Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Router security 1

Status
Not open for further replies.
colinrharris

colinrharris

Technical User
Joined
Oct 24, 2002
Messages
98
Location
GB
Is it possible to access a Router from outside the LAN if the admin username / password are not set or left at the default values and Remote Admin has not been setup? Would the answer be different if the WAN ip address was known?
 
Sort by date Sort by votes
What type of router? By what interface do you mean? By saying outside the LAN, do you mean the WAN interface? If so, yes you would need to know the address, doesn't me you can get in.


Only the truly stupid believe they know everything.
Stu.. 2004
 
Upvote 0 Downvote
The Router happens to be a Draytek Vigor but my question is really a general one. On a Draytek, Netgear, D-Link or similar Router used for home or small office networks, is it possible for an intruder to get into the Routers web interface and change settings. Some Routers have a setting for remote admin and for the purpose of this question, this has not been setup.

The reason behind my question is this: I have been acused of leaving a client's network vulnerable to intrusion because I did not, in this instance, change the default admin username and password. I dont beleive this to be so but I would appreciate any comments. The Router is not wireless.

Thanks
 
Upvote 0 Downvote
If the remote administration option on the router was not turned on, then the answer is no.

It is possible for a highly skilled hacker to get into any router, password protected or not, by hijacking packets that are sent to and from the WAN side of the connnection. However, this would have nothing to do with the setting you are referring to.

~cdogg
"Insanity: doing the same thing over and over again and expecting different results." - Albert Einstein
[tab][navy]For general rules and guidelines to get better answers, click here:[/navy] faq219-2884
 
Upvote 0 Downvote
Technically, you have left it open. A skilled person may of gotton through your router and onto a client machine (maybe using a Trojan for example). Then would be able to get back into the router from there.

By default most DSL "routers" are actually router firewall combos, and not a "pure" router as such and as such, in there standard form are usually set to reject direct connections from the WAN interface.

On a basic level, I would change:

Admin User Name
Password
Internal address from the default 192.168.0l.

Not fool proof, but makes it a little harder to get in.

Only the truly stupid believe they know everything.
Stu.. 2004
 
Upvote 0 Downvote
Thanks for your reply. I normally change the default password but not the LAN address range. I will do that in future.

If we ignore the skilled hacker for a moment, would it be easy for say a competitor of my client (probably another small business) to find their way in to this network or to change the Router settings?

What would you need to know about me for example to get into my network? What I am trying to establish is what measures are "good practice" and what are critical because they would leave a network wide open to anyone. I would alsways setup encryption on a wireless network as anyone could gain access so that would come under the heading of "critical" but entering mac addresses of allowed computers might be classed as "good practice".
 
Upvote 0 Downvote
Hi colinrharris and StuReeves,

I'd like to add to your discussion with an additional step in security that is easy to take. Set up passwords and addresses inside of a router, using a computer that will never be using it. A computer that does not go online, for example. That way you leave all keystrokes on the other machine.

Kemisco

-----


Take your computer outdoors when blowing out the dust; it's mostly skin dust. A clean computer is a cool computer.
 
Upvote 0 Downvote
Thanks everyone for your valuable comments.
 
Upvote 0 Downvote
Changing the LAN address range does nothing to improve security. If someone gains control of your router, they will be able to see whatever range you set.

Also realize that most intrusions these days occur through the use of trojans that compromise PC's behind the firewall. They turn the workstation into a beacon, making it easy to find. In addition, they can open a port to allow easy access. Unless you have all unused ports locked down tight (inbound and outbound), you can't rely on the router by itself to protect you. Remember, most basic routers don't have many good options to monitor or block outgoing requests (that is, a request that goes from the LAN to WAN side). That's why having a 3rd-party software firewall running on each workstation is a good idea, or for larger networks, using a proxy server.

~cdogg
"Insanity: doing the same thing over and over again and expecting different results." - Albert Einstein
[tab][navy]For general rules and guidelines to get better answers, click here:[/navy] faq219-2884
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

goombawaho
  • Locked
  • Question Question
Dell - Optical drive security screw. How to get it out
Replies
10
Views
599
ChrisHirst
ChrisHirst
goombawaho
  • Locked
  • Question Question
Router Model/Firmware Does NOT Compute
Replies
9
Views
595
goombawaho
goombawaho
goombawaho
  • Locked
  • Question Question
Router behind Uverse NVG589 for Vonage boxes
Replies
0
Views
198
goombawaho
goombawaho
hhallett
  • Locked
  • Question Question
How do I get my router to stop throttling my Internet speed?
Replies
8
Views
1K
hhallett
hhallett
DrB0b
  • Locked
  • Question Question
Looking into a new Small Business Router
Replies
0
Views
159
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top