Wireless router w/ antenna removed (unsoldered) still 85% strength

Joined
Aug 21, 2009
Messages
588
I have a modem/router that has wireless and I wanted to make sure the wireless couldn't be accessed on it, so I removed the antenna (which did very little under 120ft) so I figured I would unsolder the connections b/c they had about 8-10 inches of wire attached to them from the circuit board. Well, I'm still getting 85% strength at 70ft for some reason.

This wouldn't be much of an issue except I found a major security issue with these routers which allows the wireless to be turned on remotely via WIRELESS even if you don't have the current admin/root password! I'd get rid of the router but I have to use it for the time being.

Is there anything else that can be done to limit the accessibility to this thing? The solder points on top of the board do not show up on the underside of the board at all (are these things layered? There are some transistors a few mm-1/2 cm from the wifi points.

Anyone have any suggestions for this?
 
Last edited:
It would help us if you tell us specifically which router it is. If you do, then we could tell you if it will take third-party firmware.
 
Last edited:
Just disable the wifi? If you're paranoid remove the wireless driver from the firmware.
//Danne
 
I 'm going to make two assumptions.

The first is that you have an ASUS router.

If you do, that bug was fixed in a firmware update a month or two ago. The merlin aftermarket firmware had it fixed over 6 months ago.

As far as the signal strength you are seeing....wireless doesn't exactly work the way you think.


Its more like two guys with megaphones shouting to each other from individual mountaintops.


You may hear that the guy is shouting something...but that doesn't mean you can hear him clearly, nor does that mean that you can shout back to him and he can actually hear you.

If it is an ASUS router, just turn the wireless power output down...and you can put the attennas back one while you are at it.

As for limiting access....there are tons of things you can do.

Turn off the wireles is option 1
Enable MAC filtering
Use WPA2 AES encryption with a strong password 8 characters minimum
Lower the number of DHCP clients to something reasonable

With the exception of a few models I shy away from recommending DD-WRT anymore.

Tomato = yes if supported in the main truck
Gargoyle = maybe if supported in the main trunk
DD-WRT= rarely, and only on specific models
 
Sorry, I didn't think the make/model is important. It is a modem/router and I really don't want to get into releasing this type of security issue in the public until I have found more about it as it could be used by those with malicious intent.

As far as how wirelss works, I understand it a little (/sarcasm :)) and testing at 70 ft through 4 walls (inside to outside house) and getting 10-11MB/s transfer rates on N150 with no soldered antenna attached makes it pretty clear that the two people talking to each other are hearing each other pretty well.

Here is what I have a problem with. My nano USB wireless N adapter is pretty darn small and it seems is if there may be something such as this maybe incorperated within the device. What leads me to believe this is that I have been burning the transistors or resistors (I'm not sure what the are - I don't need the wireless to work again) 2 by 2 and removing some of the other pieces that are in-line from the antenna. After about 24+ (12 on each antenna connection) I am still able to get a connection with the wireless enabled. I haven't tested the remote access w/o the default password as I have to get my laptop up and running that has that info stored on it. I can only test the "consumer lever" access on the device at this point.

As for the security levels, I am fully aware of these options but that isn't the point when remote access can be initiated without the wireless enabled at all! If you have suggestions for this I would be very much appreciative of suggestions on how to protect against this.
 
Sorry, I didn't think the make/model is important. It is a modem/router and I really don't want to get into releasing this type of security issue in the public until I have found more about it as it could be used by those with malicious intent.

Oh well, the old fallacy again. If it's bad enough, the bad guys already know about it. You're doing noone a service by keeping this information to yourself.
 
Let me explain the situation with an analogy:

Ex.
I have a car that doesn't work right. I can tell you that is has four wheels, a 4cyl engine uses gas and drives fine, but the doors randomly unlock. I'm afraid someone is going to steal my car.


Anyone have any suggestions for this?



OP Do you see the problem yet? :confused:


Without the make and model we have no chance of assisting you, as we have no idea what it looks like under the hood.


So with where we are, the only valid advice that can be given is to tell you to buy a new router/modem or as most of us would endorse a "router AND a modem".
 
hold on, editing...

Wow, I couldn't beleive the responses I was getting and thought you guys were being total pricks! This really isn't like 99.823% of you guys on this forum (but a couple other tech forums I've seen, not-so-much...) so I replied and let you "have it" hence the edit, lol. I didn't know how you could all be so daft until I re-read the OP. It says router, not modem/router (my backspace & correction didn't take when I was writing I guess.?). This is a modem 1st and a router second = combo unit that has no bridged mode. I'm stuck with this unit with the service I have and am looking into other units but they are all really $$ as it is newer DSL tech they say (and ISP won't allow or support others with this service the install tech says).

So I have to make due but I don't want someone next door to be able to access this even if security is enabled since there seems to be some kind of admin entrance into it.
 
Last edited:
I 'm going to make two assumptions.

The first is that you have an ASUS router.

If you do, that bug was fixed in a firmware update a month or two ago. The merlin aftermarket firmware had it fixed over 6 months ago.

As far as the signal strength you are seeing....wireless doesn't exactly work the way you think.


Its more like two guys with megaphones shouting to each other from individual mountaintops.


You may hear that the guy is shouting something...but that doesn't mean you can hear him clearly, nor does that mean that you can shout back to him and he can actually hear you.

If it is an ASUS router, just turn the wireless power output down...and you can put the attennas back one while you are at it.

As for limiting access....there are tons of things you can do.

Turn off the wireles is option 1
Enable MAC filtering
Use WPA2 AES encryption with a strong password 8 characters minimum
Lower the number of DHCP clients to something reasonable

With the exception of a few models I shy away from recommending DD-WRT anymore.

Tomato = yes if supported in the main truck
Gargoyle = maybe if supported in the main trunk
DD-WRT= rarely, and only on specific models

What about OpenWRT? Is there any opensource you suggest? I've been staying with Proprietary for the last 2 years as well for a number of reason, but DDWRT & OpenWRT provide so many more options. I'd really like to try out OpenWRT since it is basically a mini Linux distro with tons of options. What do you think of that?
 
Let me explain the situation with an analogy:

Ex.
I have a car that doesn't work right. I can tell you that is has four wheels, a 4cyl engine uses gas and drives fine, but the doors randomly unlock. I'm afraid someone is going to steal my car.


Anyone have any suggestions for this?



OP Do you see the problem yet? :confused:


Without the make and model we have no chance of assisting you, as we have no idea what it looks like under the hood.


So with where we are, the only valid advice that can be given is to tell you to buy a new router/modem or as most of us would endorse a "router AND a modem".

REALLY!? That is not what many technicians I have worked with and talked to feel. I guess it depends upon how advanced the device is as many aren't as full featured as standalone routers (but probably fine for most home users).
 
What about OpenWRT? Is there any opensource you suggest? I've been staying with Proprietary for the last 2 years as well for a number of reason, but DDWRT & OpenWRT provide so many more options. I'd really like to try out OpenWRT since it is basically a mini Linux distro with tons of options. What do you think of that?

you're not going to be able to load custom firmware on ISP provided equipment...

ESPECIALLY if they're claiming there is no way for you to disable wireless and put the thing in a bridge mode...

if that were the case i'd be talking to the ISP about getting a different piece of equipment down there...
 
Without going into a who's on first argument..

Which ISP are we discussing?

That's probably something he doesn't want to divulge either? :)

Seriously OP... we have NO idea who you are, where you live, or anything else about you. What is the issue with telling someone what "model" of router/modem you own?

My modem is a Comtrend CT301 and I'm running a D-Link DIR-615 as my router at home.... why should I be "worried" that some random people on a message board know that? I would even tell my next door neighbour if he asked me. :D
 
REALLY!? That is not what many technicians I have worked with and talked to feel. I guess it depends upon how advanced the device is as many aren't as full featured as standalone routers (but probably fine for most home users).

Many "technicians" feel what? That a modem/router combo is better? Or am I not understanding what you are saying?
 
People have been too nice to you in this post. Here let me give it a whack.

The OP is a paranoid nutcase. No one cares about your shitty home network. The way I see it your options are:

1. Ask ISP for a different device.
2. Smash existing device with hammer.
3. Put a faraday cage around said device.
4. OP is being a moron and connecting to another wireless AP on his or another network and thus really not connecting to said device.


All in all the OP is/was probably baiting.
 
1. Posting the make/model of a device which has a security flaw can only help. The more people know, the more they can be aware of the issue. People who are out to use these flaws most likely already know about them. I would imagine quite a few of us may also be aware of this flaw. But not telling us makes it far more difficult for us to help you with your situation.
2. Antennas are not the source of your wireless transmission. They extend range. Removing them will not remove the wireless capability.
3. Turning down the wireless strength greatly reduces the range that other devices can connect.
4. If you are really this paranoid about your home network, why don't you purchase your own device to help safeguard your network, like most of the rest of us? You don't need the ISPs permission for that and you can do whatever you want to that new router.
5. Any other suggestions like other posters have said, would require knowing the model of the unit you are working with and possibly the ISP. Removing the antennas and soldering on ISP equipment will certainly break the agreement with the ISP. As will changing the firmware on the modem/router.
 
Hahahaha. Sometimes these threads are really quite funny.

Maybe he won't post the model numbers because he's got some crazy paranoia about his ISP figuring out he's modified their hardware.

I really do wonder if we're being trolled though. Lol.
 
If it's a device specific to your ISP, and it's ISP provided... did you just damage the hardware on a device you don't own?
 
If it's a device specific to your ISP, and it's ISP provided... did you just damage the hardware on a device you don't own?

This must be why TWC started requiring rental fees. Too many people asking for new devices after blowing theirs up to stop "them" from listening.
 
REALLY!? That is not what many technicians I have worked with and talked to feel. I guess it depends upon how advanced the device is as many aren't as full featured as standalone routers (but probably fine for most home users).
I would NEVER recommend combination devices. It is always best to buy them separate. And 9 times out of 10 you can buy them both for less than what the ISP charges for their crappy combo hardware.
 
Back
Top