wired/wireless security

[Jim March]

One way a hardware router can go seriously wrong and screw you is if
you have any Windows clients on the router that catch a certain class
of virus/trojan/creepware.

Basically there's some of these things that look for routers locally
at 192.168.0.1 and other "usual suspect" IP addresses, try to ID the
make of router and based on that try to log into them with a list of
known default usernames/passwords.

If they get in, they re-jigger them so as to make the world look
screwball for all users connected to that router, be they Linux,
Windows or Mac or whatever.  A common trick is to make phishing URLs
look like the real URLs to banks and the like.

As far as I'm aware, doing a router hard reset with a toothpick to the
"hidden button" in the back will flush that sort of idiocy out.

When you set up a router for yourself or somebody else, always change
the default admin password on it, to block this sort of craziness.
Note that this is separate from the WiFi access password (WPA or WEP).
 You want to cover that too of course (and use WPA unless you have a
non-WPA-compatible device!).

Jim