36

I'm looking to buy a WiFi router on ebay, but the seller put a picture on the site of the router's backside, exposing information such as

  • Serial number
  • Part number
  • MAC address
  • Default password and PIN

I plan to wipe the original firmware and replace it with DD-WRT.

Could the above information still be used to compromise my network?

pangabiMC
  • 463
  • 4
  • 6
  • 7
    One downside is that there sometimes exist databases mapping wifi networks to location, and these databases are filled by automatic processes on certain phones, as well as things like mapping vehicles. This may mean that if your router gets "mapped", your location would be effectively "known" to the internet. – Tyzoid Mar 20 '17 at 16:33
  • 1
    @Tyzoid: true, because WiFi beacon frames (that broadcast the SSID) include the source MAC address. However, I'm pretty sure DD-WRT allows changing the router's MAC address. – Roy Tinker Mar 20 '17 at 16:50
  • 1
    @RoyTinker The problem is that it's not very common to do, even if allowed (not all router software has the option). Few non-technical people would even know where to look. I agree that changing the broadcast mac address would help alleviate that issue, though. – Tyzoid Mar 20 '17 at 16:54
  • Hidden WiFi still beacons. It doesn't even make the connection still secure. (Hidding your SSID can make your connection less secure) http://www.pcworld.com/article/2052158/5-wi-fi-security-myths-you-must-abandon-now.html – Matthew Whited Mar 21 '17 at 20:11
  • The fact that a mapping company drives by and learns your MAC address doesn't mean it can compromise the network. Furthermore, they generally don't dump these databases with geo locations, and interrogation works the other way (here's the local MAC address, what's the geo location that you guys have.) One way around it would be to change the MAC address and SSID regularly. Or if you trust the mapping companies, add "_nomap" to the end of the SSID. – fork2execve Mar 21 '17 at 20:49
  • @MatthewWhited Why would not broadcasting the SSID make your network less secure? All that I read in the article was that not broadcasting it may make someone more likely to try and break in as it appears you're hiding something. That doesn't make it any less secure than not hiding it... – tjb1 Apr 18 '17 at 11:12

2 Answers2

43

Yes this is safe.

  • Default password and PIN are irrelevant if you change them (or replace the firmware.)
  • Serial number is irrelevant anyway.
  • Part number is irrelevant anyway.

Which leaves the MAC address. With some routers this is used to compute a default password, but once you change this I don't believe there is any risk.

The biggest risk of any router is the potential presence of backdoors that the manufacturer firmware may contain, but given that you are replacing it with DD-WRT that does not matter.

Patrick M
  • 263
  • 1
  • 9
fork2execve
  • 546
  • 4
  • 4
  • 8
    I'm no expert on DD-WRT but I'd wager you could modify the MAC address in software if you really wanted to. – John U Mar 20 '17 at 16:03
  • and - There should be no way to force the reset the password to the default via software. This should require you to physically do something like push a button on the router. – MaxW Mar 20 '17 at 21:02
  • 2
    Meh biggest risk of any router is that you incorrectly configure it followed by someone in your household tampering with it because they don't know what they are doing. Potential backdoors from the manufacturers possibly come somewhere at the bottom of the top ten. – DRF Mar 20 '17 at 21:10
  • MAC address is used for Layer 2 frames, e.g. Ethernet and Wi-Fi, which communicate on the same link. Internet Protocol is Layer 3, and introduces routing. Each time the traffic goes over a router and into another subnet, a new frame is generated (even if the embedded Internet Protocol packet remains untouched), so the MAC address is typically discarded then. So your router's gateway may see the MAC address of your WAN port; other devices on the Internet are not likely to see the MAC at all. Hence, no threat; hence, fork2execve's answer is quite right. (+1) – TOOGAM Mar 21 '17 at 06:00
9

As long as you change the default password that shouldn't be a problem. I would recommend you to deactivate WPS though.

Dr3xler
  • 308
  • 1
  • 8
  • Why deactivate wps? – Tim Mar 20 '17 at 17:23
  • 4
    @Tim [Security.](https://en.wikipedia.org/wiki/Wi-Fi_Protected_Setup) – Matt Nordhoff Mar 20 '17 at 17:58
  • Cause it is vulnerable to some hacks. Especially the PIN WPS is just like a very weak password, cause it only got four numbers. Anyway, there have been many vulnerabilities of WPS in the past 'till today, so it is more secure to deactivate it. There are some simple tools out there which can get you access to many routers with activated WPS... – Dr3xler Mar 20 '17 at 18:29