corsasport.co.uk
 

Corsa Sport » Message Board » Off Day » Geek Day » Plusnet WiFi Router/Modem password


New Topic

New Poll
  <<  1    2  >> Subscribe | Add to Favourites

You are not logged in and may not post or reply to messages. Please log in or create a new account or mail us about fixing an existing one - register@corsasport.co.uk

There are also many more features available when you are logged in such as private messages, buddy list, location services, post search and more.


Author Plusnet WiFi Router/Modem password
deano87
Member

Registered: 21st Oct 06
Location: Bedfordshire Drives: Ford Fiesta
User status: Offline
17th Jul 14 at 20:29   View User's Profile U2U Member Reply With Quote

Finally got broadband sorted in the new house. Opted for Plusnets standard Unlimited 17mbps service.

We live on a busy main road where there are quite a few WiFi hotspots. Quite easy for someone to park up outside and try and hack.

Should we think about changing the wireless name and/or password to something completely unique, as opposed to that which Plusnet provides?

Aaron
Member

Registered: 9th Aug 04
Location: Cottingham, East Riding
User status: Offline
17th Jul 14 at 20:54   View User's Profile U2U Member Reply With Quote

Yes.
John
Member

Registered: 30th Jun 03
User status: Offline
17th Jul 14 at 20:59   View User's Profile U2U Member Reply With Quote

As long as its WPA it doesn't really matter what the ssid and key are, unless they send them all out with the same one, which I doubt.
willay
Moderator
Organiser: South East, National Events
Premium Member


Avatar

Registered: 10th Nov 02
Location: Roydon, Essex
User status: Offline
18th Jul 14 at 07:54   View Garage View User's Profile U2U Member Reply With Quote

as John says, they wont be the same, the ssid and password will be generated at Plusnet based on some variables I imagine. Dont worry.
Steve
Premium Member

Avatar

Registered: 30th Mar 02
Location: Worcestershire Drives: Defender
User status: Offline
18th Jul 14 at 07:56   View Garage View User's Profile U2U Member Reply With Quote

No offence but who the fuck is going to want to sit outside your house in their underpants trying to hack into your wireless
Brett
Premium Member

Avatar

Registered: 16th Dec 02
Location: Manchester
User status: Offline
18th Jul 14 at 08:04   View Garage View User's Profile U2U Member Reply With Quote

Rob_Quads
Member

Registered: 29th Mar 01
Location: southampton
User status: Offline
18th Jul 14 at 08:15   View User's Profile U2U Member Reply With Quote

If you are that worried about someone getting onto your wifi I hope you have all your hard drives and documents with full encryption.
Dom
Member

Registered: 13th Sep 03
User status: Offline
18th Jul 14 at 08:56   View User's Profile U2U Member Reply With Quote

quote:
Originally posted by John
As long as its WPA it doesn't really matter what the ssid and key are, unless they send them all out with the same one, which I doubt.


WPA can still be cracked (bruteforce attack anyway) and most ISPs supply them with short passwords (my VM account used a 5 character password that could easily be broken within half a day), hence why you're better off changing the password to something that is reasonably long (15+ characters etc) - time taken for a bruteforce attack against a password https://www.grc.com/haystack.htm.


quote:
Originally posted by Rob_Quads
If you are that worried about someone getting onto your wifi I hope you have all your hard drives and documents with full encryption.


To suggest someone should use disk encryption for changing a password makes you look a bit of a tool Rob

For something that takes 10 seconds to change, it's a bit of a no-brainer if it makes your AP vastly more secure.

[Edited on 18-07-2014 by Dom]
ed
Member

Registered: 10th Sep 03
User status: Offline
18th Jul 14 at 09:29   View User's Profile U2U Member Reply With Quote

I've just have SSID broadcast disabled on mine. Don't really need it enabled once you're connected

But TBH, who's going to actually try and hack into your WiFi? If you're that worried about security you wouldn't be using it.
Rob_Quads
Member

Registered: 29th Mar 01
Location: southampton
User status: Offline
18th Jul 14 at 09:35   View User's Profile U2U Member Reply With Quote

quote:
Originally posted by Dom

quote:
Originally posted by Rob_Quads
If you are that worried about someone getting onto your wifi I hope you have all your hard drives and documents with full encryption.


To suggest someone should use disk encryption for changing a password makes you look a bit of a tool Rob

For something that takes 10 seconds to change, it's a bit of a no-brainer if it makes your AP vastly more secure.

[Edited on 18-07-2014 by Dom]


So what is changing the AP name really going to achieve? Instead of it being Sky3856837 its now going to be called MyAP
Even if you hide the SSID it still doesn't really do anything. If your AP is locked down with a password then thats enough to discourage any casual person trying to hack your wifi. If they are not the casual person they will be running a scanner anyway which will still pick up the hidden SSID.
Dom
Member

Registered: 13th Sep 03
User status: Offline
18th Jul 14 at 10:19   View User's Profile U2U Member Reply With Quote

quote:
Originally posted by Rob_Quads
So what is changing the AP name really going to achieve? Instead of it being Sky3856837 its now going to be called MyAP.....


I mentioned changing the WPA password (specifically, lengthening it to reduce bruteforce attacks) not the SSID, Rob.
ed
Member

Registered: 10th Sep 03
User status: Offline
18th Jul 14 at 10:28   View User's Profile U2U Member Reply With Quote

One other point to remember - CHANGE YOUR ROUTER ADMIN PASSWORD! The Sky routers all used to have the password of 'netgear1' (or something) and TalkTalk have the really creative 'password' securing them. It's quite easy to have shenanigans if you get onto someone's network
Rob_Quads
Member

Registered: 29th Mar 01
Location: southampton
User status: Offline
18th Jul 14 at 10:31   View User's Profile U2U Member Reply With Quote

quote:
Originally posted by Dom
quote:
Originally posted by Rob_Quads
So what is changing the AP name really going to achieve? Instead of it being Sky3856837 its now going to be called MyAP.....


I mentioned changing the WPA password (specifically, lengthening it to reduce bruteforce attacks) not the SSID, Rob.


The original poster was talking about changing the SSID thus my comment saying its not needed
Dom
Member

Registered: 13th Sep 03
User status: Offline
18th Jul 14 at 11:18   View User's Profile U2U Member Reply With Quote

quote:
Originally posted by Rob_Quads
.... thus my comment saying its not needed


Can you point me/us to this comment? Because the only one i see is your sarky response of using disk encryption to someone simply wanting to improve the security of their AP



Ed - Definitely! Especially if your modem/router has flaws like the VM Superhub where it (did; they might have fixed it) drops the WiFi security during bootup and where it's reasonably straight forward to force a remote reboot
Rob_Quads
Member

Registered: 29th Mar 01
Location: southampton
User status: Offline
18th Jul 14 at 11:41   View User's Profile U2U Member Reply With Quote

quote:
Originally posted by deano87
Should we think about changing the wireless name
Dom
Member

Registered: 13th Sep 03
User status: Offline
18th Jul 14 at 11:58   View User's Profile U2U Member Reply With Quote

Not what i asked; where's your comment 'saying its not needed'?
John
Member

Registered: 30th Jun 03
User status: Offline
18th Jul 14 at 12:45   View User's Profile U2U Member Reply With Quote

quote:
Originally posted by Dom


WPA can still be cracked (bruteforce attack anyway) and most ISPs supply them with short passwords (my VM account used a 5 character password that could easily be broken within half a day), hence why you're better off changing the password to something that is reasonably long (15+ characters etc) - time taken for a bruteforce attack against a password https://www.grc.com/haystack.htm.




Unless something has changed since I last read about it, you won't be doing 1000 guesses per second brute forcing a WPA password.

Only had a couple of minutes but just checked the status of rainbow tables for WPA. Because the hash is generated based on SSID and SSID length, they don't exist for every single possible SSID. If your SSId is plusnet178765689 it won't be there.

I think he's pretty safe.

[Edited on 18-07-2014 by John]
Dom
Member

Registered: 13th Sep 03
User status: Offline
18th Jul 14 at 14:57   View User's Profile U2U Member Reply With Quote

quote:
Originally posted by John
I think he's pretty safe.


If the SSID is indeed random (and not the default from manufacturer, in which case there's likely to be an 'off the shelf' rainbow table) then yes, the SSID salted password makes a rainbow attack incredibly difficult. But considering majority of GPU's can easily achieve ~80-100K PMK/s, brute forcing it is still a possibility.

Either way my point was, for ten seconds work to change the password it's a bit of a no-brainer if you can make your AP vastly more difficult to crack.

Similarly, WPS should also be disabled as that can be circumvented fairly easily - usually can be broken within a few hours (certainly within a day) using Reaver.

[Edited on 19-07-2014 by Dom]
_Allan_
Member

Registered: 24th Mar 04
User status: Offline
18th Jul 14 at 17:13   View User's Profile U2U Member Reply With Quote

quote:
Originally posted by Dom
https://www.grc.com/haystack.htm.




Cheers Dom

Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 7.66 hundred million trillion centuries

I hope he has brought plenty of clean pants.
John
Member

Registered: 30th Jun 03
User status: Offline
18th Jul 14 at 18:27   View User's Profile U2U Member Reply With Quote

Unrelated to the thread but related to grc.

I had read for years about how good spinrite was but never had to use it in anger.

Tried it once on a drive that I ended up taking to a proper data recovery place, he wasn't happy with me, said it had only made it worse.
deano87
Member

Registered: 21st Oct 06
Location: Bedfordshire Drives: Ford Fiesta
User status: Offline
20th Jul 14 at 19:02   View User's Profile U2U Member Reply With Quote

deano87
Member

Registered: 21st Oct 06
Location: Bedfordshire Drives: Ford Fiesta
User status: Offline
20th Jul 14 at 19:07   View User's Profile U2U Member Reply With Quote

For clarification I asked if I should change the router named and/or password

And not particularly worried about it being hacked, just didn't know if the standard stuff is easier to crack than something I could come up with.

So in short there is nothing to worry about?

Oh and the router username is admin but the password looks like it is random generated i.e. not password!
deano87
Member

Registered: 21st Oct 06
Location: Bedfordshire Drives: Ford Fiesta
User status: Offline
20th Jul 14 at 19:10   View User's Profile U2U Member Reply With Quote

Actually, turns out the router password is the Serial Number, so changed it to something different.
Wrighty
Member

Registered: 28th Feb 04
Location: Howden
User status: Offline
20th Jul 14 at 19:32   View User's Profile U2U Member Reply With Quote

If you were worried about security why opt for a provider supplied router/modem in the first place
Rob_Quads
Member

Registered: 29th Mar 01
Location: southampton
User status: Offline
21st Jul 14 at 11:17   View User's Profile U2U Member Reply With Quote

Sorry if I was a bit abrupt - Not a great weekend so was rather short with a few other people too

Changing a password is always a wise move (just don't loose it otherwise it could cost you like it did us at work the other day lol - £5.5K to unlock a Solaris machine!)

  <<  1    2  >>
New Topic

New Poll

  Related Threads Author Forum Replies Views Last Post
Netgear Router Password Doug Geek Day 16 1242
28th Apr 07 at 09:24
by pow
 
PS3 Online Setup Help Rocky Geek Day 17 1641
25th Oct 07 at 17:03
by Rocky
 
iPhone 3GS Wifi MarkM Geek Day 15 1378
13th Jul 10 at 19:32
by MarkM
 
WiFi range extender help!? Matty W Geek Day 9 977
1st Sep 11 at 21:08
by Dom
 
Broadband Question Munchie Geek Day 21 1422
11th Nov 11 at 20:42
by moka
 

Corsa Sport » Message Board » Off Day » Geek Day » Plusnet WiFi Router/Modem password 28 database queries in 0.0129020 seconds