Linksys WiFi Gateway Remote Attack Risk Discovered
Glenn Fleishman writes "According to InternetNews.com, a tech consultant discovered that even if you turn the remote administration feature off on a Linksys WRT54G -- the single bestselling Wi-Fi device in the world -- you can still remotely access it through ports 80 and 443. Linksys sets the HTTP username to nothing and password to 'admin' on all of its devices by default. Web site scanning from anywhere in the world to devices that have routable Internet-facing addresses would allow script kiddie remote access, at which point you could flash the unit with new firmware, extract the WEP or WPA key, or just mess up someone's configuration and change the password."
I am grabbing my laptop right now and going to my newfound open access point!
don't tell to my neighbour...
All your gateways are belong to us
"No matter where you go, there you are." -- Buckaroo Banzai
...anyone dumb enough to leave the router with the default password deserves to be h4x0red. I assume that by now pretty much anyone that owns a computer knows the need to create their own password not only for their PC but other devices/peripherals.
Although, I tried changing mine to "penis" and it returned a message saying: "Password is too small."
Go figure...
Rican
Want a free iPod?