Wifi security: can do better!

Today, I went to a well known commercial area near Louvain-La-Neuve. There, you can find another well known telecom operator point of sale. Usually, when I’ve some time to waste (when my wife is doing some shopping 😉 ), I sniff Wifi access points.

Today, I found one, unsecured. I received an IP, a default gateway but no name servers. Not far from the telecom operator, it was easy to guess the connection type!

I opened a HTTP session on the default gateway, bingo! No password configured. Walking thru the menus, it was a classic ADSL account.

I resume:

  • No protection (even WEP)
  • No password on the gateway management interface
  • There was a filter on the MAC address but wrongly configured:
    • Enable MAC filter
    • By default, deny access to specified MACs (!!!)
    • Only one MAC address listed

For the fun, I went to the point of sale, asked the manager and told him that his network was unsecured.

“Ah? Oh? Hmmm…. But it was installed by a professional engineer!”

“Look, I can even disconnect your TV channels…”

<click>

Black screen! 😉

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.