geffers
Posts: 353
Joined: Sun Jun 24, 2012 6:25 am
Location: UK
Contact: Website

WiFi Repeater Security

Mon Oct 01, 2018 7:18 pm

Folks,

Last year there was a bit of a scare with wifi security and although no evidence of hack taking place manufacturers were busy putting out security updates.

At the time, and I'm not sure why, repeaters were considered vulnerable.

Does anyone know if this is still the case?

Geffers

wildfire
Posts: 400
Joined: Sat Sep 03, 2016 10:39 am
Location: Dundee, Scotland

Re: WiFi Repeater Security

Mon Oct 01, 2018 7:23 pm

geffers wrote:
Mon Oct 01, 2018 7:18 pm
Folks,

Last year there was a bit of a scare with wifi security and although no evidence of hack taking place manufacturers were busy putting out security updates.

At the time, and I'm not sure why, repeaters were considered vulnerable.
Source?
Does anyone know if this is still the case?
I use a couple of WiFi extenders, never had an issue. It could help if you quote make and model that you are concerned with.
Scotty never said "I canae give her any more Captain, She'll blow".
B'Elanna Torres however did say "Get the cheese to the sickbay" :?:

W. H. Heydt
Posts: 9099
Joined: Fri Mar 09, 2012 7:36 pm
Location: Vallejo, CA (US)

Re: WiFi Repeater Security

Tue Oct 02, 2018 4:18 am

Basically, anything with a default ID and password is vulnerable. If it can take a connection from the outside, doubly so. There were articles about various models of router having these sorts of vulnerabilities, but I don't recall reading anything about APs or range extenders specifically.

Just change the default administrative password. Change the ID if you can (not all routers permit that). Use the best WiFi security your router/access point/extender has. If you're really concerned, go wired.

User avatar
Yukon Cornelius
Posts: 10
Joined: Tue Jul 03, 2018 7:24 am

Re: WiFi Repeater Security

Tue Oct 02, 2018 5:45 am

W. H. Heydt wrote:
Tue Oct 02, 2018 4:18 am
Basically, anything with a default ID and password is vulnerable. If it can take a connection from the outside, doubly so. There were articles about various models of router having these sorts of vulnerabilities, but I don't recall reading anything about APs or range extenders specifically.

Just change the default administrative password. Change the ID if you can (not all routers permit that). Use the best WiFi security your router/access point/extender has. If you're really concerned, go wired.
Valuable info there on routers in general , and I would add a few extras :-

In router admin , disable WPS , or whatever your router calls that "handy" button that enables quick connection
of new hardware ( eg new printer , mobile device of a friend / visitor ).
It's a security nightmare which is exploitable by anyone within wifi range .

Likewise , disable " broadcast SSID" if it's possible in your router admin ...... Why ?
Because popular routers all over the world come out of the box with unbelievably stupid defaults
eg. user := "user" , admin := "admin" or "changeme "
That is still the case with Comcast routers and was also true of Virgin Media routers , last time I worked in UK .

So it makes it a gift to hacker , who only has to scan wifi networks in the vicinity , and pick the low-hanging fruit .
Keep in mind that if you are using an ISP provided router , of any make or type , it is them in control of the device , not you .
The remedy is as simple and cheap as buying a basic router and putting it in between your equipment and their router .

And there are some great Pi projects for home-made routers ..... what a surprise !
Not .... 8-)

W. H. Heydt
Posts: 9099
Joined: Fri Mar 09, 2012 7:36 pm
Location: Vallejo, CA (US)

Re: WiFi Repeater Security

Tue Oct 02, 2018 1:48 pm

I was on an AmTrak train a couple of years ago and set up a Pi in the lounge car while we were rolling through some suburbs. It was amusing to see all the WifI listings scrolling by, probably about 3/4 of them had default SSIDs...and mostly likely either default or easily guessed passwords. Kind of put a new twist on "war driving".

W. H. Heydt
Posts: 9099
Joined: Fri Mar 09, 2012 7:36 pm
Location: Vallejo, CA (US)

Re: WiFi Repeater Security

Tue Oct 02, 2018 1:55 pm

And, just in time for this topic, here is an article from The Register about hijacking home routers...
https://www.theregister.co.uk/2018/10/0 ... r_hacking/

geffers
Posts: 353
Joined: Sun Jun 24, 2012 6:25 am
Location: UK
Contact: Website

Re: WiFi Repeater Security

Sat Oct 06, 2018 5:31 pm

Reference my original post; definitely read somewhere repeaters were a particular problem but afraid cannot recall specifics.

I have an older Draytek router (no wifi) but have an Edimax WiFi AP connected. I've actually got 3 Edimax WiFi APs EW7228APn devices acquired over the years. Experimented with using as repeaters and extra AP to try and eliminate WiFi dead spots. Stopped using as repeaters when the scare came out.

Think one was krack and cannot recall the other. I do recall Linux addressed the problem very quickly.

Geffers

Return to “Off topic discussion”