How secure is my Linksys wireless router?

[grs]

I'm using a linksys wireless router and I'm just wonder how secure it really is.  If someone wanted to gain access to my network through the router how would they do it and how could I stop them?

[moonlit]

Chances are if you have to ask, it's not secure. There are ways of getting in to everything, you can only put more hurdles in the way so most normal people would give up.

[VaKo]

If you have NAT and no open ports publically then your router is fine.

[metatron]

I really wouldn’t worry about it to much. I could go into how paranoid I am and how you could secure all you network, but I can’t be bothered to at the moment. Technically speaking you could turn of UPnP and set up strict firewall rules, disable remote management, change the default password, other then that I guess you could make sure your firmware is up to date, but passed that if you’re asking this question I don’t think you could set it up.

I personally think people should leave their AP’s open and just tunnel all their traffic.

[digip]

I personally think people should leave their AP’s open and just tunnel all their traffic

Maybe a good tutorial for Analog 5 is in oder. Tunnelling only protects him, but anyone using his ISP connection to hack or do things will come back on him and thats not cool.

@grs - Wireless in itself is not secure, but if you have to use it, learn to secure it and tunnell your traffic as metatron pointed out. You can use OpenSSH in combination with PuTTY to tunnel your HTTP traffic of your browser.

SSH Tunneling

Software used:

OpenSSH for Windows - http://sshwindows.sourceforge.net/

PuTTY for Windows - http://www.chiark.greenend.org.uk/~sgtatham/putty/

OpenSSH Configuration

The configuration batch file. This will add your groups and user accounts to OpenSSH, providing that you installed it to the default directory and that you're running the batch file from c:. Mad props to barrytone for bugging me about enabling services remotely, I used that in this project! http://www.bsodtv.org/tmp/openssh_config.bat

PuTTY Configuration

Main Area Hostname (IP): Your public IP of your server Port: 22

SSH->Tunnels Port: 7070 Check the 'Dynamic' box and click add

Connection->Proxy If your school or workplace uses a proxy, configure it in here

-Application Configuration

Socks v5 Proxy Hostname (IP): 127.0.0.1 Port: 7070

-----------

Manual configuration if BAT file is not available for some reason:

cd program filesopensshbin

mkgroup -l > ..etcgroup

mkpasswd -l > ..etcpasswd

sc config opensshd start= auto

net start opensshd

[JokerKing]

Chances are you're running the Linksys default firmwware.  First step is to change your password to access the router; I've been able to get into countless AP's with the default password.  Second step is to change your SSID to something other then 'default' and disable the SSID broadcast (note: you will have o manually type in the SSID on anyone's computer who wants to connect to your AP after you've disabled the SSID.)  Third step is to set your WiFi mode to G-Only, this immediatly rules out all WiFi-B devices, which could potentially speed up your network (as soon as a WiFi-B device connects to the AP the network immediatly slows down to WiFi-B speeds, regarldess if you're using WiFi-G). Fourth is to actually secure the network with a WPA2 Personal (TKIP + AES) key, I reccomend doing an alternating letter/number combo with at least one double letter and double number key (i.e. a1b2cd3e45....) as this will give a possible 260^X (where X is the length of the key) keys, lots to sort through.  Also, I recommend a minimum length of 10.  That should be secure enough; but if you're paranoid then set your MAC address filtering to exclusive and enter your MAC address.  I won't go into MAC address's as I'm lazy, but there are lots of guides to do MAC address filtering on the net.

[VaKo]

OK, quick question: Why would anyone not change the password of there router?

[Sparda]

They don't relies there router is configurable.

[digip]

OK, quick question: Why would anyone not change the password of there router?

Most people treat it like any appliance. Plug it in and it works. They don't always know what they are doing when it comes to these things.

[G-Stress]

@ digip

I finally got the chance to try the OpenSSH out with Putty and it's great. Now would OpenVPN or OpenSSH be a better way yo tunnel your traffic as far as security goes? Which would you recommend? I haven't gotten OpenVPN working yet, but this OpenSSH is nice. To make sure I fully understand it:

Connecting to my box via putty with config as you mentioned above. FireFox config in Tools > Options > Network > Settings: Select manual proxy config > SOCKS Host: 127.0.0.1 Port: 7070 > SOCKSv5

Then I'm connected to my box with putty so I can interact with it if necessary and all my traffic is being tunneled through that box?

[digip]

@ digip

I finally got the chance to try the OpenSSH out with Putty and it's great. Now would OpenVPN or OpenSSH be a better way yo tunnel your traffic as far as security goes? Which would you recommend? I haven't gotten OpenVPN working yet, but this OpenSSH is nice. To make sure I fully understand it:

Connecting to my box via putty with config as you mentioned above. FireFox config in Tools > Options > Network > Settings: Select manual proxy config > SOCKS Host: 127.0.0.1 Port: 7070 > SOCKSv5

Then I'm connected to my box with putty so I can interact with it if necessary and all my traffic is being tunneled through that box?

Yes, then you use the socks address in your browser and anyone trying to sniff your traffic between you and the router gets ssh traffic. The only thing they will be able to read is the responses from the website back to you, unless your on something like an https site(I think).

Others on the board can help with VPN setups and reccomending what clients to try. I have yet to get it to work myself, but thats because I am too lazy to work on my settings.

[G-Stress]

@ digip

Excellent:)

[G-Stress]

@ digip,

Hey is there a way to specify which user's/user I want to log in via ssh? By default running the specified batch you provided above it will only allow the main admin account to connect and log in via ssh. I would like that and one more admin account. Just curious if I can do that I haven't really looked just yet at much of the documentation, but I'll dig into that as well and if I find it I'll post back.

[sapling]

The linksys WRT has had numerous hacks out for it but the main concerns are. . . 

Default setup.

Security Settings.

Of course anyone with a default setup is going to have issues I mean how hard is it to do a admin, admin to get on a box.

Second security settings.  If you are worried about your personal PC's security its one thing but if your wireless router has any of the following it may be easy to own.

WEP, No Encryption, WPA with weak passwords including something related to your SSID. . .

Older firmwares also have had some nice exploits such as. . .

Firmwares older than 4. 71. 0

The reset security settings without authentication:

POST /Security. tri

Content-Length: 24

SecurityMode=0&layout=en

Resets the linksys wireless router to default security mode of being 100% vulnerable.  If your linksys is older and you haven't updated firmware and are using WEP or No encryption or a weak WPA password expect to be owned by your friendly neighborhood hacker who happens to target you.

Other than that worry more about your DSL or cable modem. . .  They tend to have some default settings that bring a chuckle to my face everytime I find one on the net. 

Default telnet management ports with default passwords and usernames. . . 

You would be surprised how many people connect devices and never change a setting on them before they plug it into the public internet. . .

[SomeoneE1se]

I really wouldn’t worry about it to much. I could go into how paranoid I am and how you could secure all you network, but I can’t be bothered to at the moment. Technically speaking you could turn of UPnP and set up strict firewall rules, disable remote management, change the default password, other then that I guess you could make sure your firmware is up to date, but passed that if you’re asking this question I don’t think you could set it up.

I personally think people should leave their AP’s open and just tunnel all their traffic.

what do you use as your AP?

[metatron]

I really wouldn’t worry about it to much. I could go into how paranoid I am and how you could secure all you network, but I can’t be bothered to at the moment. Technically speaking you could turn of UPnP and set up strict firewall rules, disable remote management, change the default password, other then that I guess you could make sure your firmware is up to date, but passed that if you’re asking this question I don’t think you could set it up.

I personally think people should leave their AP’s open and just tunnel all their traffic.

what do you use as your AP?

I built my own which runs OpenBSD. It’s just a Mini-ITX motherboard,  PCI to four-slot mini PCI Adapter and four Routerboard 802.11a/b/g 350mw miniPCI cards, 1GB of memory and a 80GB hard drive I had laying around.