For the average person, just paying attention to the convenience brought by wireless, but not paying attention to security, it is easy for individuals to sneak into the air. In fact, intrusion into the wireless network does not require a high technical content, as long as some simple computer and network common sense, and the method of prevention is very simple, but many people are greedy and convenient to pay attention to, and look at the story of the protagonist.
I went home after work that day, listening to the two sisters living in the downstairs room in the elevator and describing how to wirelessly connect to the Internet at home. I thought that these two computers were still playing wirelessly on weekdays. There are three long and two shorts that always ask me to see. This time, I have been hanging out on one side and I am transparent in the elevator. I am very angry, the consequences are very serious, see how I clean up you, to ensure that this is not the case, these two small MM will be hard and soft and ask for help, I can't help but scream.
MM next door hacker
After eating absently, I took my notebook to the balcony. This location is closest to the study room of the family downstairs. If there is no estimation wrong, the wireless router should be placed next to the study computer. The signal on the balcony should be the strongest. At around 8 o'clock in the evening, it is time to look at the darkness outside the house.
After the notebook is powered on, enter "ldmgmt.msc" in the running mode, open the device manager, start the Intel Wireless/Pro 2915ABG wireless module in the network adapter, then set the wireless connection properties, set the IP address automatically in the Internet protocol properties. address. Then enter “ipconfig /renew” in the command prompt character, and the returned result is:
Ethernet adapter Wireless network connection: Connection-specific DNS Suffix . : domain IP Address. . . . . . . . . . . . . : 192.168.1.100 Subnet Mask . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Then, enter "ldconfig;all", and see that the DHCP Server parameter is indeed 192.168.1.1, which means that my laptop has received the sister's wireless router.
Anti: The wireless router has the DHCP Server function enabled by default. Although it can facilitate client address allocation and management, it also makes it easy for intruders to access. It can be disabled for security reasons. Log in to the web management interface of the wireless router. In the DHCP project, select the “Do not enable” option. The client uses the method of manually specifying the IP address and the default gateway.
Verifying the wireless router.
I don’t think it’s so easy. Access to the wireless router, it seems that the sisters really have no security awareness, then the next implementation is to verify the true wireless router.
Each network device has a globally unique "ID card" number, wireless router is no exception, the format is: 5254AB1D917A, in the string of 12-digit hexadecimal characters, the first 6 bits are used to mark For a specific vendor, the last 6 digits are used to mark the specific product. To verify the true state of the wireless router, this is easy. Enter "ldp -a" in the command prompt character and see that the returned result is:
Interface : 192.168.1.100 —— 0x2 Internet Address Physical Address Type 192.168.1.1 00-0a-eb-d5-1c-a2 dynamic
With the wireless router's MAC address, I immediately open IE and go to the IEEE website. This address is assigned to which vendor, so the input enters the first 6 bits "00-0a-eb” into the Search for column (Figure 2). The result shown in Figure 3 is displayed on the returned web page. It turned out that the sister bought a TP-Link wireless router, which was a step closer to the goal. I laughed awkwardly.
In the web management interface of the wireless router, expand “network parameter →MAC address clone", and change the first 6 bits to other.
Wireless router secret leaks
Although I know that the wireless router manufacturer is TP-Link, I still can't start because I don't know the specific product model, but I don't have to worry, manufacturers like to use the same in different products. Account password and other parameters, this is good to start.
Although there is no manual for TP-Link wireless router, it is very simple to check its default account password. Go to Baidu website immediately and search for the TP-Link wireless router default password. As expected, a clue will be found on a web page on the first screen.
If there is nothing wrong, the default account and password are admin, asking the Buddha to protect the sisters will not change. Sure enough, enter “192.168.1.1” in the IE address bar, and enter admin in the pop-up verification screen to enter the web management interface of the wireless router.
Anti-: For security reasons, the wireless router should immediately modify the default account and password when it is initially used
If you enter the unmanned environment
Since the highest management authority of the wireless router is at your fingertips, the next step is to enter the uninhabited situation. At this time, I am thinking about how to destroy it. Is it a messy setting of the wireless router? Update a mismatched firmware to get rid of the wireless router? Or modify the Internet parameters so that they can not get on QQ? I want to think about it. In the end, I decided to point it up. The premise is not to cause irreparable damage to them, but I can’t let them fix it. The purpose is to let them move the rescue. Of course, they are looking for a soldier, so the hacking begins. ……
In the web management interface, enter the client list of the DHCP server, see a total of 3 clients, if not estimated, these 3 should be my laptop and sister's two computers Copy the MAC addresses of the two computers, then enable the wireless router's firewall, enable MAC address filtering, disable the enabled MAC address in the set MAC address list to access the Internet, and allow other MAC addresses to access the Internet.
Then in the MAC In the address filtering, the MAC addresses of the two sister computers are added to it. Restart the wireless router in the system tool, close the IE immediately after the operation, cover the notebook screen, and sneak into the living room to watch TV.
Anti-: If the highest authority of the wireless router is stolen, it will be difficult to prevent it.
After about 10 minutes, at 9 o'clock, the doorbell rang as scheduled, I opened the door kindly and asked the visitor about the anecdote. She said that the family couldn’t get on the net for no reason. I went down and looked at it. I followed it without saying anything. Watching the two sisters pay great attention to my master, I will not change the computer on the east. In fact, the remedy is very simple. I pretend to be busy on the computer for a while, so that they mistakenly think that it is difficult to solve the problem. The two sisters treat me as a god. I know that they are just worms. Because of their hospitality, I have been drinking two bowls of sweet soup in a row. My heart is also sweet and sweet. It is not too late. I propose to go back. I couldn’t help myself when I was lying in bed at night, and I laughed when I slept.
Rescue: Actually, the sisters don't know if the Internet is a computer fault, or a wireless router problem, or a telecom problem. For me, I know the problem. I can prescribe the right medicine. The Reset button can be connected to the power supply, the wireless router will be restored to the factory settings, the firewall and MAC address filtering information will be deleted, and the Internet account and other parameters will be retained.