Eircom Netopia Routers Are Wide Open

[Sponge Bob]

If you follow a few simple steps that I will not go into. Basically the Router Name contains part of the Encryption Key.

http://www.bartbusschots.ie/blog/?p=511

Quote:

The information I was given included a very short piece of computer code (in C++) that takes an Eircom default SSID as input and effectively instantly gives the default WEP key as output. The algorythm to do this is shockingly and frighteningly trivial. The author claims he was able to generate this code using some very basic reverse-engineering techniques on the Eircom install CD

Eircom won't talk to him about it or publish a security advisory for the minimum 100k of these out there. There are about 50k of these things in the supply chain between now and christmas so it will be 2008 before they fix it .

All Together Now Duhhhh!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Thank phuck I always use WPA

[dub45]

Surely it is an issue worthy being brough to the attention of Comreg or perhaps even the data commissioner?

I have always thought it silly anyway that they come with the wireless switched on as the default. It is causing unnecessary congestion of the airwaves never mind the security issue>

[dulpit]

Quick question - our router is an Eircom Netopia one, but we have it set up so that only certain MAC addresses (my laptop, my brother's wii) can access it wirelessly...

I presume this is as safe & secure as you can get??

[the_syco]

Quote:

Originally Posted by dub45

Surely it is an issue worthy being brough to the attention of Comreg or perhaps even the data commissioner?

Surely you're taking the piss? Because someone found a way to quickly crack WEP, it's bad? WPA is more secure, but not uncrackable. Should that also be removed?

Wait: news flash: if it gives access to a business, someone will try to crack it.

Quote:

Originally Posted by dulpit

Quick question - our router is an Eircom Netopia one, but we have it set up so that only certain MAC addresses (my laptop, my brother's wii) can access it wirelessly...

I presume this is as safe & secure as you can get??

Nope. Your MAC address is broadcasted as plain text. Then I just have to spoof your MAC address (make your router think I'm actually your computer), and in I go.

[Sponge Bob]

Well as someone living in the country I don't feel as strongly about that dub45 but deriving the SSID from the WEP key and then broadcasting it is stupido!

[dub45]

Quote:

Originally Posted by Sponge Bob

Well as someone living in the country I don't feel as strongly about that dub45 but deriving the SSID from the WEP key and then broadcasting it is stupido!

I agree with you on the latter but as regards the former it is truly amazing how many Eircom networks you can pick up in Dublin and I would guess that a fair few of them are not being used as part of a wireless network.

[dub45]

Quote:

Originally Posted by dulpit

Quick question - our router is an Eircom Netopia one, but we have it set up so that only certain MAC addresses (my laptop, my brother's wii) can access it wirelessly...

I presume this is as safe & secure as you can get??

You should change the security to WPA - easily done if you are capable of the mac stuff.

[Sponge Bob]

I agree with you Dub45 in that the advisory that eircom will eventually release will advise persons that

1. they are not to broadcast the SSID if wireless is on ( trivial)
2. they are to turn off the wireless altogether ( trivial) if wireless is not used on the premises .

[watty]

make up your own SSID and key at the least, WPA at better, only use cables if paranoid.

[bungholio]

Quote:

Originally Posted by the_syco

Surely you're taking the piss? Because someone found a way to quickly crack WEP, it's bad? WPA is more secure, but not uncrackable. Should that also be removed?

you're a fool, were not talking wep in gereral here, were talking eircoms ssid naming and their wep codes,

News Flash: wake up n stop been an azz

[Sponge Bob]

Righty Ho!

Unless eircom publish a proper advisory in the national press by next friday morning, one weeks time, I will publish the detailed exploit here .....and elsewhere .....in order to make them publish a proper advisory.

There is no point in hiding this issue any more .

They have one week from now . As for the stuff in the pipeline they can tell the shops to print the advisory and sellotape it to the boxes .

There are well over 100k of these things out there, either deployed in use or in the pipeline

Even telling everyone to change the last 2 digits of the SSID, forthwith, would do the trick.

[Nick_oliveri]

Sure there was a default WEP key for a lot of routers not so long ago. This doesn't surprise me tbh.

NTL router in the brothers apartment had wireless and no security turned on by default. I'd say a few people in Raheny were happy for those few months. They even managed to change the admin password.

Anyone ever heard of the Linux distro "Backtrack"?

[BOFH_139]

If we can get this on the front page of Digg they "may" so something about it....

http://digg.com/security/Eircom_Expo...Security_Risks

[kaimera]

Arse.

I couldn't find a way to stop broadcasting the SSID on my own netopia router without disabling wireless completely. :-/

WPA + MAC addy wifi access only + changed SSID I have already.

[bealtine]

Quote:

Originally Posted by Sponge Bob

Righty Ho!

Unless eircom publish a proper advisory in the national press by next friday morning, one weeks time, I will publish the detailed exploit here .....and elsewhere .....in order to make them publish a proper advisory.

I say publish now.