The dangers of leaving your modem firewall with default password and user id

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
admin, password.  Good, bad or indifferent?  Assume some software AV suite
exists in place.

RL

Re: The dangers of leaving your modem firewall with default password and user id


Quoted text here. Click to load it

Bad idea. Malware can login to your router and make changes to it's
settings. This is one way in which DNSChanger ensured it had control.

Change the default admin password.


--
Character is doing the right thing when nobody's looking. There are too
many people who think that the only thing that's right is to get by, and
the only thing that's wrong is to get caught. - J.C. Watts

Re: The dangers of leaving your modem firewall with default password and user id

On Friday, June 8, 2012 7:36:02 PM UTC-4, Dustin wrote:
Quoted text here. Click to load it

OK then, thanks.  The next question Mr. Dustin is what the password length =
should be?  I figure 8 lowercase letters (including 1 number at least) is '=
good enough', since somewhere I read it takes several hours to crack such a=
 passcode.  By that time the bad guys will have moved on to lower lying fru=
it to pick somewhere else on the ether, correct?

I know in theory I should be using 15 hexdecimal units or whatever but I li=
ke to use easy to remember phrases.

RL

Re: The dangers of leaving your modem firewall with default password and user id

Per RayLopez99:
Quoted text here. Click to load it

I'm not Mr Dustin...   But I use the dead pet system of password
generation.

The name(s) of one or more dead pets in propercase plus three
digits.

Easy to recall, and I haven't been burned yet (to my knowledge,
at least).

Maybe somebody who knows can comment on the relative security of
PWs concocted thusly...
--
Pete Cresswell

Re: The dangers of leaving your modem firewall with default password and user id

(PeteCresswell) wrote:
Quoted text here. Click to load it

Mediocre. Most strong algorithms for password creation require $p3c14l
characters also be used.

I do something very similar to what you do, but include some special
characters in a way that I can remember.

Re: The dangers of leaving your modem firewall with default password and user id


Quoted text here. Click to load it

I don't know why it would take several hours to run lower case
alphanumeric' in a set of 8 digits. Your router is pretty fast and
doesn't know when to stop letting me try... :) I really don't think a
couple of hours is accurate anymore on that one Ray. Even if it is, do
you really want to chance a malware sample being able to brute force
it's way in within a couple hours of you not noticing it's around?

Atleast use 10-12 characters, upper/lowercase mix with some numbers
and/or other characters in between.

If you forget the damn thing, you can always hit the reset button on the
back of the router. :)
 
Quoted text here. Click to load it

Are you confusing the wifi security passphrase with the admin login for
router configuration?


--
Character is doing the right thing when nobody's looking. There are too
many people who think that the only thing that's right is to get by, and
the only thing that's wrong is to get caught. - J.C. Watts

Re: The dangers of leaving your modem firewall with default password and user id

Per Dustin:
Quoted text here. Click to load it

Might there be a logical switch on some routers that, when set,
does not allow access over the WAN?   Seems logical...
--
Pete Cresswell

Re: The dangers of leaving your modem firewall with default password and user id


Quoted text here. Click to load it

I'm sure there is. Mine is configured to let a local box hardlined to it
only configure it.

However, When I mentioned the brute force attack I was considering it from
inside the network. There is no switch AFAIK, that would prevent that. One
way you could put an end to it tho is to make the router ask 3 times for
the correct login and when it fails, keep asking, but even if I get it
right, dont let me in. Say, having to wait 20 minutes before you can try
again with the right password. This would make things very hard on the
brute forcing.

Even if it did score the right password, it probably wouldn't get it in
the 3 valid tries.


--
Character is doing the right thing when nobody's looking. There are too
many people who think that the only thing that's right is to get by, and
the only thing that's wrong is to get caught. - J.C. Watts

Re: The dangers of leaving your modem firewall with default password and user id

RayLopez99 wrote:
Quoted text here. Click to load it
Always change it from the defaults. AV is irrelevant to this issue.


Re: The dangers of leaving your modem firewall with default password and user id

On Friday, June 8, 2012 8:18:43 PM UTC-4, FromTheRafters wrote:
Quoted text here. Click to load it

Well I'm hardly the expert you are or claim to be, but since a software AV =
is essentially a software firewall (or at least we can agree it's often fou=
nd in the same suite) I don't see why it's irrelevant, unless you are makin=
g a Dave Lipmann type of grammatical distinction between software firewall =
and AV.  So I would conclude from your statement that it's best to have 'be=
lts and suspenders' by having a hardware firewall in place, rather than rel=
y on a s/w firewall only, so I'll take the final answer as "bad".  Thanks f=
or your input.

RL

Re: The dangers of leaving your modem firewall with default password and user id

On Friday, June 8, 2012 8:18:43 PM UTC-4, FromTheRafters wrote:
 >> RayLopez99 wrote:
 >>
 >>> admin, password.  Good, bad or indifferent?  Assume some software
 >>> AV suite exists in place.

 >> Always change it from the defaults. AV is irrelevant to this issue.

 > Well I'm hardly the expert you are or claim to be, but since a
 > software AV is essentially a software firewall (or at least we can
 > agree it's often found in the same suite) I don't see why it's
 > irrelevant,

It doesn't protect the modem/firewall/router - it's a separate device.

 > unless you are making a Dave Lipmann type of grammatical distinction
 > between software firewall and AV.

Well ... they *are* entirely different things.

 > So I would conclude from your statement that it's best to have 'belts
 > and suspenders' by having a hardware firewall in place, rather than
 > rely on a s/w firewall only, so I'll take the final answer as "bad".

The hardware firewall aspect of the router/modem isn't the only thing
exposed by leaving the defaults in place.

 > Thanks for your input.

You're welcome.

Incidentally, my cable company didn't mention *any* of the proper
security measures for setting up their equipment in their little
do-it-yourself booklet.


Re: The dangers of leaving your modem firewall with default password and user id

On Friday, June 8, 2012 11:16:40 PM UTC-4, FromTheRafters wrote:
Quoted text here. Click to load it

Yes, and in fact my installer in fact specifically told me to 'keep the def=
aults since it's easier for us to service the modem if you have a problem' =
(which got me suspicious as to whether he was going to somehow break in, si=
nce he had the default password for the wireless portion of the modem, and =
I know that resetting the password on the hardware is easy using a needle a=
nd the reset hole).  So I changed the defaults.

RL

Re: The dangers of leaving your modem firewall with default password and user id


Quoted text here. Click to load it

Easier for them to service... Heh, Yea.. I'll bet it is. :)
It's not really breaking in if he has a copy of the keys...


--
Character is doing the right thing when nobody's looking. There are too
many people who think that the only thing that's right is to get by, and
the only thing that's wrong is to get caught. - J.C. Watts

Re: The dangers of leaving your modem firewall with default password and user id


Quoted text here. Click to load it

The AV software resides on a computer and is mutually exclusive to the Router
(not modem
unless it is a modem that has a Router addded to it).  The router sits on both
the WAN and
LAN and thus the attack can come from either interrnal or external forces.

Thus to harden a Router a Strong Password should be used on the Router to
replace the
default.
http://en.wikipedia.org/wiki/Password_strength

The Router can be further hardended by disabling replies to ICMP packets as well
as
disabling adminstration from the WAN POV.



--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp



Site Timeline