Hrmmmmmmmm.

I have a linksys 54G wireless router and i set it all up over 2 years ago. I need to access the router again and i totally forgot my login and my password...

any ideas?

11/19/2007 3:22:59 PM

Hard Reset

11/19/2007 3:23:23 PM

generic advice for any router:

on the back or underside, is there a small pinhole? power down the router, and jam a paperclip in there til you hear a click. hold it down for 'bout 15 seconds (in case it's the type that needs to discharge some capacitors). power it back on, and it should be like a new router.

11/19/2007 3:34:09 PM

sweet. is there a default password i should know? i feel like there was one... hrmm can't remember. i dont have any manual. i suppose i could read their website...

11/19/2007 3:51:45 PM

i think it's admin, admin. Or admin, and leave pw blank.

11/19/2007 3:54:34 PM

blank user, password is admin... or admin for both, one of the two will work

11/19/2007 4:06:04 PM

n/m can't read.

[Edited on November 19, 2007 at 4:16 PM. Reason : /]

11/19/2007 4:16:05 PM

Quote :

"i suppose i could read their website... google for "default password linksys" or just ask tww to do it for me."

11/19/2007 4:17:50 PM

ok its working.

Quick! WEP or WPA??

11/19/2007 4:51:47 PM

anything other than wide open

11/19/2007 4:53:50 PM

Leave it wide open.

Step 1: Install DD-WRT
Step 2: Implement Upside-down-ternet
Step 3:



[Edited on November 19, 2007 at 4:57 PM. Reason : picture]

11/19/2007 4:56:59 PM

holy fuck thats funny. i'm tempted to do that

11/19/2007 4:58:43 PM

wide open with no SSID broadcast and with only specified MAC addresses being allowed access

11/19/2007 4:59:30 PM

I prefer to setup on WPA and disable SSID broadcast. That way they can allow folks to use it if they choose to, and simply provide them the passkey.

11/19/2007 5:11:43 PM

I like WPA2 + MAC Filtering + No SSID Broadcast

what else can I do to tighten wireless security?

11/19/2007 5:17:10 PM

^Stealth Wallpaper

11/19/2007 5:21:53 PM

Make sure you turn off the ability to administer the web gui from remote addresses.

If you have dd-wrt installed you can have a seperate ssh server, ssh into the router and run iptables rules to allow remote access when you need it and then turn it off.

11/19/2007 5:38:51 PM

since when did dan forget about google

11/19/2007 5:42:38 PM

Quote :

"I like WPA2 + MAC Filtering + No SSID Broadcast what else can I do to tighten wireless security?"

i do this with no ssh and web gui outside the lan for the router

oh and i also block all of china and africa

[Edited on November 19, 2007 at 6:19 PM. Reason : 

11/19/2007 6:19:23 PM

Quote :

"oh and i also block all of china and africa"

how do you do this? what about africa?

11/19/2007 8:57:34 PM

in iptables (i have a wrt54g running dd-wrt)

i just added entries for the ip addresses that are assigned to china and africa

i really dont need anything from there and it makes my roommate (who worked at sandia nl where they regularly got inbound hacking attempts from china on their network) feel better

i use some tools licensed by ornl as well

11/19/2007 9:13:02 PM

mac filtering isn't very effective. WPA2-PSK with a 24+ char key. disabling the ssid tends to cause issues for some setups

11/19/2007 11:33:43 PM

a mac whitelist just adds another layer

sure you can spoof it but if you have to find the 10 or so good ones out of 16^12 possibilities

or 16^10 since the first two are almost always 0 = thats 1.1 * 10^12 possibilities

i really dont see why this is a bad idea

11/19/2007 11:41:14 PM

Quote :

" disabling the ssid tends to cause issues for some setups"

mac for one

i noticed on a macbook G4 that it couldnt find the network unless i enabled the ssid...

11/19/2007 11:54:11 PM

There is NO ... I repeat, NO reason to have SSID disabled or MAC filtering if you're using WPA2.

Make life easier on yourself and anyone you want to give access to, keep that stuff turned off.

[Edited on November 20, 2007 at 1:12 AM. Reason : Fact.]

11/20/2007 1:12:16 AM

best solution to this:

no encryption whatsoever

use something like pfSense

use a captive portal (i.e. chili!soft or something else)

have it authenticate against a RADIUS server configured to auth against your active directory domain

this is what i do

that way i can even make temporary user accounts that expire after, say, a day or so, if i have family over or something

11/20/2007 3:17:53 AM

Quote :

"have it authenticate against a RADIUS server configured to auth against your active directory domain"

haha yeah cause we all run domains at our house

11/20/2007 7:59:51 AM

Quote :

"sure you can spoof it but if you have to find the 10 or so good ones out of 16^12 possibilities or 16^10 since the first two are almost always 0 = thats 1.1 * 10^12 possibilities i really dont see why this is a bad idea"

if you're scanning traffic for key broadcasts, you have mac addresses too.

11/20/2007 9:16:13 AM

Quote :

"There is NO ... I repeat, NO reason to have SSID disabled or MAC filtering if you're using WPA2."

Why not? Doesn't it add another layer of protection? Are you assuming that no one will ever be able to hack WPA2?

11/20/2007 9:49:30 AM

nobody is going to bother on a home network...and it's so easy to just find somebody still using WEP if you want to hack into something that they'll leave you alone just for running WPA or WPA2

11/20/2007 9:57:34 AM

so youre saying not broadcasting the SSID serves a purpose, but its overkill if you're running WPA2?

Does character length of the WPA/WPA2 passkey have anything to do with the security of the network? Or is it just used to generate an encryption key and therefor the length doesn't matter?

11/20/2007 10:12:42 AM

Exactly, it's way overkill. And even though you don't broadcast the SSID, it's still possible to sniff it and then you might as well never have hidden it to begin with. Oh, and the whole MAC filtering, all one has to do is sniff the air again and look for which MAC floating around is talking to the WAP you wish to connect to. Then it's a simple matter of spoofing your own MAC to match it.

WPA2 provides very legit and secure encryption, it would take years of time to crack it. Btw, you're right, use a LONG passkey, the longer the more secure.

[Edited on November 20, 2007 at 3:25 PM. Reason : .]

11/20/2007 3:24:36 PM