Menu
Reply
  • 2
  • 0
  • 0
kpnutz954
Joining in
1,478 Views
Message 251 of 260
Flag for a moderator

Re: Virgin Media WiFi Security

Hi Tim

Thanks, i am aware it is new to the public today, it has been as pointed out with the manufactures since August, think i should have started a new post on this, as was only able to find this post when i first posted it.

Next time i will start a new post rather than tag on to another .

Karl

0 Kudos
Reply
  • 15.27K
  • 843
  • 5.56K
Superuser
Superuser
1,402 Views
Message 252 of 260
Flag for a moderator

Re: Virgin Media WiFi Security

@kpnutz954 I'll let you off.

I have had a quick read of the abstract, and based on what I can see, it's actually a vulnerability in the WPA2 standard itself, but it's actually used against wireless clients, not routers.  For example, take note of this comment here in the Abstract

Notably, our attack is exceptionally devastating against Android 6.0: it forces the client into using a predictable all-zero encryption key

The initial handshake used to set up the connection is unencrypted.  So the attackers capture the packets they need and modify the packets used in the third part of the handshake.  They then replay these modified packets out and the client picks them up and is tricked into performing the final part of the handshake again.

Note as well that the CVE states that this affects all devices that are implementing the WPA2 standard correctly.  So to defeat this, the patches are actually going to need to modify step 4 of the handshake.  But they need to do that without compromising the WPA2 standard as a whole/

Tim

________________________________________


Only use Helpful answer if your problems been solved.

0 Kudos
Reply
  • 115
  • 11
  • 25
mr_ian
Up to speed
1,364 Views
Message 253 of 260
Flag for a moderator

Re: Virgin Media WiFi Security

A solution is already available and AFAIK is not so complex.  But will probably take months to get implemented, and is most likely to be implemented very quickly for clients (esp. Windows/OSX/Linux). 

In the meantime don't worry, because it's not a hack that can be implemented via the internet - someone would need to be outside your house and mimic your SH.  Websites using HTTPS would still be secure, and there is no need to change your Wifi password (it is not revealed in the hack)

  • 2
  • 0
  • 0
ajska
Joining in
1,134 Views
Message 254 of 260
Flag for a moderator

Re: Virgin Media WiFi Security

Not sure if anyone has mentioned this, but your password to log into the hub uses http - so the password is sent in clear text and can be 'sniffed' by a packet analyser. Can't see an obvious method to change this on my hub.

Cheers

AJ

0 Kudos
Reply
  • 18.69K
  • 1.83K
  • 3.38K
Superuser
Superuser
1,124 Views
Message 255 of 260
Flag for a moderator

Re: Virgin Media WiFi Security


ajska wrote:

Not sure if anyone has mentioned this, but your password to log into the hub uses http - so the password is sent in clear text and can be 'sniffed' by a packet analyser. Can't see an obvious method to change this on my hub.

Cheers

AJ


Certificate authorities won't issue security certificates for router admin page addresses, and you have to be already connected to the home network in order to use the admin password.

**********************************
I work for Virgin Media - but all opinions posted here are my own
0 Kudos
Reply
Highlighted
  • 10.46K
  • 944
  • 2.18K
griffin
Alessandro Volta
1,116 Views
Message 256 of 260
Flag for a moderator

Re: Virgin Media WiFi Security


ajska wrote:

Not sure if anyone has mentioned this, but your password to log into the hub uses http - so the password is sent in clear text and can be 'sniffed' by a packet analyser. Can't see an obvious method to change this on my hub.

Cheers

AJ


If logging on wirelessly the password would be encrypted using the wireless encryption method  being used and good luck sniffing wired traffic.

0 Kudos
Reply
  • 15.27K
  • 843
  • 5.56K
Superuser
Superuser
1,112 Views
Message 257 of 260
Flag for a moderator

Re: Virgin Media WiFi Security

To echo what Griffin says you'd be hard-pressed to sniff a wired connection directly to the hub.  Wireless is subject to encryption anyway.

Note:  If you are really that paranoid you could use https://192.168.0.1 instead, but because Arris uses certificates that are not properly signed (because you can't issue certificates for localhost)  Google will throw up a warning that it's insecure - (It's not - although it does only use a 1024bit cipher for the encryption).

Tim

________________________________________


Only use Helpful answer if your problems been solved.

0 Kudos
Reply
  • 2
  • 0
  • 0
ajska
Joining in
1,102 Views
Message 258 of 260
Flag for a moderator

Re: Virgin Media WiFi Security

yep  but i was thinking more of landlord/HMO situations or where your kids share the wireless connections with their mates - there are ways around this (only administer the hub via a wired connection, as you suggest) , most people may not realise that people could get to see the the password if they're logged into the wireless network.

0 Kudos
Reply
  • 115
  • 11
  • 25
mr_ian
Up to speed
764 Views
Message 259 of 260
Flag for a moderator

Re: Virgin Media WiFi Security

A bit confused.  The wifi password is different to the admin password (or should be!!).  If you don't want to share your wifi password you can use WPS instead.

If you're accessing the admin page via the internet then it is https on port 8443, though as already said there will be no certificate to validate it.

0 Kudos
Reply
  • 146
  • 5
  • 6
Jacevoor77
Up to speed
312 Views
Message 260 of 260
Flag for a moderator

Re: Virgin Media WiFi Security

heres one thats been doing my head in my neigbours  hub 3 wifi light was flashing non stop and its slow wifi  there called tech support all saying its fine 

so i put mine in router mode as i own a better router  

after a bit mine is flashing non stop  mmm ok strange its never done that before   

poking aroud in the hub settings i notice wps setting on   thats a no on any router  and def not on a isp hub 

turned the wps setting off 

turn hub 3 off  then on 

its done no more flashing 

how many fails can the hub 3 have without the correct wps pin before its on lockdown 

 

any one eles have a non stop flashing wifi light on hub 3   

also notic on iphone 6 if your in the wifi setting on the iphone only reboot the hub 3 

and watch your wifi  name pop up with out the padlock for few seconds then hub does something la la lights 

you now have a padlock next to the name 

how safe is the hub 3  

0 Kudos
Reply