Reply to post: Re: The default IP Addresses just as bad

Home Wi-Fi security's just as good as '90s PC security! Wait, what?

Anonymous Coward
Anonymous Coward

Re: The default IP Addresses just as bad

Well, the address ranges can't be helped. 192.168/16 is the designated C-class private address range. Any router outside yours that gets such an address is supposed to drop it, so it's a security feature. Even if your router tried a different address (BTW, most allow you to set it within reason), it wouldn't be hard for a malware to do an exhaustive search of 65,536 possible IPs, plus most can figure it out based on the victim's own IP (which normally has to have the same subnet to be visible on the router's network). The attack you describe appears to be based on cross-site scripting and can probably be mitigated by two things: (1) a router with a short timeout period, meaning an attempt to hit the router discretely results in either a password prompt or a 401 error, and (2) a browser savvy to XSS attempts.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019