Go Back   NETGEAR Forums > Home Products > Wireless Networking Products for SOHO applications > Wireless Router & Modem Gateways > 802.11b/g/n Routers > All 802.11 b/g/n Routers

Reply
 
Thread Tools Display Modes
  #1  
Old May 30th, 2012, 06:19 AM
CaptsCove CaptsCove is offline
Junior Member
 
Join Date: May 2012
Posts: 4
CaptsCove is on a distinguished road
Exclamation hacking into my router

We have a small business and offer free wifi to our customers. We have a netgear router and have service through our local cable company. Yesterday we started getting complaints that when someone tried to go online a message popped up "$2 shots tonight"!! Obviously someone hacked (if that is possible) and I need to figure out how to stop it! The actual router is up in the rafters, so it is impossible for them to physically do anything to it. So I am assuming there is a way to do it online!? I am not very computer savvy and would have no way to figure out how! It is not password protected, because it is supposed to be free to our customers!

Any help from anyone would be appreciated!
Reply With Quote
  #2  
Old May 30th, 2012, 07:19 AM
readysecure1985 readysecure1985 is offline
Junior Member
NETGEAR Newbie
 
Join Date: Jul 2011
Posts: 22
readysecure1985 is on a distinguished road
Default Re: hacking into my router

There are two passwords when dealing with a wireless router. The wireless password is the one you are looking at leaving open for customers. The management password is the one you want to make sure is secure to prevent stuff like this from happening. I would suggest changing your admin password as a start.
Reply With Quote
  #3  
Old May 30th, 2012, 08:31 AM
jmizoguchi's Avatar
jmizoguchi jmizoguchi is offline
Senior Member
NETGEAR Fanatic
 
Join Date: Feb 2007
Location: Kentucky, USA
Posts: 95,282
jmizoguchi is on a distinguished road
Default Re: hacking into my router

Look at guestgate.com
This device perfecto add it your 3700 to make 100% hot spot . I used it works great
__________________
VPN Case Study (www.vpncasestudy.com)
Our Second To None VPN Related Setup Case Study
"One Stop Solution To Your Netgear VPN Connectivity"
*Visit the site for Non-VPN related Doc & Links* [Windows & Mac user/support]

Most Other Useful Docs -"General Technical Documentation", "Router Reset", "Router Setup", "Print Server Tips", "Remote Admin"
"Wireless Tips"


Forum Policy

June Mizoguchi-i....@vpncasestudy.com
Reply With Quote
  #4  
Old May 30th, 2012, 01:38 PM
fordem fordem is offline
Senior Member
NETGEAR Fanatic
 
Join Date: Nov 2006
Posts: 7,194
fordem is on a distinguished road
Default Re: hacking into my router

I see no evidence that anyone has "hacked" into your router (or network) - where did this message "pop up"? On someone's computer, maybe in their browser? That's no evidence that the router or network has been hacked, the most common cause of such popups is "malware" on the computer on which the message was seen, and this can easily be picked up by a user browsing to certain types of website, and/or downloading pirate copies of software, music, videos, porn, etc. Malware can also be transferred via email.

The next thing I want to raise, is that with an unprotected network, such as you describe, any of your customers, in fact anyone within range of your wireless router has free access to your network, they don't need to "hack" into it, because you have made it available to them.

Businesses wishing to provide free wifi internet to their customers should do so via a network completely separated from their business network.
__________________
Give a man a fish, feed him for a day
Teach a man to fish, feed him for life.

Last edited by fordem; May 30th, 2012 at 01:55 PM.
Reply With Quote
  #5  
Old May 30th, 2012, 01:54 PM
fordem fordem is offline
Senior Member
NETGEAR Fanatic
 
Join Date: Nov 2006
Posts: 7,194
fordem is on a distinguished road
Default Re: hacking into my router

Quote:
Originally Posted by readysecure1985 View Post
There are two passwords when dealing with a wireless router. The wireless password is the one you are looking at leaving open for customers. The management password is the one you want to make sure is secure to prevent stuff like this from happening. I would suggest changing your admin password as a start.
Changing the admin password will prevent unauthorised access to the router's admin pages - it will not prevent "stuff like this" from happening.

The first thing that needs to be done is to determine the source of the popup - and if it is, as I suggested, malware, then - securing the router, even securing the wireless will not prevent such infections, user education would be a good place to start, along with a good malware protection program.
__________________
Give a man a fish, feed him for a day
Teach a man to fish, feed him for life.
Reply With Quote
  #6  
Old May 30th, 2012, 10:51 PM
Mars Mug's Avatar
Mars Mug Mars Mug is offline
Moderator
NETGEAR Fanatic
 
Join Date: Nov 2006
Location: Stevenage UK
Posts: 12,450
Mars Mug is on a distinguished road
Default Re: hacking into my router

As I have found while staying at a number of hotels that offer free Internet access either wired / wireless or both, the hotel takes no steps at all to protect their customers (or anyone else using the network from outside).

So a simple network scan will reveal all computers on the LAN, many of those computers will still have the Windows default settings for printer and file sharing, there may be directories that the computer owner has set to share and they are using the default workgroup names. Basically there will be plenty of unprotected computers for someone on the LAN to scan and abuse.

So while it is clearly sensible to protect the router from access, and to separate it from the business network, if you want to protect your customers (from each other) you need a more intelligent setup.
__________________
I don't work for Netgear.

My name is Andy.
Reply With Quote
  #7  
Old May 31st, 2012, 04:23 AM
Scubbie's Avatar
Scubbie Scubbie is offline
Senior Member
NETGEAR Addict
 
Join Date: Jun 2011
Location: Hampshire, England
Posts: 1,110
Scubbie is on a distinguished road
Default Re: hacking into my router

Quote:
Originally Posted by Mars Mug View Post
So while it is clearly sensible to protect the router from access, and to separate it from the business network, if you want to protect your customers (from each other) you need a more intelligent setup.
Would a Guest Network, with Wireless isolation not do this?
Reply With Quote
  #8  
Old May 31st, 2012, 05:11 AM
Mars Mug's Avatar
Mars Mug Mars Mug is offline
Moderator
NETGEAR Fanatic
 
Join Date: Nov 2006
Location: Stevenage UK
Posts: 12,450
Mars Mug is on a distinguished road
Default Re: hacking into my router

Quote:
Originally Posted by Scubbie View Post
Would a Guest Network, with Wireless isolation not do this?

In that particular situation (a wireless only connection for customers) it probably would, for mixed wireless / wired networks there may be a little more involved. I can't remember if the '3700 offers a guest network?
__________________
I don't work for Netgear.

My name is Andy.
Reply With Quote
  #9  
Old May 31st, 2012, 07:44 AM
CaptsCove CaptsCove is offline
Junior Member
 
Join Date: May 2012
Posts: 4
CaptsCove is on a distinguished road
Default Re: hacking into my router

What it looks like is someone changed the name of our wifi to "$2 shots tonight". I just had one of our managers try to access the internet via her iPhone and that is what popped up instead of our business name.

Also, the wifi for our customers is totally seperate from our business network.
Reply With Quote
  #10  
Old May 31st, 2012, 07:57 AM
fordem fordem is offline
Senior Member
NETGEAR Fanatic
 
Join Date: Nov 2006
Posts: 7,194
fordem is on a distinguished road
Default Re: hacking into my router

Yes - it is a possibility that someone changed the SSID of your wireless to "$2 shots tonight", and if there was no admin password set on the router, that would be very easy to do - I will also admit that I have been tempted to pull similar pranks on occassion.

However - and this is what I have an issue with - your test method proves nothing - your manager's iPhone would probably not have had a wireless profile for a wireless network called "$2 shots tonight", and is just as likely to be connecting to some-one else's network as it is yours.

Physically connect a computer to the router, log in to it via the ethernet and see if changes have been made, if they have, correct them, and set an admin password - until you're connected by ethernet you're really just guessing whose network you're connected to.
__________________
Give a man a fish, feed him for a day
Teach a man to fish, feed him for life.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT -8. The time now is 05:33 PM.