Sunday, 16 September 2007

Wireless Broadband / No Security

I called in at a friends house Saturday, he’d just had his broadband package updated and moved from a broadband modem to a wireless router based system. After checking out the security for him these were my findings:

1. His computers are connected to the router via Ethernet cable, he has no need for the wireless capability of the browser.
2. Yet it was switched on at the router.
3. The wireless on the router was totally unsecured.
4. The router was accessible from the internet and there was NO administrator password required.

He installed this router himself, following the instructions provided by the ISP. It seems that either the ISP does not know about how to correctly install a broadband router, or the ISP couldn’t be bothered to get decent installation instructions written.

To be honest I was disgusted. It took all of 5 minutes to secure his system properly and to show him what what was required. The lesson is do not trust your ISP to give a damn about your security, even though it may affect their network.

"Every mile is two in winter." - George Herbert

No comments: