TechSpot

iPhones and Router Security

By MrDJ009
Jan 27, 2009
  1. I've had a Dlink DI-624 router set up for 4 1/2 years with 128 bit WEP security which uses a 26 byte security key. I am aware that WEP is not bullet proof and there is software that can penetrate it if a determined intruder want's to gain access to my wireless. Recently my nephew dropped by to show off his new iPhone and informed me that it has WiFi and he he could use my router to connect to the Internet. His iPhone then finds my SSID and prompts for a password. Since my nephew doesn't know anything about my security configuration, I was confident that his attempt to access my router would be blocked when he couldn't provide the required security key. Ha! He then enters something, which I later found out was my telephone number, and bam he has Internet access, obviously bypassing my WEP security. He had been told he could access the internet this way by my DSL service provider, Verizon.

    My question is a simple one: Is there some kind of a back door that Apple and/or Verizon can use to bypass basic router security? Is this a Dlink issue or are all routers at risk? If anyone can shed any light on this situation please enlighten me. :(
     
  2. LNCPapa

    LNCPapa TS Special Forces Posts: 4,210   +424

    Are you sure he was actually using your WAP to access the internet and not just the 3g or Edge networks? He should not be able to access it by simply entering your phone number if that is not the passphrase for your network.
     
  3. MrDJ009

    MrDJ009 TS Rookie Topic Starter

    I am sure. To verify I connected to my router's status page which shows the wireless clients currently attached. His iPhone's MAC address was listed and my routers log showed that it was attached and an IP address had been assigned by my DHCP server. I couldn't believe it.
     
  4. jobeard

    jobeard TS Ambassador Posts: 9,318   +618

    Is your DSL modem WiFi also? that would give two interfaces for access --

    be sure DMZ is off, no virtual servers are enabled, change the admin password.

    should also 'block WAN Ping,' disable gaming mode (at least for now)
     
  5. MrDJ009

    MrDJ009 TS Rookie Topic Starter

    The DSL modem is not wireless. DMZ and WAN ping are disabled. I do have two virtual servers enabled to allow Internet access to my NAS server. FTP is enabled on port 21 and HTTP is enabled on port 1024. I don't see how the virtual servers relate to the problem at hand. I'm concerned about how an unauthorized wireless client can connect to my router and steal my broadband.
     
  6. jobeard

    jobeard TS Ambassador Posts: 9,318   +618

    I would be concerned too!

    The comment re virtual servers only points to ports thru which an attack might succeed.

    Your DSL modem might be susceptible to an iPhone, but your router would not be.
    If your router log shows the access, then I would start questioning the router configuration.

    The Dlink-624 has MAC Filtering, so I would immediately add the MAC addresses
    of your devices and set Allow Only.

    Your dear friend has the tool to continue testing this issue and we would all like to
    see your progress!
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...