Domain: 192.168.1.1
Stories and comments across the archive that link to 192.168.1.1.
Comments · 29
-
More router fun
-
Re:dd-wrt??
A day or so late, but unlike most slashdotters these days, here's the actual answer to your question:
0. Do some research, and decide which F/OSS firmware distro will meet all your needs.
1. Go to the home page, then find the release that's for your hardware, and d/l it to your system. I did
it to a netbook, rather than my workstation, for reasons in step 2.
2. Connect a system to the router. MAKE SURE IT IS *N*O*T* on the Net. Turn off wireless, so that the
only connection between the router and the system is one wired cable.
3. On your connected system, which has the d/l firmware, browse to the router (often 192.168.1.1, so put
that in as the URL: http://192.168.1.1/ and you'll get to your router's built-in webserver. It will have
a default password, if you haven't already reset that.
4. Log into the router, and there will be an admistration, or some such, page, and on that page will be
the option to update your firmware. Point it to the file on your system that's the new firmware,
and follow the directions from the router info, and from the F/OSS firmware.Yeah, it took me almost as long to write this as it will take you to do it, once you've got the firmware file.
mark
-
Re:So guys...
That default password jazz is something I wish manufacturers would get away from, even if a solution is a hard reset and the user selects a password all over again.
If it makes you feel better, I recently bought a wireless router from a major manufacturer. I plug it in, connect it to my computer, go to http://192.168.1.1/ and fine-tuned all the settings to be just the way I want, particularly those involving setting my own passwords (on the router's administration and on the secure wifi network). Everything nice and neatly set up. That's the first thing I did as soon as I took it out of the box because I try not to be an irresponsible douchebag.
I run my own local caching DNS server. I don't own a domain. I just use it to resolve hostnames because it's more reliable than my ISP's. Imagine my surprise when I found that my router's UNDOCUMENTED "first-use" behavior was to hijack all DNS traffic. Suddenly google.com resolved as 192.168.1.1 and so did every other domain. With my own DNS server on my statically-configured machine (not proxying DNS through the router like its DHCP settings for attached clients would direct). The router was actually intercepting and hijacking UDP port 53 traffic.
Apparently they do this so that irresponsible dumb users can't go to any Web site without first accessing the router's configuration page. Nevermind that I had already done the configuration. Nevermind that irresponsible dumb users tend not to have statically (thus, manually) assigned network information. Nevermind that irresponsible dumb users tend to just use their ISP's dns servers by proxying DNS through the router (shows 192.168.1.1 as DNS server) instead of running their own. Nevermind that this was mentioned nowhere in the documentation.
The default passwords were at least unique if not particularly secure. But this company was definitely proactive against the "turning irresponsible people loose with unchanged default settings" tendency. To the point of hassling someone who, in multiple detectable ways, does not use the device that way. -
Re:FYI If you have Verizon FiOS...
...Like I do, you may find the router's UPnP page mysteriously missing from the "Advanced" section of your admin panel. This is a brilliant move on their part to avoid users breaking their skype/game access and then calling tech support.
But the page itself is still there. Only the link was removed. To get to it, visit : http://192.168.1.1/index.cgi?active%5fpage=900
Suck it, Verizon!
Forgot to add, my router model is MI424WR-GEN3I
Hey I just tried to login to your browser, but it seems to be a Linksys Router, and that link didn't work, got a 404 back. So please - for the next time - make sure what your talking about!
-
FYI If you have Verizon FiOS...
...Like I do, you may find the router's UPnP page mysteriously missing from the "Advanced" section of your admin panel. This is a brilliant move on their part to avoid users breaking their skype/game access and then calling tech support.
But the page itself is still there. Only the link was removed. To get to it, visit : http://192.168.1.1/index.cgi?active%5fpage=900
Suck it, Verizon!
-
Re:DD-WRT?
that's the SSH key. The article is talking about the SSL key used by the embedded web server, ie. when you go to https://192.168.1.1/ . TFA also specifically says this DOES affect DD-WRT.
Holy shit! How did you know the address of my router???
-
Re:DD-WRT?
that's the SSH key. The article is talking about the SSL key used by the embedded web server, ie. when you go to https://192.168.1.1/ . TFA also specifically says this DOES affect DD-WRT.
From TFA: "Although at the moment the vast majority of the keys belong to various DD-WRT firmware, there are keys from Cisco, Linksys, D-Link and Netgear as well."
Damn. I missed it. Thanks for pointing that out! -
Re:DD-WRT?
that's the SSH key. The article is talking about the SSL key used by the embedded web server, ie. when you go to https://192.168.1.1/ . TFA also specifically says this DOES affect DD-WRT.
-
Re:Define "Public"
If you don't want people to use it, it's a trivial matter to configure your router to stop inviting people to use it. Turn off SSID. Lower the signal strength so it stays on your own property and out of public spaces. Implement WEP or WPA.
You dismissively state that configuring wireless security is trivial, when most people don't even understand why wireless security is important, let alone how to go about implementing it. Everything you listed there makes no sense to the person who can just go to best buy and hook up a router. Open wireless networks are real easy to set up. As soon as you as security, it's an entirely different matter.
First you have to go to http://192.168.1.1/ or some such, which is a completely foreign address to most people that it becomes confusing. You don't know how many times I've seen people go to http://www.192.168.1.1.com./ Then you type in the admin/admin login, which usually stays that way. On to configuring the wireless, which grants you options for SSID, channel, a,b,g,n, WEP, WPA1, WPA2... all without explanations of the options or which are best to use.
Most likely you'll go through some automated setup which will ask for an SSID and set a default encryption type with a random key. Here's one for you: d&K8EHg%K!JOEHK!sMisapTic7j\CgKqbexpwSj7I\VX0pN$1\jbk30B9t7KOQ/
Now go enter that in all your wireless devices. Half your devices enter a masked password, like your TV, so you spend an hour just typing it in there, only to figure out it doesn't support WPA2 or whatever you chose. So you're back to reconfiguring your network.
It's at this time you throw up your hands and say "fuck it, I'm leaving it open"
-
Embed OS
There are billions of IPv4 gadgets out there, and some of them cost a lot.
All of them run some specific firmware to function. A huge proportion of modern IP-gizmos run some embed variation of the Linux kernel (very often the case in modems, routers, multimedia -harddisk enclosure / -players, and cheap SAN/NAS for Soho). This kernel DOES support IPv6. So for a lot of IP-enabled gizmos, the IPv6 support is only a firmware-flash away. Whether the constructor *will* actually release an upgrade is another question.
The open-source nature of most tools involved in such embed device also enables the end-users to attempt such upgrade (think OpenWRT and other user-made firmwares), although the proprietary user interfaces might not be able to configure it. (i.e.: you can reflash your home router to support IPv6, but when logging on http://192.168.1.1/ the original interface handles IPv4 configuration. The IPv6 has to be done on the console using SSH or Dropbear. -
Re:They're still doing it.
Lan activity appears normal but you can't hit the cloud.
When the router is working, I can visit http://192.168.1.1/ and get a password prompt to log in to the router's web-based administration panel. When it's frozen, I get a timeout from 192.168.1.1.
I would test it without the router in place
How, when the router's firewall is the only thing keeping worm packets from reaching the LAN?
-
Re:The only prudent thing to do with these things.
You have the same as I then. Into a browser visit http://192.168.1.1/ and play around. While it doesn't havethe stats the full router does you canreally fsck the time warners network and screw the frequencies of everyone on your local cable share. Be warned however you take out your network to do so. And you might not get it back without their help.
Ihave had to manually reset them a couple of times for timewarner. However I haven't found any useful account data their. Just hardware settings.
-
Re:what's the point of IOS?
Just clicking on http://192.168.1.1/cgi-bin/;rm-r [192.168.1.1] would destroy your router.
I don't believ
-
Re:what's the point of IOS?
First off, a lot of these embedded OSs are real time OSs. Linux vanilla isnt.
So lets say your company standardized on dd-wrt, which is popular and a solid product, but look at the recent security issue:
http://routerip/cgi-bin/;command_to_execute
Thats right, the command goes right there and it runs as root. Thats a nightmare level security issue that CS101 students should be ashamed of, let alone from true hackers.
So imagine if linksys standardized on dd-wrt. Just clicking on http://192.168.1.1/cgi-bin/;rm-r would destroy your router. That link could be be put everywhere on the web and would result in mass chaos.
I think a lot of companies know the quality from even the most popular OSS projects can be highly uneven and hackers are just that: hackers. They hack things together. Good design and security testing is usually an afterthought.
-
Re:Security through obscurity works.As an additional layer in your security regimen, you bet. As security by itself, no way...which seems to be pretty much what you are saying, only you just didn't say it directly. As you said...:
For example: in this case if you had already changed your router's IP address, it would be harder for the attackers to figure it out. For example if you use the 10.35.79.184, the same url that can exploit thousands of other dd-wrt routers (e.g. http://192.168.1.1/etcetc ), won't work on your router...So you have more time to update your router or even have time to wait to see if the updates don't break other stuff first.
However,...:
Same goes for putting running sshd servers on a different port...but so far running it on a different port works well enough for me.
Of course, all it would take for someone to discover that you were running sshd on an alternate port for them to run "nmap -sV -p1-65535" on your IP address. However, that is time consuming, and most hackers are after the low hanging fruit, so instead, they "nmap -sV -p22 1.2.3.0/24" (for example). However, as you said, if someone was targeting you specifically, all bets are off.
-
Damn!
So would I have to take a screenshot of my Logging configuration to prove that I have logging on? The WRT54G v2.0 isn't exactly the king of detailed logging.
I'm not expecting this to pass.
-
Re:Expected
Ubuntu can't network out-of-the-box, and needs a Verizon CD? Whoa!
Verizon ships their DSL modems/routers configured to refuse to make any outside connections. The Verizon install cd then flips a setting on the router to enable internet connectivity. To do this manually without the installation cd, one must visit the completely undocumented page http://192.168.1.1/verizon/redirect.asp and click "disable." This is not exactly the sort of thing one could expect a non-technical person to discover...
-
Linksys routers with self-signed certificates
Many popular Linksys routers are administered by pointing your browser to an https link, typically:
The router presents a self-signed cert. These routers were easily administered using early versions of Firefox. Now with Firefox 3 there's lots of confusion, with many users falling back to IE.
Turns out the situation is complicated by the fact that you can easily convince FF3 that you've got duplicate certs; to get past that you've got to do some wizard-level magic to get rid of the dups before you even get to wrestle with allowing the exception for the self-signed cert. After all that, you can indeed use FF3 to administer your router. On good days.
Does using https in this case add to security? In practice, I think the answer is, "yes, to a significant degree." I'd rather have the admin traffic to my router encrypted, even if in principle a hacker with perfect timing could have gotten "in the middle" just as I was accepting the cert.
Anyway, it's another consideration.
-
Re:You repeat after me:Special purpose browsers that don't have a place to plug in a URL
It'd also have to prevent hyperlinking from outside programs since I'd imagine most of the problems are from "You're on Youtube! http://192.168.1.1/video" type links in emails. Then again, if you prohibit external hyperlinks and prevent typing in a URL, how are you going to get to any useful sites?
-
Re:Linux is actually cheaper here.
Ubuntu does not come with client software for windows machines to automatically back up the windows box nightly onto the Ubuntu server. WHS does.
apt-get install backuppc
Ubuntu requires you to install Samba. WHS uses windows shares / web server interface.
apt-get install lighttpd
Or are you implying that Samba is somehow worse than a native Windows share?
Ubuntu requires raid hardware or software. WHS uses a 'storage pool' methodology and allows disk redundancy without raid, and automatic growth of the 'storage pool' by plugging in a USB drive or ESATA device(s).
How automatic? I wouldn't want it to automatically format my flash drive because I plugged it in temporarily.
Or if you mean "automatic" by "prompting the user to do something", well, we can do RAID 5 restriping easily enough.
Ubuntu would not give you Remote Desktop access to your windows machines without configuring Wine, I think.
apt-get install rdesktop
And you imply that Wine is hard to configure. It's not, not anymore.
Ubuntu requires you to install CVS to get versioning of files, which requires you to actively commit files. WHS automatically saves changes between versions and allows you to step back, all through the nightly automatic backup.
Did you completely fucking miss the part about "backuppc", which I mentioned before? Here, go read.
You'd have to write your own web service to access the machines from outside the network.
apt-get install openvpn
You'd also have to configure the router yourself.
Want to be the router? apt-get install firehol dnsmasq.
I thought this through, I run a small business (20 hours a week of development) and did my homework before making the decision to buy WHS.
Apparently not enough to even know about the existence of rdesktop.
Now, I never claimed that Ubuntu would support everything you need out of the box. I am, however, claiming that to install and configure what you need, including Ubuntu and these additional packages, will take far less time than $169 worth -- and you get free upgrades for life.
apt-get install backuppc samba lighttpd openvpn rdesktop mdadm firehol dnsmasq
Here's what you've said so far that I can't do with Ubuntu, under that configuration:
- Disk redundancy without RAID. You haven't convinced me this is a good thing.
- Automatically configure a router, assuming it supports uPnP But for 99% of home users, everything you need is right here, in fact, probably here.
If these are really that needed, redundancy without RAID can be done with ChironFS, and uPnP is actually kind of dangerous, from a security standpoint. But I bet I could add these features in very little time -- small enough that, hell, I could sell it for less than $100 as an instant NAT OS.
-
Re:Linux is actually cheaper here.
Ubuntu does not come with client software for windows machines to automatically back up the windows box nightly onto the Ubuntu server. WHS does.
apt-get install backuppc
Ubuntu requires you to install Samba. WHS uses windows shares / web server interface.
apt-get install lighttpd
Or are you implying that Samba is somehow worse than a native Windows share?
Ubuntu requires raid hardware or software. WHS uses a 'storage pool' methodology and allows disk redundancy without raid, and automatic growth of the 'storage pool' by plugging in a USB drive or ESATA device(s).
How automatic? I wouldn't want it to automatically format my flash drive because I plugged it in temporarily.
Or if you mean "automatic" by "prompting the user to do something", well, we can do RAID 5 restriping easily enough.
Ubuntu would not give you Remote Desktop access to your windows machines without configuring Wine, I think.
apt-get install rdesktop
And you imply that Wine is hard to configure. It's not, not anymore.
Ubuntu requires you to install CVS to get versioning of files, which requires you to actively commit files. WHS automatically saves changes between versions and allows you to step back, all through the nightly automatic backup.
Did you completely fucking miss the part about "backuppc", which I mentioned before? Here, go read.
You'd have to write your own web service to access the machines from outside the network.
apt-get install openvpn
You'd also have to configure the router yourself.
Want to be the router? apt-get install firehol dnsmasq.
I thought this through, I run a small business (20 hours a week of development) and did my homework before making the decision to buy WHS.
Apparently not enough to even know about the existence of rdesktop.
Now, I never claimed that Ubuntu would support everything you need out of the box. I am, however, claiming that to install and configure what you need, including Ubuntu and these additional packages, will take far less time than $169 worth -- and you get free upgrades for life.
apt-get install backuppc samba lighttpd openvpn rdesktop mdadm firehol dnsmasq
Here's what you've said so far that I can't do with Ubuntu, under that configuration:
- Disk redundancy without RAID. You haven't convinced me this is a good thing.
- Automatically configure a router, assuming it supports uPnP But for 99% of home users, everything you need is right here, in fact, probably here.
If these are really that needed, redundancy without RAID can be done with ChironFS, and uPnP is actually kind of dangerous, from a security standpoint. But I bet I could add these features in very little time -- small enough that, hell, I could sell it for less than $100 as an instant NAT OS.
-
Re:My question
Exactly how would you like a router to ask the user about that? Most users just plug in the network cable and let DHCP handle the rest. Go to http://192.168.1.1? Probably not, too much work. What do you propose, disabling the router until they go there and get prompted? A support nightmare, won't happen.
-
Re:Simple solution for this
Software is an amazing thing, really. These routers could just be programmed to, in the presence of default settings, not to route to the outside world and only pop up a web page that tells users that they have to set up a userid and password in order to use the router.
Then all people need is a 3.5 postcard(s) in the box telling them to plug their computer into the router and go to http://192.168.1.1/ and follow the instruction.
I know, its not perfect, but its better - way better - than what's there now, and reasonably easy on the consumer, if done in a sensible way.
Of course, then what will happen then will be malicious web sites will just push down an applet that directly changes the DNS settings in the computer itself, bypassing the need to mess with the routers. No real defense against that one, outside of blocking all scripts. Something few users will likely do.
-
Re:Where the heck did this hype come from?
Well, think of this. It wouldn't be all that hard to setup some javascript, use AJAX and have it call to http://192.168.1.1/ and try a random smattering of common admin logins to modems (I know my DSL modem @ home supports it) and then report back to the server the IP address of the user. You could easily get their PPPoE login right there provided some other details. At the very least you could take down their modem.
Sure this is kinda out there and the simple response is to change your modems password or turn off web administration on it but then again a quick wireless scan around my apartment reveals at least two people with open systems.
Not everyone is an IT tech and there will always be a market for the exploitation of insecurities just as there will always be insecurities. It's merely a matter of being preemptive, recognizing potential risks and doing what you can to both (a) lower risk to an acceptable level and (b) maintain usability depending on how important access to similar sites is for you/company. -
Re:I Don't Quite Agree with This LineWhich means that for all intents and purposes there is no way to know. Idiots need bells and whistles.
For all intents and purposes there is no way to know?????
Simply type http://192.168.1.1/
.... enter you username and password, and LOOK.I really don't know how much easier it could be.
-
Open your wireless the easy way
If you click on one of these two links you can easily setup your wireless to be open!
Click Here or Click Here
There's no liability in giving free access to everyone, the courts have confirmed the principal of being just like a ISP when passing internet packets automatically.
So let's all party on the net! Open your wireless party today!
(and thanks for the free access when I needed it while traveling) -
Local Link for Router Owners
If you own this router and you own IE 5 or above, please visit this upgrade page, substituting the IP of your modem for 192.168.1.1 [Default].
-
Re:Did you even go to the site?
There's a mirror here.
-
Re:How can you detect transparent proxying?
Easier:
Try browsing to this or this.
Assuming your local administrator isn't using up all the non-routeable IPs, those should not connect anywhere. If you get an error message back that looks different from the one you get from this (assuming you aren't running a server yourself) then they are running a proxy. If they are both the same then either they aren't running a proxy, or you are using a broken web-browser that doesn't return proper error messages, such as IE.
Not as guaranteed to product a result as the parent message, but way easier! :-)
HTH.