You probably have a router or firewall device on your network – the little box that your DSL or cable modem plugs into. Make sure you’ve changed the default password on the router!
Virtually every router is designed to display a control panel when you put in its IP address. When you set up the router, it probably asked you to change the default password. It’s a chore that needed to be done; you should double-check your records to be sure.
You can check for yourself. Click on Start / Run, type in CMD and hit Enter. In the black window, type in
and hit Enter. Make a note of the Default Gateway – something like 192.168.1.1, right?
Then open Internet Explorer and type that address in:
http://192.168.1.1 (or whatever your gateway address is)
You’ll be prompted for a login name and password. If it’s your network, you should know what that is! Here’s two common defaults:
- Linksys: user name blank, password admin
- Netgear: user name admin, password password
Naturally, it’s easy to find lists of default passwords for hundreds of routers.
This comes to mind because the researchers found a new twist in some malware recently: if you run the malware by an ill-advised click on a popup window on the Internet, the malware tries to log into the router using a memorized list of default user name and password combinations. If it’s successful, the malware changes the router’s DNS configuration so all your Internet traffic is passed through the bad guys’ network. Here’s a Washington Post blog about the exploit.
I haven’t run into this in the real world, and you might be protected against it – the malware won’t get a chance to run on a system with up to date security software. But it’s a precaution that deserves a couple of minutes of attention – just one more way for inventive bad guys to make life difficult.
[Note to my clients: if I set up your network or your router, I took care of this. Go back to work.]