[ale] OT: What the hell is XSS in Comcast land?

Ron Frazier (ALE) atllinuxenthinfo at techstarship.com
Mon Aug 12 12:55:11 EDT 2013


I wasn't clear on whether the wifi involved was yours or the neighbor's.  In any case, if you have access to the control panel of the router, turn on wpa2 with a 64 (or is it 63?) char random password.  That will prevent any snooping and prevent anyone changing things by wifi who's not authorized to be on that wifi.  Once that's done, you can administer the router by wifi without worry if you wish.  You may wish to set that original wpa2 password by using a wired connection, lest anyone is snooping on you while you're setting it.

If you have access to it, change the admin password on the comcast box, unless they need it constant, or unless it changes frequently anyway.

Sincerely,

Ron



"Lightner, Jeff" <JLightner at water.com> wrote:

-snip-

>
>What was really disturbing to me was that this admin page is available
>via WiFi connection rather than requiring direct wired connection.  
>I'd rather prefer people with cantenna's not be able to not only steal
>WiFi but actually be able to lock out the real user by changing
>security information.   (It of course drops the currently connected
>WiFi session when you do the change of SSID but then you log back in
>with the new SSID and password you set.)
>

-snip-



--

Sent from my Android Acer A500 tablet with bluetooth keyboard and K-9 Mail.
Please excuse my potential brevity if I'm typing on the touch screen.

(PS - If you email me and don't get a quick response, you might want to
call on the phone.  I get about 300 emails per day from alternate energy
mailing lists and such.  I don't always see new email messages very quickly.)

Ron Frazier
770-205-9422 (O)   Leave a message.
linuxdude AT techstarship.com
Litecoin: LZzAJu9rZEWzALxDhAHnWLRvybVAVgwTh3
Bitcoin: 15s3aLVsxm8EuQvT8gUDw3RWqvuY9hPGUU




More information about the Ale mailing list