Quake3World

I usually use WEP on my router at home, and I don't pay much attention to which security method choice is the best because I just don't care. Turned WEP off last weekend because we had some friends staying over on their way through town and 4 laptops needed access to the net, so I was lazy and just disabled it instead of setting everyone's machine up.

Security had been off for the last week, no issues, nobody trying to leech off my connection, etc.

Came back from dinner last night (went to one of those hibachi palces where they make your food at the table and fling knives and eggs and fire around while doing it) and none of my machines could connect to the wireless. Searched for networks showed that my linksys now had WPA enabled and needed a key to log on. Had to direct connect to the router through cable and log into it that way to see that yes, WPA had been enabled, and there was a key there. (does WPA generate keys like WEP does?) For the record, I do not still have the default admin username and password on the linksys router.

Anyone have any idea how this could have happened? Can't imagine someone being bored enough to try and hack into my router to enable WPA and since the username and password weren't both 'admin' or whatever default linksys is they couldn't have gotten in quite that easy...Is this a bug or have I been targeted by the 1337 h4x0rZ who want to play with my router?

reset?

I blame Syria.

plained wrote:reset?

would a reset enable that? I've reset the thing before and it didn't do that.

Yes it would.

GONNAFISTYA wrote:I blame Syria.

I blame the Jews, so I think we've got that covered.

plained wrote:Yes it would.

no power surges or anything like that occurred though. I'll try resetting it again and see if that makes it happen again. Maybe the mystery is solved.

Have you looked at the system log? It might be in there.

Was your password dictionary-based? Even 1337-5p34k is only marginally better with a brute force attack. I agree with raw. Check your logs before you reset it (depending on how you have your logs set). I set my password to something completely random, write it down, and save it in my browser. I really doubt a power outage/surge would cause a reset.

I love this site for passwords. I save them in a double-encrypted database.

http://www.pctools.com/guides/password/

resets don't enable that.

I believe wireless is off by default. If WPA was enabled, someone probably enabled it.

For the record though, it is best practice to enable WPA2 (if your router supports it) and set a passkey thay is unique but one you are able to remember. This way, when you have friends over, you can just simply set up your wireless network and they can connect any time they are in your house. You MUST secure wireless! Leaving it wide open is just asking for hell.

Side Note: I use a Linksys WRT54GC which was my default gateway here. I recently put in place a Cisco ASA 5505 at the house (for work) and plugged my WRT54G into it and set up a static route for 0.0.0.0 0.0.0.0 <ASA IP/Gateway> and it works like a champ. If I ever leave my job I'm dropping the $500 for the ASA. Totally worth it!!!!