Bright House's insecure Wireless Home Networking solution
As Bright House starts to roll out it's Road Runner Lightning service, the "Wireless Home Networking" solution that is bundled with it for free will begin to gain more traction. This will, unfortunately, mean plenty of wireless networks in Central Florida with insecure wireless settings.
Wireless settings such as SSID, pre-shared key, and allowed protocols are pre-configured by Bright House for your cable modem/router box and cannot be overridden. Attempting to change them within the router's administration control panel will seem to work for a few hours, but Bright House regularly resets your router's configuration back to its default settings. Bright House will not change your settings either, so you're stuck with whatever network name and password they gave you.
The default wireless protocol allowed is only WPA (WPA2 is available with the Surfboard wireless modem they gave me, but is disabled by default, for some reason).
The password for my router (and I'm assuming everyone else's) is a random eight digit passphrase. All numeric, no letters, spaces, special characters, anything. This means less than 100 million possible passwords, making it rather trivial to brute force your neighbor's wireless network with something like aircrack-ng. Devote some time to it, it's not like he can change it once he realizes someone is using his service.
The SSID name for Bright House WNS routers follows a predictable pattern that makes it easy to identify vulnerable routers. Mine looks like "BHNSBG6580????", which breaks down to "BHN" for Bright House Networks, "SBG6580" for the model number of the cable modem/router they gave me, and the last four characters of the MAC address of the router.
So if you see an access point nearby starting with "BHN" and looking similar to the one above, you can guess it's probably configured for WPA only and has an 8-digit numeric-only pre-shared key. Happy snorting!
I guess on the plus side, forcibly making the wireless access this easy to crack can add some plausible deniability if you're ever sued for downloading movies/music illegally.
Wireless settings such as SSID, pre-shared key, and allowed protocols are pre-configured by Bright House for your cable modem/router box and cannot be overridden. Attempting to change them within the router's administration control panel will seem to work for a few hours, but Bright House regularly resets your router's configuration back to its default settings. Bright House will not change your settings either, so you're stuck with whatever network name and password they gave you.
The default wireless protocol allowed is only WPA (WPA2 is available with the Surfboard wireless modem they gave me, but is disabled by default, for some reason).
The password for my router (and I'm assuming everyone else's) is a random eight digit passphrase. All numeric, no letters, spaces, special characters, anything. This means less than 100 million possible passwords, making it rather trivial to brute force your neighbor's wireless network with something like aircrack-ng. Devote some time to it, it's not like he can change it once he realizes someone is using his service.
The SSID name for Bright House WNS routers follows a predictable pattern that makes it easy to identify vulnerable routers. Mine looks like "BHNSBG6580????", which breaks down to "BHN" for Bright House Networks, "SBG6580" for the model number of the cable modem/router they gave me, and the last four characters of the MAC address of the router.
So if you see an access point nearby starting with "BHN" and looking similar to the one above, you can guess it's probably configured for WPA only and has an 8-digit numeric-only pre-shared key. Happy snorting!
I guess on the plus side, forcibly making the wireless access this easy to crack can add some plausible deniability if you're ever sued for downloading movies/music illegally.