I saw this story on /. or digg earlier this week. I can't source it any better than that.
Months ago I hijacked my neighbors LinkSys Wireless Router, reconfigured it by calling it my own and blocked all other users from using it except myself.
Am I a hacking genius? Do I have mad skills which allow me to read streams of code on a monitor as we saw in the movie “The Matrix”? Perhaps I am some 14 year old malicious kid pounding away on my keyboard with Cheese Puff stained fingers!
Not quite! What I am is a computer user who went to Best Buy, like you probably did and picked up a new LinkSys Wireless Router because my old one died.
I plugged in the new wireless router and used my wireless XP computer to automatically connect me to the default “linksys” router. Being the security conscience person that I am as soon as I was connected I went ahead and personalized the router.
I started by renaming the router from “linksys” to a more personalized name. I turned off SSID broadcasting and ensured I turned on wireless encryption. I even went to the point where I turned on MAC filtering and personalized the router just for my MAC addresses.
Over the past few months the router would seem to go off and on at odd times but I would say I had 95% uptime with a solid internet connection. As I have 3 wireless computers, a Wireless Tivo and an Xbox 360 all using my personalized wireless connection I never gave my network a second thought.
Early this morning I needed to add a new computer to the network. This time the computer was hardwired via an Ethernet cable directly to my LinkSys router. I literally plugged the computer into the router and right away I had an Internet connection.
What I wanted to do was share-out my drives so the new computer could read data off of other computers on the network but for the life of me I could not figure out why the new computer on the network could not see any of my other computers.
All the other computers could see each other just fine and sharing has never been a problem with me in the past. I checked to see if they were all on the same IP block and that nothing was causing conflict.
Since I only setup MAC Filtering for Wireless I did not think I needed to do anything special with the new computer.
Either way, I decided to log into the LinkSys administrative screen using my existing wireless laptop. With my web browser I typed in the default Gateway IP address (192.168.1.1) that took me to the LinkSys login. I typed in my username and super strength password which then took me to the configuration screens that I had not seen since I setup the router for the first time.
I looked around, clicking away at all the options and I could not see where I was going wrong. Then I started to get a hunch. I clicked my way over to the DHCP Client Table list and took a look at all the IP addresses. It became clear to me my new computer was not on the same network as all the other computers in the house.
So what gives?
Using my new computer I popped open the browser and typed in the default gateway as I had done before. I was taken to the same LinkSys login page but this time when I typed in my username and my super strength password it would not authenticate me.
Just to make sure I was not loosing my mind I reentered the password several times. I even looked at the Ethernet cable on my floor and followed both ends of the wire. I was sure the new computer was plugged into my router.
On my laptop I could log-in to the router using the same IP but with the PC that is hardwired to the router I was getting an authentication screen but could not log in.
It then dawned on me; my Laptops are not wirelessly connected to my router. I must be connecting to another router and if this is the case I must have hijacked someone else’s router and configured it as my own.
To confirm this, I typed in the default username and password that comes with LinkSys using my hardwired PC and I immediately authenticated. It turned out I was right, unintentionally several months ago I had taken over someone else’s router and locked it down.
Considering I had locked this other router down so tight and that there was no way anyone could connect wirelessly I wondered why this person never took the router off line.
Then I realized it was possible he could be connecting using an Ethernet and if he did that it was possible he could see any of my shared files on the network.
I got that panic feeling where I realized I had just left the front door open to all my files for several months. So just to make sure, I went back to the DCHP Client Table on this person’s router and looked for any extra devices apart from my Tivo Wireless, Xbox and laptops.
As it turned out the only devices connected to the network were my own. Phew, what a relief! It appeared I was the only person using that router.
Going back to the question as to why that person never shutdown his router if they could not use it I realized that if I got confused as to whose router I was using, perhaps this person was confused as well.
Using my new computer which is physically connected to my real router I took a look at the DHCP Client Table. It turned out that this person had been using my router.
Hey what a jerk, he’s hijacking my router!
Sine my router has been sitting here pretty much un-configured out of the box, I found that a few of my neighbors took some interest and have been using my wireless router for their wireless internet access as well.
Looking at the DHCP Table, it appeared I was serving up quite a few of my neighbors with free wireless access.
I spent another 30 minutes doing some quick housekeeping work. I released control of his router by setting it back to the default settings. I then regained control of my router and booted everyone off and in the end I was able to view the new computer on my network.
Moral of this story, in a world where we all shop at the same stores and buy the same wireless equipment it is very easy to unintentionally hijack someone’s wireless connection. Thus, peoples files are not as safe as they think they are!