INVITATION TO CYBERSECURITY 248 guest network need to be protected with strong passwords because wireless networks are susceptible to brute-force password guessing attacks. Depending on how many guests use the guest network and how frequently, it may be prudent to change the guest network password periodically to prevent previous guests from continuing to connect to the network without authorization. Once connected to a wireless network, users with login credentials can gain administrative access to the router using their web browser via the default gateway’s IP address. As illustrated in Figure 9.12, this IP address is readily available to anybody that is connected to the network. It used to be common for wireless routers to use a model-wide default username and password, and lists of these default credentials were widely available on the Internet. Fortunately, most wireless routers today ship with unique default administrator passwords. However, they are typically printed on the bottom of the router and could be observed by bad actors. Therefore, either way, people that connect to a wireless network may be able to determine the default password of the router and gain administrative access. Therefore, it is important to change the default administrator password to a unique strong password—definitely one that is different from the wireless network password! Figure 9.12 Wireless network connection details including the default gateway IP. When using wireless networks away from home, users should be especially wary of networks that are not protected with a password. Anybody can join these networks anonymously, and other users of the network can potentially eavesdrop on the metadata being exchanged between the router and other clients. It may also be possible for an attacker to impersonate the router by injecting wireless traffic into the network, and this could trick users into visiting spoofed websites. Users of public wireless networks are also vulnerable to evil twin attacks. An evil twin is a fraudulent wireless network that appears to be legitimate. Evil twins typically broadcast a similar SSID or even the same SSID as the official one at a place of business. There-
RkJQdWJsaXNoZXIy MTM4ODY=