it is introduced via a machine that is already connected. Likewise, if you use MAC filtering on your router (i.e. you configure it so that it will only accept connections from devices with a list of specific MAC addressees), that should prevent the virus from getting into the router unless it is through a machine that is already connected, even if both passwords have been left on their defaults. That having been said, router passwords left on their defaults can be a problem. A few years ago (probably in '07 or '08), a friend of mine, who lived in a block of flats, asked me to check out why her Internet connection was slow. When I checked the list of devices connected to her router, there were something like 50! Because she was probably the only household in the block who had broadband, pretty much everyone within signal range had helped themselves to her connection. She got some hostile glares in the corridors and lift after I changed the password and set up MAC control for her... Unsecurred routers ie no wifi password, can get you access to the network. Or a brute force attack on WEP securred access points is simple, you do this from your phone now with a downloaded app Link to comment Share on other sites More sharing options...
The Ayatollah Buggeri Posted February 27, 2014 Share Posted February 27, 2014 Pretty much all new routers use WPA as the default now, don't they? If you want WEP, you have to choose to downgrade in the admin settings, which I'm guessing that no-one would do unless they have a specific reason. The last few routers I've set up all used WPA (or one of the later variants thereof) by default. Link to comment Share on other sites More sharing options...
happy_renting Posted February 27, 2014 Share Posted February 27, 2014 When you are setting up a WiFi Router, set your network name to 'Police Monitoring'. Scares the s*** out of your neigbours. Link to comment Share on other sites More sharing options...
Byron Posted February 27, 2014 Share Posted February 27, 2014 Since I use a hard wire connection to my router, would a tin foil hat for the router work? Link to comment Share on other sites More sharing options...
The Ayatollah Buggeri Posted February 27, 2014 Share Posted February 27, 2014 When you are setting up a WiFi Router, set your network name to 'Police Monitoring'. Or "FreeKiddiePronXXX" and see how many of your neighbours attempt to log on? Link to comment Share on other sites More sharing options...
Monkey Posted February 27, 2014 Share Posted February 27, 2014 Pretty much all new routers use WPA as the default now, don't they? If you want WEP, you have to choose to downgrade in the admin settings, which I'm guessing that no-one would do unless they have a specific reason. The last few routers I've set up all used WPA (or one of the later variants thereof) by default. Yes alot do, but i can show you at least 2 wifi access pointd in every mile that is totally unsecure, ie the perzon has removed/turned off security. Also i can show you people who have old access points with WEP, and other people who have new access points, but they revert back to WEP and password of an old router so they dont need to re-setup all their wireless devices Again. Its all well and good routers commibg with security, but if people change them or turn them off then its their fault Link to comment Share on other sites More sharing options...
Bloo Loo Posted February 27, 2014 Share Posted February 27, 2014 Better routers can prevent control via wireless...making the virus impotent as control of the OS cant be undertaken wirelessly. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.