How can a Hacker Access my Router and Network?

Dennis Faas's picture

Infopackets Reader Dean S. writes:

" Dear Dennis,

I've read that most WiFi routers use weak passwords (example: admin / admin), or none by default. I understand that for security reasons, the router administrator user and password should be set to prevent outsiders / hackers from logging into the router and changing the WiFi settings. On my own router I am connected to it via cable, and can connect by WiFi if I login with the password set for WPA2 security. What I have not been able to understand is how does the hacker connect to the router, and how can they adjust my WiFi settings? "

My Response:

There are many tools available that can be used to sniff out WiFi connections, even if the network is "hidden" (I.E.: the SSID network name is not being broadcast).

Once a network has been discovered, anyone can attempt to login to it, even if it's password protected. That said, most WiFi router passwords can be cracked using another set of tools, regardless of which network security protocol you're using. The most secure network protocol is WPA2 + AES, followed by WPA + AES, then WPA + TKIP/AES, WPA + TKIP, and then WEP. The least secure network is one where no password is used. Note that even the most secure network protocol WPA2 can be cracked, given enough time, resources, and processing power.

How a Hacker can Access Router Settings

Once the network has been discovered and password found, a hacker can gain access to your router settings by visiting the default gateway of the network via a web browser. It should also be noted that once the hacker has access to the router, he also has access to the entire network (including any computer attached to it).

As for the router settings: in your case, you used (presumably) a USB cable to connect to your router in order to adjust its settings. The USB cable is a simplified method of adjusting the settings, but all routers reside on a gateway and are accessible via the web browser (this option is usually on by default, but can be turned off for security reasons). To access the router gateway, you can do the following:

1. Click Start and type in 'cmd' (no quotes) to open a command prompt.

2. To find your default gateway, type in the following:

ipconfig |findstr -i gateway

3. Most likely your gateway is 192.168.0.1. Type in that address in your web browser and you will have access to your router administration page.

What can a Hacker do with Router Admin Access?

Once a hacker has access to your router administration page, he can do many things, including (but not limited to): listen in on all communications, inject malicious content to your web browser, and attack other computers connected to the network, and much, much more.

How to Prevent your Router from Getting Hacked

As I mentioned earlier, most routers can be hacked given the appropriate time and resources -- though it's not a simple process. You can help secure your router and prevent such attacks from happening by upgrading your router firmware (whenever possible), by using the most secure network protocol your router supports, by using very long and strong passwords with no dictionary words, and by turning off remote / web browser based administration (if applicable), and by enabling your router's firewall.

Got a Computer Question or Problem? Ask Dennis!

I need more computer questions. If you have a computer question -- or even a computer problem that needs fixing -- please email me with your question so that I can write more articles like this one. I can't promise I'll respond to all the messages I receive (depending on the volume), but I'll do my best.

About the author: Dennis Faas is the owner and operator of Infopackets.com. With over 30 years of computing experience, Dennis' areas of expertise are a broad range and include PC hardware, Microsoft Windows, Linux, network administration, and virtualization. Dennis holds a Bachelors degree in Computer Science (1999) and has authored 6 books on the topics of MS Windows and PC Security. If you like the advice you received on this page, please up-vote / Like this page and share it with friends. For technical support inquiries, Dennis can be reached via Live chat online this site using the Zopim Chat service (currently located at the bottom left of the screen); optionally, you can contact Dennis through the website contact form.

Rate this article: 
Average: 5 (5 votes)

Comments

gi7omy's picture

Denis,
I use a 16 character password on my router (mixed upper/lower case alphanumeric - 62 possible variations for each character).

The result is a possibility of access in the region of 4.7672402e+28 combinations and, even with a Cray, that would take quite a while to crack.

Daithi

Dennis Faas's picture

Depending on the tools used for the hacking, WiFi communication can be intercepted and then cracked offline. Anyone can rent a supercomputer (Amazon EC2) and crack passwords in a relatively short period of time. CloudCracker can do it as well and I believe it's free.

matt_2058's picture

Using " ipconfig |findstr -i gateway " gave me a long run then closed the window. Plain old " ipconfig " works also.

Michael_Steven's picture

My router can block all devices except the list of my devices MAC address's

Dennis Faas's picture

You can use Wireshark to intercept MAC addresses, then spoof a MAC address with most operating systems. So it's not as secure as you might think, and in fact may be more complicated than what it's worth (considering you would be using it for WiFi).

mydailytechstuff_3149's picture

Hi Dennis,

From what I understand this only applies to localized hack, your wifi local network.

How can they hack my router and get to my computers from the internet (wan)?
I thought they could if they have my public ip but the routers NAT and firewall protects my pcs from that?

Thankyou,

certifiedtech
www.ctechrepair.com