Recently, on twitter, I talked about Comcast and their xfinitywifi network. Here is the full story
If you have Comcast and a recent modem from them such as one of those, it creates by default a wireless network called xfinitywifi (if it doesn't now, it will do it soon). So that other people with Comcast can login to it and have Internet access when they are traveling.
It's a pretty good idea since it does not use any of your bandwidth (based on what they say and Slashdot had a story today from the Houston Chronicle) but it could slow down your wireless network since it is on the same channel. However, I really don't like the way they implemented it: it is enabled by default and you can only disable when logging on your account online, there is not a single mention of it in the modem configuration. It's also a bad idea because you can easily fake it to steal credentials (it's an Open network, no encryption).
Unfortunately, I had to spend quite a lot of time with their tech/customer service to figure out and get it disabled (their first attempt to disable it failed). And they will try to convince you to leave it. I knew they have access to the cable modem and they can reset/upgrade the firmware. What's really worrying is that they can access all the settings of the modem, including the wireless settings and they could tell me what my WiFi settings were. They might also be able to access your network.
Moving on. Another issue I mentioned to their tech was that there was another wireless network along xfinitywifi and my personal network. A hidden network with the same security settings as my personal network (or it's just a coincidence I use the same settings as them). The MAC address is also very similar to the one of your modem. What changes is the first byte.
As of now (last time I spoke to them was 2 or 3 week ago at least), this hidden network is still there and I have absolutely no idea what that network is. So, I'll disable the wireless on the modem and have another AP between the modem and my network. Here is a picture of the network (let me know if you'd like a PCAP).
Does anybody knows what that hidden wireless network is for? Comcast hasn't responded yet to that question on twitter.
Subscribe to:
Post Comments (Atom)
hidden network is for a long captured wirless from you...
ReplyDeleteThe hidden wireless network sounds like the guest ssid on some routers. If you enable it you will notice sometimes the first bit and last bit are one off from the normal ssid mac. So someone might have enabled your guest network and hid it from view!
ReplyDeleteI looked at all the pages on the modem and there is no mention of that anywhere. And Comcast confirmed I had to call them to have it disabled as it is not displayed in the configuration
ReplyDeleteWhy do you even have Comcast as your ISP? Their customer satisfaction rating is lower than the IRS. That should be a clue.
ReplyDeleteAnyway, that hidden network is pretty creepy. You could continuously attack it (or clients) in the meantime to prevent it from being used.
I chatted with a rep about these networks, as i have service at two home locations, 3 seperate times they tried to deny having any recolection of this "hidden network" but one of the reps slipped after i backed him into a corner
ReplyDeleteHe acknowledged being able to see the "hidden network" said it was created at the time my HOME network was, that i didn't have access to it, couldnt connect to it, and it was "technical" i have picture proof and want to get to the bottom of this BS.
ReplyDeleteIt's for xfinity home security.
ReplyDeleteThere alarm equipment connects to a hidden and secured wifi network on the newer modems.
The hidden network is for their wireless security system called XFINITY HOME. The devices use that hidden network to communicate without stomping on your other network.
ReplyDeleteOK, well I dont have their security service, so why is it broadcasting?
Deletehttp://www.dslreports.com/forum/r30322183-WiFi-The-Secret-of-the-Hidden-SSID-Revealed-Turn-it-Off-Yourself
ReplyDeleteFollow this post and you can disable the hidden network as I did. notice the different URLs that you can choose from to get you to the needed page.