Wide Open for Attack


I switched over to a new router recently. Set up WPA-2 encryption on the wireless access. Don't want the neighbors stealing my Internet bandwidth. Then I had to move all my printer over to use the new router. I got a ton of printer. But I use three of them wirelessly all the time. Two of them are cheap Brother printers. The other is a color HP.

Turns out the easiest way to configure the printer network configuration is to connect to the printer over the network. Each of these guys seems to have a built in mini-web server. You just figure out the printer's IP address. Then you put that address in the browser URL bar. Presto. You are greeted with a tons of menus to control the printer.

Now changing the printer network configuration requires you to enter a username and password. The problem is that I never changed those passwords from the factory defaults. Doh. This is just like leaving the default passwords on my wireless routers.

Now I figure there can't be too much damage done if someone comes in and mucks around with my printer configuration. I could always press the button that returns them to their factory configuration, then lock them down. But why wait? Lock them up tight I say.

Operation Honey Pot


I have used the default SSID on my wireless router at home. Did not enable any encryption on the thing. The whole neighborhood could use it to access the Internet. The rest of the people in my home got irked that they had to share bandwidth with random strangers. I caved in and decided I would put a password on our connection.

However I decided to achieve the bandwidth goal using another means. I bought a separate router that had a secure connection. But I left my old router on. I bet there are lots of people using the old connection to get to the Web. Why not turn that router into a honey pot?

I still needed to keep the Internet connection open. First I figure I could just log who is using this open router. Then maybe I could start to spy on their traffic. Finally I could see whether I could reach back into their devices (computers) to poek around. This is going to be fun.

Perhaps I should google around to find some tools to help me with my exploits. Or I could just roll my own tools. That would be truly educational. Fair warning people. If you are leeching off a router with SSID linksys, you might be owned soon.