D-Link Forums

The Graveyard - Products No Longer Supported => Routers / COVR => DIR-655 => Topic started by: DCIFRTHS on December 12, 2007, 03:34:07 AM

Title: How did this happen?
Post by: DCIFRTHS on December 12, 2007, 03:34:07 AM

DIR-655
Hardware version: A3
Firmware version: 1.10

As an experiment, I DISABLED encryption on the wireless side of one of my DIR-655s. Anyone within range could connect. I did this because I live in an apartment building, and someone has been changing the names of unsecured wireless networks to vulgar names, so I wanted to see if they could hack my router. I figure that a hands-on approach is the best way to learn about security. The only computer connected to this network was a laptop that had no personal information on it. I also shut down the laptop except for when I wanted to access the router.

Anyway, I changed the admin password on the router, to a random alphanumeric password. Sure enough, after a few days, my SSID was changed to "SECURE YOUR NETWORK A******". Additionally, the admin password on the router was also changed to an unknown value.

Is what I described possible? Or did I make a stupid mistake and not change the admin password as I thought I did? Another thought I had is that maybe if I accessed the admin pages in the router, using a wireless connection, and someone was sniffing traffic, that they could have sniffed my admin password when / if I connected wirelessly (I don't remember if I did this).

Any insight would be greatly appreciated as I want to know how this was done, if I made a mistake, or if the router could possibly has a flaw in the firmware.

Title: Re: How did this happen?
Post by: heckeljohn on December 12, 2007, 04:34:07 AM

The password is not secured unless you specifically set the web admin interface to connect using https.  If you had no WEP/WPA running, anyone with a laptop, wifi card, and the latest version of Cain & Abel can target web traffic to your router IP and get your password the first time you type it.  One downside to the "added security" of having admin logins time out after a few minutes is typing your password again each time to log back in after a session timeout, which creates many more opportunities for someone sniffing your traffic for an unencrypted password.
Also, you have to reboot to be sure that you changed the admin password properly.

 I would suspect any neighbor of yours that has the following traits:
-Male
-Absolutely no life whatsoever
-Resides in the same house as his parents
-Virgin
 

Title: Re: How did this happen?
Post by: DRT-1000 on December 12, 2007, 07:54:54 AM

Quote from: heckeljohn on December 12, 2007, 04:34:07 AM

I would suspect any neighbor of yours that has the following traits:
-Male
-Absolutely no life whatsoever
-Resides in the same house as his parents
-Virgin

HAHAHA.  :D :D :D

Title: Re: How did this happen?
Post by: Lycan on December 12, 2007, 03:37:02 PM

Although humorous, I am locking this topic. Sorry :-\