For those of you using a BT Home Hub wireless router, you should be aware of a pretty big security hole discovered of late.

Up until a few weeks ago, the default password being used on the router was “admin”. This is a major security hole in itself. If you are using any wireless router, the first thing you should do is change the default administrator password (if you are unsure how to do this, contact us). Recently, BT changed the default password to use the device’s serial number - a unique string - which seems like a really good idea.

The problem with this solution is that the device volunteers its serial number to anybody requesting the device’s multicast address (224.0.0.113). Such requests can only be sent by machines connected to the local area network. The thing with this is that it isn’t as hard to get on the network as you might think.

The BT Home Hub defaults to the inadequate Wired Equivalent Privacy (WEP) to secure itself. This is relatively easy to break - especially by somebody who knows what they are doing.

As the default security settings are not protecting you properly, you should follow the instructions provided by BT to harden your wireless network. If you have any problems implementing suggestions from those instructions, you can always get in touch with us.

Tagged bt home hub, wep and wireless router