How I Hacked Your LinkSys Router Which You Probably Bought at Best Buy
February 18th, 2007
Written By: Adam Sussman
Months ago I hijacked my neighbors LinkSys Wireless Router, reconfigured it by calling it my own and blocked all other users from using it except myself.
Am I a hacking genius? Do I have mad skills which allow me to read streams of code on a monitor as we saw in the movie “The Matrix”? Perhaps I am some 14 year old malicious kid pounding away on my keyboard with Cheese Puff stained fingers!
Not quite! What I am is a computer user who went to Best Buy, like you probably did and picked up a new LinkSys Wireless Router because my old one died.
I plugged in the new wireless router and used my wireless XP computer to automatically connect me to the default “linksys” router. Being the security conscience person that I am as soon as I was connected I went ahead and personalized the router.
I started by renaming the router from “linksys” to a more personalized name. I turned off SSID broadcasting and ensured I turned on wireless encryption. I even went to the point where I turned on MAC filtering and personalized the router just for my MAC addresses.
Over the past few months the router would seem to go off and on at odd times but I would say I had 95% uptime with a solid internet connection. As I have 3 wireless computers, a Wireless Tivo and an Xbox 360 all using my personalized wireless connection I never gave my network a second thought.
Early this morning I needed to add a new computer to the network. This time the computer was hardwired via an Ethernet cable directly to my LinkSys router. I literally plugged the computer into the router and right away I had an Internet connection.
What I wanted to do was share-out my drives so the new computer could read data off of other computers on the network but for the life of me I could not figure out why the new computer on the network could not see any of my other computers.
All the other computers could see each other just fine and sharing has never been a problem with me in the past. I checked to see if they were all on the same IP block and that nothing was causing conflict.
Since I only setup MAC Filtering for Wireless I did not think I needed to do anything special with the new computer.
Either way, I decided to log into the LinkSys administrative screen using my existing wireless laptop. With my web browser I typed in the default Gateway IP address (192.168.1.1) that took me to the LinkSys login. I typed in my username and super strength password which then took me to the configuration screens that I had not seen since I setup the router for the first time.
I looked around, clicking away at all the options and I could not see where I was going wrong. Then I started to get a hunch. I clicked my way over to the DHCP Client Table list and took a look at all the IP addresses. It became clear to me my new computer was not on the same network as all the other computers in the house.
So what gives?
Using my new computer I popped open the browser and typed in the default gateway as I had done before. I was taken to the same LinkSys login page but this time when I typed in my username and my super strength password it would not authenticate me.
Just to make sure I was not losing my mind I reentered the password several times. I even looked at the Ethernet cable on my floor and followed both ends of the wire. I was sure the new computer was plugged into my router.
On my laptop I could log-in to the router using the same IP but with the PC that is hardwired to the router I was getting an authentication screen but could not log in.
It then dawned on me; my Laptops are not wirelessly connected to my router. I must be connecting to another router and if this is the case I must have hijacked someone else’s router and configured it as my own.
To confirm this, I typed in the default username and password that comes with LinkSys using my hardwired PC and I immediately authenticated. It turned out I was right, unintentionally several months ago I had taken over someone else’s router and locked it down.
Considering I had locked this other router down so tight and that there was no way anyone could connect wirelessly I wondered why this person never took the router off line.
Then I realized it was possible he could be connecting using an Ethernet and if he did that it was possible he could see any of my shared files on the network.
I got that panic feeling where I realized I had just left the front door open to all my files for several months. So just to make sure, I went back to the DCHP Client Table on this person’s router and looked for any extra devices apart from my Tivo Wireless, Xbox and laptops.
As it turned out the only devices connected to the network were my own. Phew, what a relief! It appeared I was the only person using that router.
Going back to the question as to why that person never shutdown his router if they could not use it I realized that if I got confused as to whose router I was using, perhaps this person was confused as well.
Using my new computer which is physically connected to my real router I took a look at the DHCP Client Table. It turned out that this person had been using my router.
Hey what a jerk, he’s hijacking my router!
Sine my router has been sitting here pretty much un-configured out of the box, I found that a few of my neighbors took some interest and have been using my wireless router for their wireless internet access as well.
Looking at the DHCP Table, it appeared I was serving up quite a few of my neighbors with free wireless access.
I spent another 30 minutes doing some quick housekeeping work. I released control of his router by setting it back to the default settings. I then regained control of my router and booted everyone off and in the end I was able to view the new computer on my network.
Moral of this story, in a world where we all shop at the same stores and buy the same wireless equipment it is very easy to unintentionally hijack someone’s wireless connection. Thus, peoples files are not as safe as they think they are!
February 18th, 2007 13:12
Interesting…..my own experience with about a dozen Linksys routers is that they will not allow themselves to be configured through the wireless - you must connect directly to the router using a wired connection.
February 18th, 2007 13:51
Hrm.. a couple problems:
First of all - nothing personal but, you were basically an idiot for NOT directly connecting a network cable to your new router to configure it – it was stupid to think that the first “linksys” wireless SSID you saw was your own – ESPECIALLY if you knew enough to set up and enable more advanced features like Wireless MAC Address filtering on the Router.
It’s just plain stupid to do an initial setup of a router wirelessly.
Second, when you panic thinking maybe your shares had been open to someone else all along, you’re quite possibly wrong in the conclusion that they weren’t!
If the neighbor who actually owned the router had only used a wired connection to the router and had set an IP address manually (naturally, something like 192.168.1.xx) that wired computer would NOT show up in the Router’s DHCP table.. And thus your shares WOULD have been completely visible to the neighbor who actually owned the router in question…
But I will give you that the neighbor probably really didn’t have a clue what was going on either…
February 18th, 2007 13:58
Hey Jay, I thought of him using a static address and it not showing in the DCHP. I just assumed he did not know that much. Who knows? Hindsight is 20/20 !
February 18th, 2007 14:22
Exactly.. and it’s a good informative piece on just how simple it is to not even connect to your own router if you’re not careful.
When I was helping my sister get moved into her new house a few months ago, as I waited for Cox cable to come enable their services I noticed that not just one or two - but SIX WiFi networks were visible nearby and four of them were unsecured. I had no problem using any one of the other connections until we could set up her’s… grin
February 18th, 2007 16:09
I use my neighbour’s wireless router as a “backup” if mine ever goes down
Or you know… to do illigal things. Just kidding 
Actually I remember this RIAA lawsuite that was dropped because the defendant’s lawyer claimed that the router was not secured and “anyone” could have downloaded that music.
February 18th, 2007 20:09
Man, not good. One: never config any router/WAP wirelessly. Two: always change the default SSID. Three: always change your SSID to not be broadcasted. Four: always change your default network address/subnet (in your case, from 192.168.1.x to something else, like 192.168.122.x. Five: always set to use WEP.
February 18th, 2007 20:12
or, you could get a clue and configure you wireless router while your hardwired like you supposed to and not have those brain farts.
February 18th, 2007 20:12
Very interesting. I’m glad this happens, for I am using my neighbors internet as I speak.
February 18th, 2007 20:14
Yeah rigth. How much time it took you to come up with this?
February 18th, 2007 20:17
morons… don’t people use wpa?
February 18th, 2007 20:34
[…] http://www.shandyking.com/2007/02/18/hijack-hacked-linksys-wireless-router/ […]
February 18th, 2007 20:34
Wireless is DISABLED by default.
I call bullshit.
February 18th, 2007 20:36
Great writeup…this little ‘problem’ hadn’t ever occurred to me before! I wonder just how often this happens. On a trip I took last summer I was able to run NetSumbler on my girlfriend’s laptop along the way to see what I could see. We were staying with friends at an apartment complex of about 20 to maybe 30 units around a common center area… Sitting in the grass out there I was able to see 7 unsecured networks thanks to the local cable company who provides Motorola cable modems with built wifi routers…and out of the box they are unsecured! I had my pick of open multi-megabit connections all over that town. I wonder how many people aren’t using their own connection since all the SSIDs were the same…
Even more fun/interesting (scary some may say) was driving back home along 300 miles of interstate freeways in Oregon and finding more than 300 unsecured access points with decent (as in, connectable) strength & SNR… Yep, 1:1 ratio of mileage to access! [yes, flame bearing geeks, I realize not all were confirmed to be connectable] And this was with an internal wifi card in an HP laptop… I can’t wait to make the trip again with a better setup and see how many I can see! Best part is that more than half of them had an SSID of…’linksys’
February 18th, 2007 20:44
This cannot be true. Everyone knows Linksys routers need to be manually rebooted every few days after they have lost their brains
At least, with the model I have that is definitely the case.
February 18th, 2007 20:52
Why would the store you’re from make a difference? Wouldn’t it just be the same model? Because, AFAIK shops wouldn’t change a thing about them.
February 18th, 2007 20:55
ok yea, thats pretty funny. but what the hell does best buy have to do with it? this could happen to anybody, who has a neighbor who is stupid and has wireless, and you both happen to have the same router brand.
February 19th, 2007 04:39
How do you loose your mind? Do you unscrew it?
Or do you mean LOSE your mind!?
February 19th, 2007 05:17
Even though a neophyte might think that your story is science fiction it is actually quite a relatively uncomplex situation.
Two other such examples that I have specifically encountered.
1) Computer user 1 had a Linksys router set to defaults. That is channel 6 ssid ( network name that the computer wireless can be set to log onto) of the out of the box “Linksys”.
There were two neighbours with identical wireless setups. Guess someone had recommended or among themselves had recommended the standard Linksys WRT54G. The homeowner I was dealing with was unwilling to add encyption due to fear of inteferring with his daughter’s wired computer and a wireless printer was set up.
I was amazed the wireless worked consistently.
It does not take much with two wireless signals to confuse the computer as it bounces between the two and the nube panics as he is unable to get an internet connection. A bright fellow but the most I was unable to convince him was to change the channel and admin password. With an wireless activity monitor it turned out that there was 13 computers accessing his network in a short period. There was only 3 computers in his home. He had 3 computers and 10 of the neighbour’s computers were drifting in and out of his wireless network accidentally. One of the neighbours even had a wireless windows 95 computer. I should point out for all of the concern that “I must have wireless g ” that when this older b card was logged on the network would of been drawn down to wireless b slower standards of speeds.
Example 2. An idiot - a former biker of lower repute and wisdom kept insisting to me that hiw wireless ( ssid virus) logged on fine with both his and his wife’s laptops in the upper level bedroom and the basement but never on the main floor. The laptop he kept insisting even demanding was defective. He had proudly set up the router himself with the ssid i had recommended. ( You would be amazed how many people get scared when they catch the signal and turn off their computers quickly thinking that their antivirus program is detecting computer virueses andwarning them that the signal is sending out horrible computer viruses).
It turned out that three was a Linksys router in a neighbour close to the upstaris bedroom that was being accessed ( accidentally). The router set up in the home could not be recieved in either the main floor ( directly above the router) and certainly not in the second floor. The router had been set up in a furnace room ( metal furrnace, metal air wents and full metal filig cabinets) shielding the signal and as well the wireless router was placed on the floor under a very substantial and well built older metal office desk. To top it off one of the basic rules that this fellow lived by was that a person could never ever admit that they were wrong. To admit that one was wrong was to admit personal weakness. lol.
By the way the record for wireless in contests in the Nevada desert ( little physical interference little signal interference from other wireless routers and 2.4 gig signal devices i2 125 miles)>
The antenna used was a modified older large satellite antenna. The contest involves repeated reception of signal data and information and repeated wep key ( 64 bit I assume ) decryption.
Keep in mind though that this is a very controlled setting with relative experts.
If someone in your area can break into your wep enabled wireless network - good for them and this is probably the least of your problems.
Fun and games in the real world of computer wireless.
February 19th, 2007 06:12
[…] hijack someone ’s wireless connection. Here’s how this guy did it - by accident….read more | digg […]
February 19th, 2007 06:49
This just happened to me over the weekend! I bought a new linksys router, and it didn’t even occur to me that on my network pulldown one of the options was a linksys other than my own (Mac user)
I ended up reconfiguring it with my own name and inadvertently changing the password. Ironically this thing is such a piece of crap I am unable to configure any of the security settings on my own (it says it’s saving the settings and then just dumps them) so until I get the problem resolved I can’t keep any sensitive data on my machine.
February 19th, 2007 06:51
This is a very rare occasion. Most people buying a “wireless” router are going to be using it for just that. And once they see that other people are using their internet for free its gonna get locked up. So in conclusion this is a one in a million instance.
February 19th, 2007 07:13
wow… nice story! made me laugh hehe
February 19th, 2007 07:50
I guess to me the moral of the story isn’t that your neighbors suck, it’s that they’re willing to have a piece of 60 dollar hardware that they can’t use, and don’t seem to mind.
I just moved into an apartment complex whilest our house is being built. I am suprised at how many people share their internet out for free in this exact same manor. There are about 26 of them I can see from my bedroom. Of that, 15 of them are default settings of “LinkSys”, of those 15, 11 of them are open to the world.
Lets just hope that you don’t get busted by the IRAA for downloading music that your neighbors took off your router.
And I do agree with the above comment, that I thought the first time you set them up, you did have to be hardwired to them. it makes sense that the first router you saw was someone elses, because you were setting it up via wireless.
February 19th, 2007 08:02
That’s not exactly hacking. It’s simply logging into their unchanged default administrative control panel.
February 19th, 2007 08:40
People want stuff to work out of the box. Linksys (and others…D-Link, Netgear, etc.) guarantees this by turning off all the security settings. If they went the opposite route, people would just return the routers as defective.
I don’t think either you or your neighbor did anything particularly stupid. You can’t expect every Joe off the street to know about MAC addresses and IP tables.
February 19th, 2007 09:30
[…] UPnP enabled, and default wireless channels. These defaults lead the circumstances in “How I Hacked Your LinkSys Router Which You Probably Bought at Best Buy“. So the question becomes what do we do about these kind of problems. Vendors like Linksys […]
February 19th, 2007 09:41
This story made me smile although there’s one thing I don’t understand.
If you were connecting to this other persons router (I presume it’s a dsl/cable router) didn’t it require authentication for the internet connection?
Over here (UK) all adsl/cable connections need your own username/password, and you cannot use these details from a different location (even nextdoor).
February 19th, 2007 09:47
Interesting story. That’s why you always configure your wifi router over the wired ethernet connector, before you set it up on the network!
February 19th, 2007 10:02
i agree with the comment made about using a cable to setup the router initially.
February 19th, 2007 10:28
haha! Wireless is about as secure as you virginity in Taipei .. in the red light district.
WEP … takes about 30 minutes to crack these days, no matter how strong your password is.
WPA, and WPA2 are testimony to how fast a particular encryption scheme falls against hackers and higher performing CPUs, while WPA2 still hasn’t been broken, it shouldn’t be too long. In addition to the steps taken by the author of this article to lock down a wireless router, you would be better off turning off DHCP, and using static IPs, also try to get WPA2, if you can lower the broadcast signal strength so that the packets cannot be sniffed from 2 blocks away, better yet use wallpaper that acts as a Faraday cage on the outside walls of the house :-p
February 19th, 2007 10:45
@JC: I’ve not seen a modern Linksys router that will not allow configuration through the wireless port.
Most people, ie the public, using a wireless router these days are going to use it wireless. Regardless of whether they could use it wired, they are more likely to use wireless adapters or built in wireless on their laptops. The shops push this on them, advertising pushes this on them, and the name “wireless router” suggests it needs to be wireless.
Using a generic ssid and key is silly, and many newer models come with a unique key and id which is printed on the side of the router, presumably in an attempt to beef up default security - admittedly, Linksys aren’t doing this yet, but I suspect it is only time before they do.
With respect to security / accidentally getting onto someone elses router etc- I’m afraid Joe Public has absolutely no idea what he is doing with this stuff. If it isn’t secure(ish) out of the box, then it probably never will be. He simply doesn’t care, nor want to care, about fixing it - and why should he? I just wants to use the internet from his laptop and this is the way the guy in the shop told him to do it. If it isn’t broken (as in, not working) he is unlikely to try and fix it.
February 19th, 2007 10:48
[…] hijack someone ’s wireless connection. Here’s how this guy did it - by accident….read more | digg […]
February 19th, 2007 12:19
Interesting case of cross-hijacking. It could happen since way too many routers are around.
Next time use a cable to be absolutely sure that you are dealing with your own stuff.
February 19th, 2007 16:47
About this blog page:
Um, duh. Check the MAC address next time when you setup.
February 19th, 2007 17:11
What about the role of powerline ethernet adapters as a more safer alternative in such conditions which require care and security than wireless which seems to be up and down, not reliable and certainly not secure.
February 19th, 2007 17:43
[…] hijack someone ’s wireless connection. Here’s how this guy did it - by accident….read more | digg story […]
February 19th, 2007 18:07
I fail to see how this is a particular fault with the linksys router. You are the one who connected to the wrong router and set it up like that. You were never “hacked” and you never “hacked” anyone else.
You got the routers confused. The person whose router you were using probably noticed something was odd one day but saw your router and figured that it was his own.
Setting up a router should always be done with a cable connection and, IMO, should be the only way to do it. They include an ethernet cable in the box so there is really no excuse.
I agree that there is a problem but this was not a hardware fault with the router.
February 19th, 2007 18:26
I think people who leech wireless internet from others are pathetic and are likely the kind of people who don’t think twice about stealing from their employer / family / friends either. The same clusterf***ed rationale and justification behind stealing free internet from your neighbour is always the “well if the guy is too stupid to protect his…”. It’s pretty much the same argument people use to justify creeping into their neighbours backyard and taking their rake, lawnmower, or bicycle.
February 19th, 2007 20:23
I sometime notice when I browse my available networks, my neighbors is stronger than my own. What gives?
February 19th, 2007 21:10
“Considering I had locked this other router down so tight and that there was no way anyone could connect wirelessly I wondered why this person never took the router off line.”
Duh. You plugged yours in and left it at default settings. They were clearly in range of you; you didn’t realize you were connecting to them.
They just did everything as they always did, connected to the one called “linksys” and went on their way. They just didn’t know they were using their neighbor’s connection, same as you.
February 19th, 2007 23:27
for the record. a username is not required to log on a linksys router. all you need is the password, which by default is admin.
next time try configuring your router through ethernet. that guy couldn’t possibly figure you out but if he had a smart friend who cought you hijacking his connection you could face jail time which is ironic since you had your own isp.
and yes if the dude had a preferred static IP it wouldn’t show up in the DHCP table and he would still have access to your shared files, provided you left the default workgroup as well “workgroup”. …bla bla bla whatever. anyways nice read.
February 20th, 2007 04:22
Ben Wrote
February 19th, 2007 09:41 27This story made me smile although there’s one thing I don’t understand.
If you were connecting to this other persons router (I presume it’s a dsl/cable router) didn’t it require authentication for the internet connection?
Over here (UK) all adsl/cable connections need your own username/password, and you cannot use these details from a different location (even nextdoor).
Routers with built in Modems have store the user name and password for your DSL connection.This means that once set the user need never enter their user deatils again.
But my Linksys router needs rebooted at least one a week because the wireless has hung up. How lucky were the both of you never to have this problem in the 2 months you were using each other boxes.
February 20th, 2007 07:05
[…] how this guy did it - by accident….Technorati Tags: Linksys Router, Hacked Linksys routerread more | digg […]
February 20th, 2007 07:52
[…] Great story … “How I Hacked Your LinkSys Router Which You Probably Bought at Best Buy.“ […]
February 20th, 2007 10:04
[…] How I Hacked Your LinkSys Router Which You Probably Bought at Best Buy […]
February 20th, 2007 12:26
[…] How I hacked your Linksys Router […]
February 20th, 2007 21:00
Further up, someone said, always use WEP.
Don’t use WEP. Use something stronger. WEP is dead.
The Final Nail in WEP’s Coffin (PDF Paper):
http://tapir.cs.ucl.ac.uk/bittau-wep.pdf
February 20th, 2007 23:16
Still no match for just turning it off at night.
February 21st, 2007 01:48
i have a wired network .. but i’ve toyed lately with the idea of getting a wireless router and laptop … this will make rethink it perhaps .. i think i’ll keep my home network wired .. and use the wireless when i’m traveling
February 21st, 2007 20:20
1) once everybody is on the grid, it won’t really matter and 2) keep all your goodies backed-up, encrypted, and on removable/portable drives and/or implants.
February 24th, 2007 09:39
Hilarious. I was thinking the easy solution would have been to go knock on your neighbors door and just physically switch routers with them. Then I realized you probably live in an apartment when this happened. One of the things I do when setting up routers is to use a different address block. Since 192.168 addresses can only resolve the 254 addresses in the last block, I switch mine over to 192.168.[number other than 1]. It screws up default installs for new networking hardware, but helps ensure this kind of situation doesn’t happen.
I can’t imagine the aha moment you had when you finally figured this one out.
February 24th, 2007 12:07
pfarrell, as a-ha moments go this is one i wont forget for a while.
February 25th, 2007 15:10
[…] Accidental Hacking […]
March 1st, 2007 04:53
[…] Which You Probably Bought at Best Buy Filed under: Uncategorized — recar @ 11:53 am How I Hacked Your LinkSys Router Which You Probably Bought at Best Buy In a world where we all shop at the same stores and buy the same wireless equipment it is very easy […]
March 4th, 2007 18:00
[…] compra un wireless router (router + access point wifi) della LinkSys al supermercato. Una volta installato lo mette in […]
March 4th, 2007 22:15
[…] compra un wireless router (router + access point wifi) della LinkSys al supermercato. Una volta installato lo mette in […]
March 5th, 2007 07:25
this is much more common than people think - ive spent the last year installing wifi to peoples homes here in spain and all the models weve used for peoples wifi routers have come with wifi on be default - we automatically disable wifi unless the clients wants to use wifi - also when you get adsl from telefonica they normally install hard wired but give you a wifi router (of course with wifi enabled by default)
i would guess most people dont go into their router to change the settings as most (& i mean most) wont know they have to
also when weve been doing site surveys on installations ive very often used local unsecured routers to test connections etc
in say 100 installations ive connected the guys wifi laptop to the wrong router (ie next doors) about 5 times because quite often they “dont” want a hard wired connection
March 9th, 2007 20:38
[…] I’ve been really pissed with them since I wrote my last post on hacking my neighbors LinkSys router. Completely unexpectedly this post made it to Diggs home page and lasted their for a while. It was […]
March 15th, 2007 17:21
[…] speed on DSL or Cable Modem? Looking at the top security stories on Digg, I happened across ShandyKings blog post telling how he inadvertently used his neighbor’s Linksys router, simply because people […]
March 18th, 2007 22:27
For an average out of 20 connections 16-18 conc. are insecure.I love to crack connections with router setting port set to 80.Wat you have to do is just enter the ip address and voila.You have ascess to others router.
March 21st, 2007 20:53
umm, why is every 1 freaking out about how you can’t keep sensitive data on your computer… no one can access you files on your computer through a network unless you share them…
no worries guys, your files won’t be stolen unless you manually configure them to be shared on your network, or put them in the shared documents folder.
April 3rd, 2007 02:33
hi
am i using one usb modem for internet is working fine ip address 192168.1.105 getway 192.168.1.1
newly purched one linksys wireless-g broadband router model no WRT54G i configured at the time display ” domine name is same ”
how to clear
April 8th, 2007 11:19
rofl, i wander what was going on in your neighbors house those few months youd used his router :]
April 16th, 2007 16:00
[…] Accidental Hacking […]
April 22nd, 2007 08:40
I used to work for a cable company,and many tech would not setup security for the customer. We had time commitments that they had to stick too or we would get in trouble. Some of the service calls customer not getting the speed they were paying for. The problem was they were surfing on there neighbors connections in which they were paying for a low speed. I doesn’t matter who provide the connection (cable, DSL, Sat) if it has a wireless conn. any buddy can surf if security is not setup.
Most of the customer did not know anything about routers and wireless and don’t care to know they just want it to work.
May 2nd, 2007 21:43
you and your laptop are sitting about 5 feet away from your router. Looks like you invested in the mainstream yet powerful WRT54G model. Unless, your house walls are made out of thin paper, you couldn’t distinguish from the signal strength bars that you’re connecting to an off-site router? Plus, like the other guy said (as well as in the linksys manual and everywhere else on the internet): MUST do the initial setup through ethernet connection…I think you should be more worried about how much of freeriding your neighbours enjoyed before you fixed the situation….illicit material? copyright infringement? it’s all down to your local assigned ip address by your ISP… hoooooh! scary!
May 4th, 2007 11:44
This is not a reply but a question, if you don’t mind. I know that I have also been able to accidentally connect to a neighbors Linksys router. My question: may they be able to connect via my Belkin router even though I have a firewall? Just curious.
Thanks,
C in Nashville
May 5th, 2007 16:55
Hmmmmm. I bought the WRT54G because that was all Best Buy had in stock that day. I used ethernet cable since I have only two computers on the network - mine and my wife’s, and they are side by side. I went into the router and set up a new username and password: numerals, letters (small and large caps) and threw in a symbol just fr fun. But that is all I did. How easy is my setup to hack?
May 11th, 2007 11:57
I’m accessing intentionally internet of someone else’s having a Linksys router. Even after having blocked his router, adding wep protection and adding a password, the guy only reset his router without adding any pass nor wep to be able to surf web again.
To respond to carla, I also had a belkin router and firewall cannot keep people away from your internet connection,it only provide protection so they cannot access directly your computer’s files, if you did not add any protection like wep or wpa( wpa is better ) or any mac address filtering, anybody seing your belkin54g can connect to it and download illegal stuffs, etc.
Excuse my bad english, I speak french.
May 22nd, 2007 15:52
I have a Linksys router……try and hack mine!!! Ha Ha Ha |)
May 23rd, 2007 16:40
Even though its a good idea to lock up your router, i hate it when you go on trips and you want internet, but everything is locked, i just want a bit of internet for pete’s sake
June 4th, 2007 10:18
Funny, you have by mistake discovered the most common hijacking method used to take over or sniff data information from a wireless AP.
Even thou you take the steps to MAc filter, turn off SSID, WEP AEP the wireless connection, your still prone to being hijacked.
You may want to spend a little cash to get a wireless router that offers Radius pass through and homes a certificate.
That way only systems with the Certificate installed on it will be able to authenticate with the Radius server. But the steps you used to secure your router, will keep about 90% of the average wardrivers out. The 10% normally look for Corporate wireless rather than home office wireless to hijack.
So I say your about 95% secure.
That percentage drops a lot for Corporate/Offices quite a bit.
Good job!!!
June 4th, 2007 16:01
Hello , I think this is VERY interesting! I have a computer (obviously!) And i was wondering , How to see every key stroke people have typed in atleast the past month!!!!
Thank you , email me at xonokisses4uxo@aol.com for the answer.
July 8th, 2007 17:18
This is why I use a hard wired system.
July 9th, 2007 02:23
If an enthusiast has trouble finding a pre version 5 ( 4 or before) to hack the product is manufatured and currently sold by Linksys as the Linksys WRT54GL wireless router
(the (L) in the WRT54GL stands for Linux)
July 22nd, 2007 20:37
This is an interesting story. I really wasn’t aware LinkSYS routers could be configured remotely. Personally, there’s nothing like having physical access to a piece of hardware - that way you know what you’re connecting to. As for the person who claims that files can’t be stolen unless they are shared. That’s not really accurate - Clearly they’ve never had any fun with Wireshark (or Ethereal, as it used to be called). I have my network set up pretty securely, in my opinion. I have WPA2 encryption, No SSID broadcasting, I’ve changed the channel, MAC Address Filtering w/ Static IP Addresses. Oh yeah.. and I changed the default username and password on my router… that typically helps.
July 24th, 2007 03:19
You said:
‘and then I kicked everybody off’
And then you went and talked to your neighbour, and explained what was going on, and helped him set up his security, right? You didn’t just leave him locked out of his own router? You are a decent human being?
Just curious…
July 24th, 2007 09:47
Well, I am not a total dick. I set his router back up so his computer should just connect to his own router by itself and he should not notice any change over.
July 28th, 2007 08:21
HAHA, had the exact same thing happen to me as I live in an apartment building. Routers should automatically come with some random generated wep key that comes in the box. Force feed internet security into their mouth.
July 31st, 2007 20:24
thats hillarious! I can’t believe you did that accidentally. However its true and I know that half the times I turn on my laptop it picks another router besides my own and I have to go and correct it.
July 31st, 2007 22:45
A few thing occurred to me here. First, to the guy who said you can’t configure a linksys router wirelessly, that is completely incorrect. It isn’t brilliant to do so, but it’s 100% possible with the factory defaults. Next, in a lot of cases the model of the router is as unimportant as the store you bought it from, most of the routers from the same brand will have the same default info. The guy down the street could be running a wireless B system and you might not notice until you see slow connect speeds, etc. Lastly, and maybe the only useful thing about this post here, if you are looking to go mega-secure on your wireless the Linksys firmware is pretty insufficient. Check out DD-WRT, very full featured wireless router firmware replacement.
August 2nd, 2007 23:23
[…] How I Hacked Your LinkSys Router Which You Probably Bought at Best Buy Months ago I hijacked my neighbors LinkSys Wireless Router, reconfigured it by calling it my own and blocked all other users from using it except myself. Am I a hacking genius? Do I have mad skills which allow me to read streams of code on a monitor as we (tags: articles funny privacy tips technology technology/hardware technology/network) […]
August 3rd, 2007 02:40
There is a java script program that accesses even wpa secured routers and redirects the dns.
Best to change your admin password for the wrt54g from the default values
“Drive by pharming”
August 5th, 2007 13:56
Ugh…we are networking like it’s 1997.
MAC filtering, disabling SSID broadcasts, and disabling DHCP do NOT add real security. Instead, they make implementation and administrating a network far more painful.
Disabling SSID broadcasts can actually weaken the security of wireless clients. Clients fall-back to probing for available connections, thus leaking WiFi config data. This makes them more prone to AP impersonation attacks
See these articles for more information:
The six dumbest ways to secure a wireless LAN
By George Ou, ZDnet (March 18, 2005)
http://blogs.zdnet.com/Ou/index.php?p=43
Issues with SSID Cloaking
By Joshua Wright, Network World, (March 5, 2007)
http://www.networkworld.com/columnists/2007/030507-wireless-security.html
Wireless LAN security myths that won’t die
By George Ou, ZDnet (March 26, 2007)
http://blogs.zdnet.com/Ou/?p=454
August 6th, 2007 14:56
Dan -
Be that as it may. Not broadcasting your SSID would surely stop incidental access like the one described in the article. If anyone really wants to “secure” their router they will need encryption. My suggestion given the recent Black Hat conference would be to use wireless as little as possible - especially at public hot spots just because its so easy for someone to sit on the network with a packet sniffer. I believe the one at Black Hat was called Ferret and it was specifically used for capturing cookies, the speaker actually hacked a GMail account while he was on stage! Same can be done with Facebook and Myspace (off the top of my head) because the only thing that is encrypted is the password - typically nothing else is. If you are going to use wireless, encrypt it (with good encryption)!
August 7th, 2007 01:49
“I’ve left my front door unlocked and open, but it’s okay because I’ve taken the precaution of removing my house number from the mailbox and the curb.”
Is this safe? Does it stop incidental theft and mischief? Probably not. But it does make it much more difficult for your friends to find your home their first time out. Ditto for the pizza delivery guy, the fire department, EMS, etc.
Likewise, disabling SSID broadcasts does NOT stop incidental access. When a laptop is in range of the neighbor’s unsecured network, it could automatically connect without permission. How? After it couldn’t match a known SSID by listening to beacon broadcasts, it ran through saved connection profiles, sending out probe frames for each saved SSID in order of connection priority. If the laptop has ever connected to an unsecured “linksys” network, it would automatically connect to the neighbor’s network.
When an access point has the SSID broadcast disabled, it still transmits beacon broadcasts with a zero-length EES Name field. It shouts “I’m here! I’m here!” several times a second rather than shouting “linksys here! linksys here!”
I can still easily hack your access point by: 1) Passively listening for the other 4 frames that contain the SSID — Probe, Probe Response, Association Request, Reassociation Request; 2) Sending a Probe frame with a zero-length ESS Name field, causing your access point to reveal its SSID in a Probe Response frame; or 3) Forging a Disassociate frame causing a legitimate client to get dropped, thus forcing it to send a Reassociate frame that contains the SSID.
So what’s to lose by disabling SSID broadcasts? Plenty!
- It gives a false sense of security, as evidenced in this forum.
- The network is harder to maintain. Setting up a legitimate client requires manual configuration of the entire connection profile rather than a simple “point & click” plus password.
- Increased chances of interference with other networks because some survey tools won’t show your network. What if you and your three neighbors are using the same channel but no one realizes the problem because NetStumbler misses four active networks?
- Clients will have trouble associating to an access point when they are activated or after they lose connection.
- Clients may start spewing the SSID of every connection profile when associating or reassociating to an access point. This is a *huge* security risk, as it allows hackers to masquerade as a “known” access point. There are automated tools to do this (see below).
- All the chatter from clients trying multiple SSIDs clogs your bandwidth and tangibly lowers network performance. This penalty is especially high in degraded networks where reassociations are frequent due to interference, weak transmitters, clients far apart from one another, etc.
- Because of the above issues, your users will chose unhidden & unsecured networks instead, lowering the overall security of your organization.
Ouch, indeed!
Further reading:
Trying to shut up your wireless chatty Windows
By Raul Siles (September 2005)
http://www.raulsiles.com/docs/Chatty_Windows_Wifi_Sep05.html
Hotspotter - Automatic wireless client penetration
http://www.remote-exploit.org/codes_hotspotter.html
August 13th, 2007 17:02
I have wireless provided by cable, but I noticed that my laptop would also connect to Lynksis and so I looked into it. Interesting. The unsecured Lynksis connection is more reliable and stronger than the wireless router provided by my cable company for which I pay a ton of money per month.
September 4th, 2007 20:59
Melyssa . . .you must be using Kryptonite . . which is why you bought a lynksis instead of a linksys. If everyone would buy the Airport base station and set it up with password and wireless wep et al.
September 4th, 2007 23:00
ok first… this is easy i went wardriving around my town and changed and looked at was was going in and out of ppls routers….lots of porn might i add…one of my computer guys in town changed the ssid to look at your porn elsewhere…its easy to “hack” if you wanna call it that, a linksys router the pass and user name is admin, admin, all u have to do is change the ssid look at shit or change any other options…it really dosnt do much good cause all they have to do is push the reset buttion on the back or brute force it open again and change everything back and put a wep on it then u have to get a mac and crack that and hope you dont get caught….well thats my spheele on that so ya ok im going to shut up now ok ttyl bye bye…good post tho!!!!
September 15th, 2007 21:05
Thanks, loved your story. Quite ironic that you configured “your” wireless to be so secure… only to find out that you were hacking someone else’s. I used to leech off other people, but recently paid for my own. Left it complete unsecured, except for a MAC filter (which is actually quite effective). I’m probably letting people read my data, but there isn’t too much to get.
October 17th, 2007 11:42
Great blog, i love the story! I can relate to it if you know what i mean
October 27th, 2007 15:56
[…] brings up a funny story i had read. maybe this is happening to you too… http://www.shandyking.com/2007/02/18…reless-router/ __________________ […]
November 23rd, 2007 20:53
It may not be b.s., the origional batch of WRT54G routers came default with wireless on. I believe all access points, and wireless switch manufacturers disable by default now.
November 26th, 2007 09:39
MAC address restrictions are of little value. You can sniff out any MAC using Airsnort and there are a number of products that allow you to spoof the MAC on your network interface (requires specific wireless cards). Now you are the “approved” machine. Tada!
November 27th, 2007 03:53
I did exactly this, except before setting mine up correctly and changing my default router back to my own, i went round the street to see where the signal gained strength.
I narrowed it down to 2 house’s one with green lights flashing in the hall way and decided to knock… “have you got a wireless router?”
So i ran through setting up security on it, getting him to put his choice of username’s and passwords into the security boxes… “your date of birth isn’t really that secure is it?!”
Some peoples idea of security!
December 2nd, 2007 02:38
I call bullshit, you say others were using your net - well if you hadn’t fucking configured it in the first place, HOW WAS IT WORKING ON THE NET!>!?! WAS IT PRECONFIGURED WITH YOUR USER AND PASS AT BEST BUY??? DON’T THINK SO LAMER
December 3rd, 2007 00:18
@IcallBullshit:
He’s talking about a wireless access point, not a DSL or cable modem, which would have required a login from his ISP. The point of the story is that every single LinkSys bought at Best Buy or anywhere else for that matter, has the same default user id and password to connect and configure it.
December 7th, 2007 12:14
Since you renamed the SSID of your neighbor’s router to something personal you would have still seen your ‘linksys’ ssid as an available network. Wouldn’t this have clued you in? You’re either lying or stupid.
December 8th, 2007 10:40
Very fascinating story - I liked it a lot^^
I’d really like to know how I could get both the name and password of my classmate’s linksys router without knowing them - that’s be such a cool prank *yay*
Anyway, this article is worth spending time reading it.
December 9th, 2007 03:02
Comedy - I can see this easily being done after we geek out and get into config so much we forget the basics - like Layer 1 issues.
BTW, WEP is an accident waiting to happen - WPA-PSK is much more secure (of course the most secure is turn off networking but that ain’t no fun
)
Thanks for sharing your story!!
December 20th, 2007 22:53
This whole story seems stupid to me. What does Bestbuy have to do with it?
How did you configure your nieghbor’s router? By default Linksys disables configuration via wireless connection. It allows only Http and telnet.
If it did happen wouldn’t a better title be how my neighbor hacked my linksys router?
You should always change the default network addresses. I like to use 172.168.x.x or 192.168.192.x. This makes sure that there’s no mix up with other devices.
You should always change the SSID name to something that is not connected to you. I’ve seen people use their first and last name or street address.
You should always disable SSID broadcasting
You should always enable WPA or higher
encryption.
You should always change the default IP
network addresses.
You should always physically connect a cable to the switch to configure options.
You should always use a MAC security Access table and you can register each device that needs to connect to your wireless network.
MAC Address table should be used as well as WPA not instead of WPA security.
You should never use WEP . Its easily cracked.
It’s like using a sheet of saran wrap to protect your wallet. Not gonna do much good.
And lastly you should not make up stupid stories and type up a long drawn out pile of rubbish like this one and then post it on the web. If this really happened to you then you are more stupid than your Story’s title. F”n jackass. I’m just curious, does Bestbuy charges a %15 restocking fee on stupid stories?
Why would you post something that proves you’re stupid all over the web? And you called him a jerk!
January 18th, 2008 13:40
Com’on you guys. Either your all dumb, or from other countries, or have idea what your saying. This story is entirely possible. I imagine that it’s true, but it is positively possible.
BestBuy? Well, kinda off-topic. But still, this could easily happen.
February 13th, 2008 13:10
Ironic that it can be so easy to connect to someones WiFi that you don’t even realize that your doing it yet it can seem practically impossible to trouble-shoot your own system.
February 14th, 2008 22:02
Hey, you are an idiot. Mind your f’ing business. It’s assholes like you that we have to worry about. Get a job and do something with your useless life, and stop trying to get free Internet from your paying neighbors, you asshole.
February 15th, 2008 07:40
Hello,
I’m just wondering what the significance of the few months of the router powering on/off at odd times is…
Mainly because I have a wireless router that does the same thing (95% up time), and it is unexplainable.
Do you have an idea why it does this?
February 17th, 2008 17:14
Hi Shandy,
I have a question for you. I just bought a new computer and added the linksys router from my older computer to my new one. Now I’m trying to setup the linksys adapter to my old computer, but can find the software, so I downloaded it to my flash drive. Now I can’t figure out how to upload it from my flash drive to my old computer.
I would appreciate your feedback as I don’t understand computers that much.
February 17th, 2008 19:03
See this is why I love living in outback Australia. No wireless signals for hundreds of kilometres around my sheep paddock.
February 22nd, 2008 09:18
You are a fucking criminal mastermind. Mad skills son. Hahaha!
March 3rd, 2008 18:24
Let us do good things guys… but do have more tips on hacking?
just joking
March 12th, 2008 13:11
That’s why I always configure my router via wire after a hard reset. also I use DD-WRT firmaware, is better. But is a nice funny story
March 17th, 2008 16:51
I have our main family computer hardwired with Linksys modem and 2 other household computers have Linksys wireless modems.
About 2 months ago we’ve been having issues with the wireless modems connecting to the Internet. When just the one does its a very low signal.
Someone suggested that we might be getting hijacked and that my wireless modems aren’t protected even if I did change my main SSID when I did the hardwired computer first………
If this all makes sense…..Anyway to fix it that myself ( a blithering idiot) can do?
Thanks
March 26th, 2008 16:09
You guys think you’re so COOL, dig this can anybody tell me how to CLONE your neighbors’ LAN address so that you can connect your rtr to your neighbors’ modem…. you are reading it right… no ISP, just a router on your possession and you can get the wless connection on your laptops.. pretty neat huh!!!
March 28th, 2008 09:46
I have failed to access my Linksys wireless router.
March 29th, 2008 11:15
Remote management is not the default setting. You can’t remotely configure a router unless it is enabled. Take control of ur wireless network. Press the reset button for 30 sec on the back of your router to reset it. Turning the power off does not reset ur router. Ensure remote or wireless management is disabled. Enable wireless security for your own protection. happy computing.
March 30th, 2008 20:57
This gives great credibility to the old networking mantra. Always configure your router over a WIRED connection
April 6th, 2008 08:27
I think sharing internet connection is good, you are doing volunteer work. If the connection become slow, it is good if one of them buy a router and setup a new internet connection, and … shares again ! What a good city to live in !
What is not good is, you are not doing your home work by connecting windows operating system to the net. It was your fault. Windows is the unsecure, not your router. Think to use anything else!
April 7th, 2008 21:40
Hello..I found your post by accident by doing an internet search for “linksys” just so I could d/l a small program that came w/ MY Linksy’s Router which I purchased approx. 3 or 4 months ago through Tiger Direct. Basically, this program allows you to have the security that keeps people (as yourself, lol) from breaking into the router and re-configuring anything! OK, the reason I am commenting is..i want to know if I am safe..or do you think I am still open to this, after you read on :)! Before I set up my security the way I set it up, through the linksy’s system online, I had people left and RIGHT “piggy backing” off of me, and, I just could NOT have this as I kept getting “bumped off line” because of it :(. Due to the fact that I homeschool both my girls (out of 4 kids)..I couldn’t take the chance of them being constantly kicked off becuz of my neighbors whom were to cheap to go out and purchase their OWN cable internet! So, basically, what I did is, I looked around that program I had installed on my desktop (the puter I Had when I origanolly purchased the linksy’s) and, I found a way to block EVERYONE and individually go in and add the people I wanted by putting in their MAC Address…I started noticing the next few days later that ALL the neighbors whom I had told it was ok to piggy back previously (before redoing my security) had started either calling me or mentioning it to me in passing that they were absolutely unable to get online through my router, even WITH my password!!! So, does this mean that I AM safe? Or not???? Now, just so you do know…most of these people are under the age of 16 themselves and are friends w/ my children…they are trying to gain access ONLY for Game consols, not for computers. BUT, I ALSO noticed that I no longer had those “UNKnown” names show up on my router as well…still don’t!!! So, did I do something right?? Or, do you think I could still be open for “preditors” lol???
Sorry, this is so long…hope I didn’t loose anyone through reading this!!!
Thanx,
Rebecca
April 14th, 2008 19:04
Sounds like a net’ myth in the making - it was a good laugh thanks for sharing!
April 24th, 2008 00:10
Funny . . . but this could happen to any wireless router. And most likly happens alot where there are alot of unsecured wireless routers. And of course of people that don’t follow directions!
This is why they want you to connected at least the 1st time actually wired! Also using their software to setup the router would also prevent this from happening.
If you do it manually and by logging in wireless (what you did) . . . the fix for this is to make sure when you log into the router is to check the local mac address . . . IS IT THE SAME ONE THATS LOCATED ON THE ROUTER? (on the back or bottom of the router)
You did not check . . . how rude!!!(haha)
Oh . . . and by the way . . . Sorry your not a hacking genius . . . if you were . . . you would have known about the mac address located on the router.
Just another reason why if you value any certain information . . . keep it off the your computer!
April 24th, 2008 02:08
Funny . . . but this could happen to any wireless router. And most likely happens quit allot in areas where there are allot of unsecured routers. And let’s not forget when people do not follow directions. This is why they want you to connect the 1st time actually wired and not wireless. . . and also why they want you to use their software to setup and configure the router . . . because most people don’t understand how to set it up manually (logging into the router itself) and be actually safe and secure.
The fix
1. Use their software . . . it would have told you to be wire into directly or it would have told you in some way that your not connected depending on brand and model.
2. If you want to log into the router wireless and manually secure it. When you log in find the Local Mac Address . . . IS IT THE SAME ONE ON THE ROUTER??? If not you are definitely logged into the wrong router (it’s located either on the back or bottom of the router).
You did not do this . . . how rude (LOL)!!!
Oh . . . by the way . . . Sorry . . . you’re not a hacking genius . . . if you were . . . need I say more . . .
April 28th, 2008 11:26
Here’s the home owners that do not read their hardware manuals and never second guess a possible security threat.
YIPPIE, 3 stable connections.
May 15th, 2008 08:53
Dude…know this is a old post….the other guy didnt realize cuz he was on ur real “linksys” which remained “linksys”….hehe