Guest Wifi & Security

Status
Not open for further replies.
Joined
Apr 18, 2005
Messages
3,150
Location
Easton, PA
Granted this isn't something I always do and I really didn't do any harm I was just bored and saw how deep I could go.

Logged on to Guest Wifi at a local dealership waiting for vehicle

Used it for a bit and then decided to see if they did the standard practice of using the default UN & PW. Yup just a standard consumer Netgear Router, nothing special. Logged in using admin/password.

I see the fixed IP setup for the wan side, interesting it uses local 192.x.x.x for AD/DNS. It also has a 10.x.x.x as the gateway. Believing that is core router I went deeper. Port scanned found it had SSH open. I think it isn't a local ISP but something else that maybe dealers use. Something about ADP dealer network.

Used an SSH app on my phone and boom I get the prompt for level_15_access...

I tried once think there is no way it used a standard password, got a stern warning about you are unauthorized and now the connection is being monitored...blah blah blah FBI. Well that made me feel a little better but seriously I should never have made it that far.

No wonder the major hacks that have occurred did. It's not like this dealership has sensitive data like SS#/Addrs/DL#...etc
33.gif
 
Last edited:
Quote:

I see the fixed IP setup for the wan side, interesting it uses local 192.x.x.x for AD/DNS. It also has a 10.x.x.x as the gateway.



192.x.x.x is still a valid internet address, as long as the first x is not 168

192.168.x.x is a private range.

Isn't "Guest wifi" supposed to prevent access to all other devices? I'm not a wifi user
 
Originally Posted By: simple_gifts


Isn't "Guest wifi" supposed to prevent access to all other devices? I'm not a wifi user



It is if it's set up properly.
 
This is the reason that at work, our guest network is on a completely seperate network. It runs through the same switches and APs but is on a completely seperate VLAN, and has it's own seperate internet connection, and there is no communication between it and the other VLANs.
 
Originally Posted By: Nick R
This is the reason that at work, our guest network is on a completely seperate network. It runs through the same switches and APs but is on a completely seperate VLAN, and has it's own seperate internet connection, and there is no communication between it and the other VLANs.

This x 1000; our guest WLAN is open, but locked with all separate systems and connectivity. Our production WLAN is fully secure and non-authorized devices are automatically kicked to the guest network (this usually consists of one of the production machines that cannot be authenticated). Since the OP was able to log into the router, he could have basically "killed" the WLAN there by wiping the router config or other malicious things (not saying or suggesting that he would).
 
I'm leery of 'Guest WiFi' anyway. It would be a great way to perform a man in the middle attack. Set up an access point in a maid's cart in a high end hotel in a big city and I bet you'd be amazed at the people that connect to any available network and accept any sort of agreement. Install your own keystroke logger and backdoor with the agreement, voila !

This has been suggested as a source of several breaches. Capture business traveler's VPN passwords, etc.

Why are people so trusting of computer/network stuff ?
I've worked in this field almost 30 years, maybe I'm paranoid.
 
^^^^^^^^^^^^^^^^^^^^^

You are a little paranoid. I traveled with my truck and travel trailer all around the U.S. two years ago. From Utah through the South up to Maine and back again. Used many "public WiFi" spots never had anything happen that would lead me to believe I was hacked.

I had a sales job where I covered 11 Western States, same thing, I used hotel Internet service without issue.


I'm sure it happens....but it's not prevalent.
 
Last edited:
Originally Posted By: simple_gifts
Quote:

I see the fixed IP setup for the wan side, interesting it uses local 192.x.x.x for AD/DNS. It also has a 10.x.x.x as the gateway.



192.x.x.x is still a valid internet address, as long as the first x is not 168

192.168.x.x is a private range.

Isn't "Guest wifi" supposed to prevent access to all other devices? I'm not a wifi user


Correct, in my haste to post I omitted that. It was in fact a 192.168.x.x address.

Ya I shouldn't have been able to see anything else. :facepalm:
 
Originally Posted By: Thermo1223
Granted this isn't something I always do and I really didn't do any harm I was just bored and saw how deep I could go.

Logged on to Guest Wifi at a local dealership waiting for vehicle

Used it for a bit and then decided to see if they did the standard practice of using the default UN & PW. Yup just a standard consumer Netgear Router, nothing special. Logged in using admin/password.

I see the fixed IP setup for the wan side, interesting it uses local 192.x.x.x for AD/DNS. It also has a 10.x.x.x as the gateway. Believing that is core router I went deeper. Port scanned found it had SSH open. I think it isn't a local ISP but something else that maybe dealers use. Something about ADP dealer network.

Used an SSH app on my phone and boom I get the prompt for level_15_access...

I tried once think there is no way it used a standard password, got a stern warning about you are unauthorized and now the connection is being monitored...blah blah blah FBI. Well that made me feel a little better but seriously I should never have made it that far.

No wonder the major hacks that have occurred did. It's not like this dealership has sensitive data like SS#/Addrs/DL#...etc
33.gif



Wow, the person who set that up is an idiot! LOL!
 
Ya...this isn't first time. A lot of local chain restaurants are the same way. It is kinda sad.

You shouldn't be able to SSH in over any outside IP. Have they ever heard of a management VLAN? Oy...
 
The local gym actually lets you onto their secure wifi since the Cisco piece for guests with the I agree to blah croacked.

I just skip that and log into the Xfinity hotspot router that is by default enabled and seem to get better consistency on network.
 
Status
Not open for further replies.
Back
Top