Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on [email protected] for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact [email protected]

Eircom - Securing Your Router (Wireless)

  • 01-09-2008 2:26pm
    #1
    Registered Users Posts: 8,004 ✭✭✭


    UPDATE: Do everything below using an Ethernet Cable connection. Using Wireless can be problematic.

    Hi Folks,

    In this article I want to cover how to secure an Eircom router.

    Log Into Your Router


    1) Open your internet browser (Firefox, IE, Opera) and type in the address bar: http://192.168.1.254

    2) Enter your username and password if you are asked for one

    3) You should now be in the routers home page

    Setting Up WPA (aka A Wireless Key)

    Golden Rule of Wireless: Never use WEP. It is the equilevent of tissue paper. it is breakable in 1 minute. You can break it faster than you can set it up.

    1) From your routers home page, click Wireless (Left Hand Side)

    2) Give your wireless a name. (Hint: Do not use your address, phone number or real name)

    3) Set Privacy to: WPA-PSK

    4) Set your Pre Shared Key to a long password. Letters, Number and Symbols are best. Do not use one word. WPA is hacked by dictionary attacks, as such if you use a word in a dictionary it is hackable.

    (Download this program: http://www.soroban.co.uk/wepkeygen.htm and create at least a 56 character passphrase Extended WPA KEY)

    Simular to this:

    O[õê+宺Æë8Ï·S`X§9\Y¦¯æà©ÑN,!#Qûîh5ôÑIéëÂiØJ_Ô¥Â&"ÀÚÎs«í

    or

    dDC>Bs\BC:=Cc&rW]R4k22$s#M!:1:&[%b?b 8P#D/>$8/Mz2-wrhX[v


    5) Copy and paste your new key to NotePad and into the Pre Shared Key box on your router

    6) Click Save Changes and say yes to restarting your router

    7) Once the router has rebooted, open Windows Wireless Networks, search for your network, then use NotePad to copy and paste your new code in when required

    Your router is now almost 100% secure.

    Advanced Securing

    MAC Limiting

    1) Log into your router

    2) Click Expert Mode

    3) Click Statistics

    4) Click LAN

    5) Connect every device you have to your wireless. Once you have done this, refresh your browser (Press F5)

    6) Note every devices MAC Address exactly.

    7) Click return to your routers home page: http://192.168.1.254

    8) Click Wireless

    9) Click Advanced Configuration Options

    10) Click Limit Wireless Access by MAC Address

    11) Click Add, then add each devices MAC Address, clicking Submit each time.

    12) Once finished, click Save Changes and Restart your router.

    Explanation: Your router will now only allow devices on the allowed list to connect to your router. This adds an extra layer of protection to your router, thus stopping someone who may have cracked your wireless password from using your wireless. However, MAC Address's can be spoofed, so this is a basic level of protection.

    Adding a Router Log In Password (Not the same as your WPA / Wireless Key):


    1) Go to http://192.168.1.254/indexExptCfgRES.htm?wizrouterpasswd.htm

    2) Create a new password and ensure the box is checked saying "Enable Local Admin Login"

    3) Click Save Changes and allow your router to restart if required.

    4) Now when you log into your router at http://192.168.1.254 your username is "admin" and your password is the one you just created

    Explanation: This password will stop anyone who has access to your LAN or Wireless from changing settings or locking you out of your own network.


    Golden Rules:
    • Do not use wireless if you don't have to
    • Always use WPA or above. WEP is not secure.
    • Never use names, telephone numbers or personal information as passwords or network names
    • Don't steal wireless from your neighbour. What goes around, comes around.
    • Change your wireless key at least every 3 months if you live in a built up area
    • If you suspect your wireless has been hacked, immediately turn it off. Contact your ISP and change your wireless key.


«13

Comments

  • Registered Users Posts: 1,449 ✭✭✭livEwirE


    Cheers mate, VERY useful!


  • Closed Accounts Posts: 363 ✭✭April Raine


    ironclaw wrote: »
    Hi Folks,

    In this article I want to cover how to secure an Eircom router.
    .............................................

    Explanation: This password will stop anyone who has access to your LAN or Wireless from changing settings or locking you out of your own network.


    Very good post? You can change the wpa key as well? And then use it to log in?Thanks


  • Registered Users Posts: 8,004 ✭✭✭ironclaw


    Updated above. Thanks Folks. Maybe this could be a sticky?


  • Closed Accounts Posts: 304 ✭✭boardsie08


    hey, thanks for the above, v. helpful and good to know! unfort im now stuck, i followed the guide as above and ive restarted and rebooted and now i cant connect again. it says the settings on this pc dont match the requirements of the network. help!


  • Registered Users Posts: 8,004 ✭✭✭ironclaw


    What is the name of your wireless device? Some cannot use WPA networks.

    And I bet your using Vista :D


  • Advertisement
  • Closed Accounts Posts: 304 ✭✭boardsie08


    ah, its a 2247 the eircom one, im using it with smart tho, and yup vista!


  • Closed Accounts Posts: 304 ✭✭boardsie08


    boardsie08 wrote: »
    ah, its a 2247 the eircom one, im using it with smart tho, and yup vista!

    btw its the netopia one! any idea how i can get connected again? thanks!


  • Registered Users Posts: 8,004 ✭✭✭ironclaw


    Right,possible things wrong include: (At a guess) :

    Your pc / notebook wireless card does not support WPA

    You used a 63 character WPA Key, Eircom routers don't like anything over 56 ish.

    The key your entering into Vista is incorrect.


  • Closed Accounts Posts: 304 ✭✭boardsie08


    yeah it was a 63 character key i used, is there any way i can change this as i now cannot log onto the router homepage anymore


  • Registered Users Posts: 8,004 ✭✭✭ironclaw


    Use an ethernet cable to connect to your router. Then update as above, using a 56 character key.

    Then unplug your ethernet cable and try the wireless once the router has rebooted.

    Updated my above.


  • Advertisement
  • Registered Users Posts: 67 ✭✭paulshir


    Make sure you update your routers firmware as on older models you were able to connect to eircom networks without the correct wep/wpa key. You would have no connectivity though unless you put in the dns servers and ip address into your settings, then you could get full internet access. Basically if you set your computer up right you could use eircom wireless without the wep/wpa codes.


  • Registered Users Posts: 8,004 ✭✭✭ironclaw


    The Fort wrote: »
    Make sure you update your routers firmware as on older models you were able to connect to eircom networks without the correct wep/wpa key.

    Could you clarify that? A while ago there was a new story ran than when users created WEP keys with the supplied CD they could be hacked. If that is what your refering to, then the above is not true. The firmware has nothing to do with WEP / WPA key creation and I would sincerly doubt Netopia would release a firmware that could not do such a basic task

    I tried to update my firmware, but there are none availible.


  • Registered Users Posts: 67 ✭✭paulshir


    It is a while ago now but I was messing around with my router and I tried to connect to it by just putting in random things for the key. I was able to connect but the router wasn't giving me an ip address. I then changed my settings to the address 192.168.1.253 (i thought the dchp wouldn't give this ip address). I put in the dns server address into my computer(available from your router menu and the eircom site). Went connect to network, typed in random letters (i have a long wpa password) and i was connected and could access the internet. It said it was unsecured though. I then tried the same with my phone (nokia n80) and that worked aswell. This freaked me out so i updated the router and could no longer connect. My version is 7.5.0. It is the old black router. Hope this helps.


  • Registered Users Posts: 8,004 ✭✭✭ironclaw


    The Fort wrote: »
    It said it was unsecured though.

    The above should not have worked. I know Windows can "think" it has the right key. It polls the router but no IP is issued. You say you managed to get round that.
    The Fort wrote: »
    Went connect to network, typed in random letters (I have a long wpa password)

    Did you type this into Windows or your router? Why random letters?


    However, the fact remains that if the router was secured (i.e. the data was encrypted by WEP / WPA then your computer could not have decoded the data and in turn could not have accessed the internet. :confused:


  • Registered Users Posts: 67 ✭✭paulshir


    I don't know why it worked but it did. It worked on a friends as well. I used random letters because windows required some sort of password when I tried to connect but not necessarily the right one.


  • Closed Accounts Posts: 2 Doy22


    Thank you for posting the article. Nice posting.... Even I agree with your Golden Rules of wireless....
    ___________________________
    Millionaire Mavericks


  • Registered Users Posts: 8,004 ✭✭✭ironclaw


    Thank you. I have a few years experience as a Penetration Tester, and it always saddens me to see people not using secure encryptions.


  • Closed Accounts Posts: 20 Daemonica


    Regarding the WEP security, it is that easy to break.Especially eircom ones. You see, they are essentially defined by the SSID, if you know that, with a little napkin math, they are easy to figure out and break. Either that or you could just type "eircom wep key generator" into google and let that sinister crawler do it's work. For other wep keys, you need a packet sniffer like aircrack or the -ng version for the cd image Backtrack. It's a fairly common misconception that these are easy to crack, when in reality it takes about 4 minutes of sniffing and deauthenticating the clients to do merge a key from it all.

    I don't like the fact that everyone seems to freak out when you mention that you use WEP encryption. I use it mainly because my wifi card likes it a lot and PSK2 still has some issues with authentication because of it's over zealous requests on the client. Besides, I think that if you know about wep/ wpa encyption, then you should at least know how to check the router logs for weird IP addresses that don't belong to you, then filter them out. The idea of making uber secure keys with a billion characters is rediculous. You don't need to be an ascii artist to generate one. Follow whatever simple guide the router gives you and jsut stay away from wep. WPA-PSK is more than enough, simply select a 7 letter word and add a number to the end. There is no reason to have 26 character keys. This is not communist russia, the most that will ever happen is some kid will find an unsecure network, connect to it and start bitraping the bejesus out of it.

    There is no point in using a router anyway, since its a shell for NAT anyway, the very protcol itself breaks end to end connectivity ideals.

    Still though ironclaw, working in the IT industry makes you paranoid. I know too.


  • Registered Users Posts: 8,004 ✭✭✭ironclaw


    Well said Daemonica. However, I disagree. I'd always use WPA if I could. 4 mins versus a theroicaly life time to crack WPA is better in my books.

    It makes your paranoid alright though :rolleyes:


  • Closed Accounts Posts: 13 lilp4130


    hi i need sme help please,
    i've followed all the above steps with great sucess
    except the last adding admin password part
    i screwed up somehow and now cant log into my router
    any ideas?i still have my internet connection,is there a way to override this/ reset my router?and enter a new password?
    thanks in advance!
    everythingelse worked a treat!


  • Advertisement
  • Registered Users Posts: 8,004 ✭✭✭ironclaw


    lilp4130 wrote: »
    hi i need sme help please,
    i've followed all the above steps with great sucess
    except the last adding admin password part
    i screwed up somehow and now cant log into my router
    any ideas?i still have my internet connection,is there a way to override this/ reset my router?and enter a new password?
    thanks in advance!
    everythingelse worked a treat!

    Sadly unless you can remember you will need to do a "Hard Reset" which bascially pressing the small button on the back of the router while the router is on (With a biro etc). Its in the manual I believe.


  • Closed Accounts Posts: 13 lilp4130


    ironclaw wrote: »
    Sadly unless you can remember you will need to do a "Hard Reset" which bascially pressing the small button on the back of the router while the router is on (With a biro etc). Its in the manual I believe.


    will that involve extra setting up or should this guide see me right?


  • Registered Users Posts: 8,004 ✭✭✭ironclaw


    lilp4130 wrote: »
    will that involve extra setting up or should this guide see me right?

    Well it will totatly wipe the router and return it to the factory settings, so you'll have to go through my guide again. Sadly there isn't an alternative unless you remember your password.


  • Closed Accounts Posts: 13 lilp4130


    great thanks for the reply!
    and the very helpful guide!
    :)


  • Registered Users Posts: 78 ✭✭Thomasjo


    Tnks for the secure advice. Have made changes to my router. Is there any way to check if someone is connected to your wireless router?


  • Registered Users Posts: 8,004 ✭✭✭ironclaw


    Thomasjo wrote: »
    Tnks for the secure advice. Have made changes to my router. Is there any way to check if someone is connected to your wireless router?

    Yes you can:

    Login at 192.168.1.254

    Enter Expert Mode

    Click Statistics

    Click LAN

    (Link: http://192.168.1.254/indexExptStatRES.htm?lanstatRES.htm )


    This lists all the current devices connected. You should be able to ID all the devices, if not, you know you have a problem.


  • Closed Accounts Posts: 640 ✭✭✭Michaelrsh


    I'm having problems accessing my eircom wireless network. When I go to "connect to" it say under my wireless network - "The settings saved onthis computer for the network do not match the requirments of the network".

    I got a laptop yesterday and started fooling around with the Netopia Router setting for the wireless network and I switch off the privacy altogether so I could access the wireless. At that point the wireless was working grand. Only then I found out that this is not secure. So I swithed it back to WPA. After that the message which I wrote about ^^^ popped up when I tried to access the wireless.

    Can someone tell me how I can fix this? Is there I was I can set everything back to there defalt settings?


  • Registered Users Posts: 8,004 ✭✭✭ironclaw


    Michaelrsh wrote: »
    I'm having problems accessing my eircom wireless network. When I go to "connect to" it say under my wireless network - "The settings saved onthis computer for the network do not match the requirments of the network".

    I got a laptop yesterday and started fooling around with the Netopia Router setting for the wireless network and I switch off the privacy altogether so I could access the wireless. At that point the wireless was working grand. Only then I found out that this is not secure. So I swithed it back to WPA. After that the message which I wrote about ^^^ popped up when I tried to access the wireless.

    Can someone tell me how I can fix this? Is there I was I can set everything back to there defalt settings?

    Right, you need to get a ethernet cable and connect to the router. Then follow the steps to set up a WPA Key. Then enter this into the computer settings. The computer is trying to connect with no key to a network that requires a key, hence the error.


  • Registered Users Posts: 2,154 ✭✭✭k123456


    How do i check if my laptop wireless card does support WPA

    ironclaw wrote: »
    Right,possible things wrong include: (At a guess) :

    Your pc / notebook wireless card does not support WPA


    .


  • Advertisement
  • Registered Users Posts: 2,154 ✭✭✭k123456


    Thinking of changing my wireless router's security from Wep to WPA

    In addition to my laptop wirelessly connecting to my router, I have an ATA wired to one of the wireless routers ethernet ports .

    Am I correct in assuming that WEP, WPA etc have nothing to do with the ethernet ports of the router


Advertisement