WRT54G2: SSID/passphrase reset?

Discussion in 'Cisco/Linksys Wireless Routers' started by rebel.yell, Sep 8, 2010.

  1. rebel.yell

    rebel.yell Networkin' Nut Member

    I installed a WRT54G2 to a friend of mine some months ago, all fine until yesterday.
    He called me and said that wi-fi was out of order.
    I went to him and I noticed that:

    SSID changed from linksys to PC-Home_User_Network (or something like that)
    Passphrase changed. Security was WPA.

    So, I changed the wi-fi settings like this:
    phassphrase: 10+ char long, alphanumeric (not randomic like 23h2j5he2b5h245 but more simple) and some special chars.
    Security: WPA2+AES.
    Tested with my netbook and all seemed fine.

    today he called me: the problem is still present.

    Is is possible that the central button on the router (the WPS one) can reset wi-fi settings if pushed?

    Is it a security break action?
    I can not to deactivate DHCP server and/or activate MAC filtering: the users are "tech-unfriendly".
  2. badassz34

    badassz34 LI Guru Member

    I find myself in a similar position to yours: I am rebuilding a few systems and a home network now due to malware, and I have already told the user that he and his family do not deserve to even have computers for how poorly they've mismanaged their computers. I can tell them this because we are very close, but I'm still going to give them back their internets. But anyways...

    I don't know the whole situation, but it's not likely that anyone is hacking your freind's network. More than likely is that the user has allowed physical access and/or admin access to another family member or freind and they have changed the settings. I would set a new, very secure password, and absolutely NOT share it with the user/customer/freind. If you're feeling very spiffy you could open up the router and physically disable the reset button to ensure nobody is gaining admin access by resetting it. After locking down the admin account, I would lock down the wireless with MAC filtering, no SSID broadcast, WPA2 AES+TKIP, turn off DHCP server and assign static IP to all devices, and set it to operate on an obscure net/subnet. (by obscure, I mean not typical for smallnets). Also set wireless web admin to off, remote access with an obscure port number above 10000 so you can periodically remote in to check on it, and ensure the user has current virus/malware definitions in his AV/AMW program of choice. In the end, they should be just users, with no special privilege to the router. People who prove they cannot effectively manage their home networks or their computers should never have admin accounts on their computers or know the admin login info for network devices which they could screw up.

    Even a functioning router can have it's network "dissapear" if someone tools around with it, like setting it to G or N only, and the user's device has a B-only wifi card. I have also seen a router die before and the user was just connecting to his neighbor's wifi and he thought his own had been hacked. I know this is going to sound overly elementary, but did you verify that the network was really gone and that the new network was coming from HIS hardware, and not a neighbor's?
  3. rebel.yell

    rebel.yell Networkin' Nut Member

    you were right
    I set up a strong admin password. Now the problem seems resolved.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice