iPhones and Router Security

Status
Not open for further replies.
M

MrDJ009

I've had a Dlink DI-624 router set up for 4 1/2 years with 128 bit WEP security which uses a 26 byte security key. I am aware that WEP is not bullet proof and there is software that can penetrate it if a determined intruder want's to gain access to my wireless. Recently my nephew dropped by to show off his new iPhone and informed me that it has WiFi and he he could use my router to connect to the Internet. His iPhone then finds my SSID and prompts for a password. Since my nephew doesn't know anything about my security configuration, I was confident that his attempt to access my router would be blocked when he couldn't provide the required security key. Ha! He then enters something, which I later found out was my telephone number, and bam he has Internet access, obviously bypassing my WEP security. He had been told he could access the internet this way by my DSL service provider, Verizon.

My question is a simple one: Is there some kind of a back door that Apple and/or Verizon can use to bypass basic router security? Is this a Dlink issue or are all routers at risk? If anyone can shed any light on this situation please enlighten me. :(
 
Are you sure he was actually using your WAP to access the internet and not just the 3g or Edge networks? He should not be able to access it by simply entering your phone number if that is not the passphrase for your network.
 
I am sure. To verify I connected to my router's status page which shows the wireless clients currently attached. His iPhone's MAC address was listed and my routers log showed that it was attached and an IP address had been assigned by my DHCP server. I couldn't believe it.
 
Is your DSL modem WiFi also? that would give two interfaces for access --

be sure DMZ is off, no virtual servers are enabled, change the admin password.

should also 'block WAN Ping,' disable gaming mode (at least for now)
 
The DSL modem is not wireless. DMZ and WAN ping are disabled. I do have two virtual servers enabled to allow Internet access to my NAS server. FTP is enabled on port 21 and HTTP is enabled on port 1024. I don't see how the virtual servers relate to the problem at hand. I'm concerned about how an unauthorized wireless client can connect to my router and steal my broadband.
 
I would be concerned too!

The comment re virtual servers only points to ports thru which an attack might succeed.

Your DSL modem might be susceptible to an iPhone, but your router would not be.
If your router log shows the access, then I would start questioning the router configuration.

The Dlink-624 has MAC Filtering, so I would immediately add the MAC addresses
of your devices and set Allow Only.

Your dear friend has the tool to continue testing this issue and we would all like to
see your progress!
 
Status
Not open for further replies.

Similar threads

midian182
Mystery of LG washing machine using 3.6GB of data daily could have a simple explanation
2
Replies
37
Views
712
ZedRM
ZedRM
D
Microsoft BitLocker encryption cracked in just 43 seconds with a $4 Raspberry Pi Pico
Replies
18
Views
457
bviktor
B
Jimmy2x
  • Locked
"My Pillow Guy" unveils his lofty plan to prevent election fraud and it involves drones
2
Replies
27
Views
1K
scavengerspc
scavengerspc

Latest posts

Back