The Dark Sniper wrote:
> And what do you suppose might happen if I take my laptop, connect to
> his network, type in 192.168.1.1 (or do a host scan and look for a
> dhcp server) login useing the default router password ( a quick google
> search), enable WPA TKIP, add a password and enable MAC address
> filtering so only my laptop could use it? What happens then

1. Why do you need to run a host scan to find the DHCP server? If you
receive an IP then your computer already knows the server that handed it
out. Actively searching for it is too much work.
2. Just because there is no authentication on the wireless doesn't mean
that the router itself doesn't have a password or is set to the default
password.
3. If you do manage to login and change something then all he has to do
is push a button to reset it as he has control of the physical hardware
and you don't.

I run several wireless networks for several public hotspots and not once
has anyone compromised the security of the devices. Of course, users
are on their own when it comes to securing their devices. The systems
that I have attached to the open wireless have had several attempts to
gain access but nobody has had success.

The moral of this story folks is that open doesn't mean insecure.

--Blaine

[ reply ]