Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: Attention - BT HomeHub Users  (Read 12679 times)

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 33879
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Attention - BT HomeHub Users
« on: April 24, 2008, 10:30:46 AM »

Copied from Rizlas post  here

Quote
The BT HomeHub in common with many ISP-supplied routers comes with the wireless security preconfigured. By that I mean there is a SSID and a WEP/WPA Key preconfigured in the router before it is shipped. There will usually be a sticker on the router with something like this on it :

Default SSID = BTHomeHub-8DF3
Default WEP/WPA Key = 06f48a28eb

Now neither the SSID or Key are chosen randomly or sequentially so the next router in the sequence wouldn't necessarily be BTHomeHub-8DF4 but it could be. Basically the ISPs use some sort of predictable algorithm to generate the Key and the SSID, both of which should hopefully be unique.

The only sensible way to generate the key is really from the router's serial number and that's what they generally do.

Now here's the bombshell.

The way that BT implemented this has a glaring vulnerability.

This means that you can take a default SSID like BTHomeHub-8DF3 and derive a list of possible keys from the SSID and a knowledge of the serial number structure (eg CP0647EH6DM(BF)). In the case of the BTHomeHub there would be 80 possible keys which would take very little time to try.

This is so important it is worth shouting :

IF YOU USE THE DEFAULT SSID/KEY IT MAKES NO DIFFERENCE WHETHER YOU USE WEP OR WPA! YOU ARE VULNERABLE

This isn't unique to BT - Orange in Spain use ST585v6 routers preconfigured to use WPA. A tool exists which will narrow the choice of keys down to two!

What should you do?

Simply change the SSID and WEP/WPA key to something else.

If you are using WEP then try using WPA instead as WEP is not secure.

More reading - http://www.gnucitizen.org/blog/default-key-algorithm-in-thomson-and-bt-home-hub-routers/


Discussion in this thread
Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker