BillF72
join:2009-03-05
|  [ fiber tech] Verizon FiOS default WEP key HIGHLY insecure!
Followup to an older thread ..
»Verizon FiOS default WEP key HIGHLY insecure!
Anyone can get the default WEP key for a FiOS supplied Actiontec router.
No cracking tools or network sniffer required.
You just need a calculator !!
The SSID name itself is a base-36 encoded version of the router's wired-side MAC address, and this gives away the default WEP key.
See the articles:
»xkyle.com/2009/03/03/verizon-fio···culator/
http: //xkyle.com/2009/03/03/verizon-fios-wireless-key-calculator/
or
»gigamike.wordpress.com/2008/05/0···lations/
http: //gigamike.wordpress.com/2008/05/06/verizons-false-sense-of-security-with-fios-installations/
Yes, definitely step up to WPA or WPA2 security (whichever your Actiontec router revision supports). Or at the least, change your WEP key to use something other than the default !!! |
|
FiOS LIVE
So fast, it's LIVE
join:2008-11-25
Collegeville, PA | Free WiFi anyone? That's basically what it is since the WEP key is given away in the router's MAC address that is being broadcasted. You could almost look at it as a secret perk for FiOS customers to get free WiFi from other FiOS users. |
|
JoshA
@anonymouse.org
| Not just a perk for other FiOS customers... for anyone.
Beware of anyone parked outside your house... as they may be using your WiFi.
»Stealing Wi-Fi Access...
I suspect most WiFi stealers are just interested in some free convenient Internet access, but they could also be doing illegal activities on your FiOS connection, or their laptops could have viruses which are attempting to infect your computers (which is easier since they are inside your firewall now). |
|
BBR_InsUW
AA or NF thats my Game
Premium,Mod
join:2000-04-22
La Mesa, CA
clubs: | reply to BillF72
Re: [ fiber tech] Verizon FiOS default WEP key HIGHLY insecure!
As a discussion of an insecurity in the router this is an acceptable topic, but please lets not get into the exact how to of this. |
|
troyh72
Premium
join:2003-12-12
Keller, TX | reply to BillF72
Re: [ fiber tech] Verizon FiOS default WEP key HIGHLY insecure!
If you are going to use WPA, use WPA AES. WPA TKIP is also crackable.
»arstechnica.com/security/news/20···cked.ars |
|
VZFiOSYo
join:2007-02-24
Lakewood, CA | reply to BillF72
Only works on Actiontec Routers. Not the Westell 9100EM |
|
danclan
join:2005-11-01
Midlothian, VA
 ·Verizon FIOS
| reply to troyh72
You need to read more. Its still secure and the odds of anyone hanging around your home to steal your wifi are still extremely slim... |
|
JoshA
@b0b3r.pl
| reply to BillF72
Here is a link to the ActionTec MI424WR user manual....
»www.actiontec.com/support_cms/do···v1.1.pdf
See page 32 & 35 for the WPA security options.
Choose WPA, Pre-Shared Key, AES algorithm, and create a good key (one that is not a simple dictionary word, or anything related to your name, birthdate, address, pets, car, etc)
The user manual is not a great 'how-to' guide on best security practices.
Has anyone seen a better guide for walking the average user through logging into the router and changing these security options to WPA (or WPA2 on later revisions)? |
|
deblin
Dark Side of the Moon
Premium,MVM
join:2001-09-01
Middletown, DE
| reply to BillF72
It's been mentioned numerous times on here, but at least they set it up with a WEP key instead of leaving it wide open. It will at least keep your non-technical neighbors from stealing (unintentionally or not) your inet.
--
He who is not contented with what he has, would not be contented with what he would like to have. -Socrates |
|
ironwalker
World Renowned
Premium,MVM
join:2001-08-31
Keansburg, NJ
clubs: | reply to BillF72
Hmm, isn't any WEP unsecure? what makes fios WEP any differnet is it because the router is in modem? |
|
FiOS LIVE
So fast, it's LIVE
join:2008-11-25
Collegeville, PA
| There is no modem with FiOS and you can use your own router over CAT5 if you wish.
The problem with the Verizon routers is that the key used for their default WEP is being broadcasted to everyone. Customers are not told this so they are led to believe their wireless is secure and they don't have to change a thing.
What's the use of having a password when you give it away to everyone and anyone?
--
AT&T + Comcast
Your world. Destroyed.
Throttle and put a cap on it. It's Comcastic! |
|
JBurns
@foebud.org
| reply to BillF72
Found on some obscure FiOS page by searching Google.
»onlinehelp.verizon.net/consumer/···ity2.pdf
"
Security is an important issue when using a wireless home network. Because radio waves are used to transfer information between your networked computers, it's possible for hackers to intercept this information. Taking advantage of the security features built into your Actiontec router can make it more difficult for hackers to access your personal information.
Your Actiontec M1424WR router comes with an assigned ESSID and WEP encryption key to make installation easier and provide immediate protection for your home network. Review the type of data stored on your network computers to determine the level of protection you need. Regardless of the level of security protection you choose, it's very important to periodically change your security settings. It should be considered a normal maintenance task.
"
So, VZ recommends us to periodically change the security settings, but doesn't make this recommendation (nor the instructions) easily available. |
|
ironwalker
World Renowned
Premium,MVM
join:2001-08-31
Keansburg, NJ
clubs: | reply to BillF72
Thank you FiOS LIVE  |
|
VZFiOSYo
join:2007-02-24
Lakewood, CA | reply to JBurns
They are easily available. Did the tech that did the install leave the pamphlet that came with the router? There should be a CD thats also included which has a manual. Its explained in there. |
|
