W. H. Heydt wrote: ↑
Tue Oct 02, 2018 4:18 am
Basically, anything with a default ID and password is vulnerable. If it can take a connection from the outside, doubly so. There were articles about various models of router having these sorts of vulnerabilities, but I don't recall reading anything about APs or range extenders specifically.
Just change the default administrative password. Change the ID if you can (not all routers permit that). Use the best WiFi security your router/access point/extender has. If you're really concerned, go wired.
Valuable info there on routers in general , and I would add a few extras :-
In router admin , disable WPS , or whatever your router calls that "handy" button that enables quick connection
of new hardware ( eg new printer , mobile device of a friend / visitor ).
It's a security nightmare which is exploitable by anyone within wifi range .
Likewise , disable " broadcast SSID" if it's possible in your router admin ...... Why ?
Because popular routers all over the world come out of the box with unbelievably stupid defaults
eg. user := "user" , admin := "admin" or "changeme "
That is still the case with Comcast routers and was also true of Virgin Media routers , last time I worked in UK .
So it makes it a gift to hacker , who only has to scan wifi networks in the vicinity , and pick the low-hanging fruit .
Keep in mind that if you are using an ISP provided router , of any make or type , it is them in control of the device , not you .
The remedy is as simple and cheap as buying a basic router and putting it in between your equipment and their router .
And there are some great Pi projects for home-made routers ..... what a surprise !