Default router passwords
If a cracker has physical access to your router then they can probably reset it to default factory settings (this is often just a case of holding down a button for a few seconds). Alternatively you may not have changed the default settings, the most important of which is the administrator password. If this is a wifi router that isn’t secured then someone within the radius of the wifi can be issued a network address, and access the router configuration and from here can take control of your network. This website has a comprehensive list of default usernames and passwords for routers, which shows how easy it is to get hold of these details. I have checked, and sure enough my router is in there and they’ve got the defaults correct. My advice is to always change these settings to something you will remember, and be aware of anybody with physical access to your router.
September 21st, 2007 at 8:49 pm
Another thing to watch out for are routers that not only have Web accessible administration systems, but telnet accessible ones too! I knew about this on my dad’s router, and I called him one day for a joke and asked him how his Internet was, logged in via telnet and promptly knocked him off the net. This was only because he was being really cocky about how he’d secured everything though ;-)