Re: MASSIVE SECURITY PROBLEM - Genie Logs Into Neighbor's Router

Your wireless devices connected to his router, not yours. You wired device connected to your router. The 'security breach' was on his end. Probably an unprotected SSID and the signal was stronger that your SSID and the wireless devices connected to his signal. Look at your wireless devices and see what SSID it is connecting to, and IF it even sees your SSID.

You didn't detail what your wireless devices are? If Windows PC's or Laptops, you can get Acrylic (https://www.acrylicwifi.com/en/wlan-software/wlan-scanner-acrylic-wifi-free/) install and run it and you can tell what SSID's and thier power and channels are around. I doubt his SSID is the same as yours but it could be on the same channel and stronger signal.

If you are worried he can connect to you, check YOUR router log, it should show (if enabled) who is connecting by IP Address and MAC Address. From your post it probably only is your PC.

Hopefully you have changed your router login password (and wifi passphrases). Sounds like your neighbour hasn't..

Yes, that is the problem. I connect to his router, rather than mine, even though I am on my wireless network.  His signal is way weaker than mine, and regardless of that routerlogin.net (and the Genie application) should resolve to my router when I am on my SSID.

He has a password set, but for some reason I am able to get on his router as admin.

Clearly, there is a significant problem with the way routerlogin.net / Genie work.

---

@lennyr wrote:

Yes, that is the problem. I connect to his router, rather than mine, even though I am on my wireless network.  His signal is way weaker than mine, and regardless of that routerlogin.net (and the Genie application) should resolve to my router when I am on my SSID.

 

He has a password set, but for some reason I am able to get on his router as admin.

 

Clearly, there is a significant problem with the way routerlogin.net / Genie work.

 

 

---

You can't get on his router UNLESS you are ON his network, period.

You are CONNECTED to 2 different networks from your description. Your own from a hard wired PC and HIS via wireless. Genie is working as it should, opening a browser on your PC and going to 192.168.1.1 (assuming that is your router IP address and it is the same as his) or using routerlogin.net will put you on YOUR router. Doing the same on a wireless device will put you on HIS router as that is what you are connected too.

If he is using the DEFAULT UID and PW (admin and password) then that is why you can get onto his router on wireless. If he has NO Security set then you can connect to his router via wireless. If he HAS security set then you need the passphrase to get on. If it happens to be the same as yours then it is possible the wireless devices can get on, but you must have the same SSID's as well.

Have you tried Acrylic?

Did you run from a Command prompt IPCONFIG /ALL and compare results between the PC hard wired and a wireless device?

Another question, HOW do you know you are on his router using Genie?

      "You can't get on his router UNLESS you are ON his network, period"

I know you're trying to help, but this is DEFINITELY NOT THE CASE, and saying otherwise, no matter how emphatically, does not make it so. I am on my network SSID, but Genie puts me into his router, as Admin.  

No, going to 192.168.1.1 has the same result as using the Genie application or routerlogin.net. They all put me on his router.

Yes, I tried Acrylic (thanks for the tip). It shows the same thing as other wifi scanners I used. My SSIDs show as much stronger than his.

As to how I know I'm on his router rather than mine, it is because mine is an R8000 and his shows as  an R45000, because we have different SSIDs for our networks, and differnet passowrds (which I can all see, since I'm Admin).

---

@lennyr wrote:

      "You can't get on his router UNLESS you are ON his network, period"

 

I know you're trying to help, but this is DEFINITELY NOT THE CASE, and saying otherwise, no matter how emphatically, does not make it so. I am on my network SSID, but Genie puts me into his router, as Admin.  

 

IrvSp's explanation is plausible.  There is no way you can log into your neighbor's router unless you are actually connected to his Wi-Fi network.  The only other way for traffic to reach his router is through your Internet connection, but that's not possible because 192.168.1.1 is a private IP address.  It's not routable through the Internet.

Can you post a screenshot of one of your devices showing the SSID that it is connected to?  And a screenshot of the SSID broadcast by your router?

It's really a good idea to change the SSID name to something more personal.  The default names (i.e. NETGEARXX) can lead to this sort of confusion when neighbors also possess Netgear routers.

At the very least, make your device forget the Wi-Fi network it is joined to and re-join the network.

You could also try asking your neighbor if he sees you connected to his network.

A guy using R8000 should know better. LOL! Your neighbor is not any better either, LOL+!

---

@TheEther wrote:

---

@lennyr wrote:

      "You can't get on his router UNLESS you are ON his network, period"

 

I know you're trying to help, but this is DEFINITELY NOT THE CASE, and saying otherwise, no matter how emphatically, does not make it so. I am on my network SSID, but Genie puts me into his router, as Admin.  

 

IrvSp's explanation is plausible.  There is no way you can log into your neighbor's router unless you are actually connected to his Wi-Fi network.  The only other way for traffic to reach his router is through your Internet connection, but that's not possible because 192.168.1.1 is a private IP address, http://www.192168-0-1.com It's not routable through the Internet.

 

Can you post a screenshot of one of your devices showing the SSID that it is connected to?  And a screenshot of the SSID broadcast by your router?

 

It's really a good idea to change the SSID name to something more personal.  The default names (i.e. NETGEARXX) can lead to this sort of confusion when neighbors also possess Netgear routers.

 

At the very least, make your device forget the Wi-Fi network it is joined to and re-join the network.

 

You could also try asking your neighbor if he sees you connected to his network.

---

Totally agree with this.

---

@lennyr wrote:

As to how I know I'm on his router rather than mine, it is because mine is an R8000 and his shows as  an R45000, because we have different SSIDs for our networks, and differnet passowrds (which I can all see, since I'm Admin).

---

Lenny, I don't think ANYONE is disputing your wireless devices are on HIS network. We get that. What the root cause is your devices CONNECTED to his network. When a device connects to a network (wireless) somethings have to happen.

1. It must see SSID's (UNLESS none is broadcast but you know the SSID and tell the device to connect to that one).
2. It has to be selected to connect (and usually there is a check box to 'always connect to this SSID) to that SSID.
3. Depending on Security level of the SSID a PASSPHRASE might be required. Once provided the device will connect.

Some devices will retain the SSID and PASSPHRASE and connect to that SPECIFIC SSID if it sees that SSID using the stored values. Some will even do it if the SSID signal is stronger that the SSID signal it is on.

All I can guess is that at one time you did use your neighbor's network, maybe when you were at his house, I don't know, but you are on it.

The fact that you can use Genie to view his router doesn't mean much. Probably MOST people do NOT change the UID or P/W required to logon to thier router. The DEFAULT is ADMIN and PASSWORD and I'm sure you used that. That is NOT the same as the SSID and PASSPHRASE needed to CONNECT a device to the router (unless he set it to that).

A couple of screen captures might help here.

• When on of your wireless devices is using Genie and shots of the first screen, Wireless settings, and the LOG if enabled. You can blank out the PASSPHRASE so as not to disclose that.
• Same as above when on your Router connected to via a wire from your PC.
• IPCONFIG /ALL from the wired PC.
• Assuming you can capture a screen on a wireless device (iPhone/iPad's are easy) get screenshots of the NETWORK connection data.

Alternatively you can just get a screenshot of the ADVANCED tab blacking out some data, that looks like this (I assume all NG routers look similar, I'm on an R7000 for instance):

With screenshots of the two networks you appear to be on we should be able to see possibly what is going on.

Although I've blacked out my INTERNET IP ADDRESS, you can leave the LAST octet as they MUST be different if you are on two different networks.

Bottom line, no one I don't think thinks you are NOT connected to your neighbor's network with your wireless devices. However YOU had to do that, not Genie, but MANUALLY selecting that SSID and providing the PROPER PASSPHRASE. Once that has been done, devices USUALLY re-connect to the LAST connection they had. Easy FIX, DISCONNECT and then CONNECT to the proper one. Also FORGET your neighbor's network after you do that and you'll be fine and not connect to it again unless YOU manually choose to do that.

Here is a screenshot showing me loggedin as admin on his network (SSID Netgear76) while connected to my own network (Jet Car 5b)

and, for what it's worth:

• my SSIDs are not broadcast
• I have never logged onto that neighbor's network as a user, and only as admin because Genie just plops me into it
• I don't have his network saved because I have never logged onto it, and didn't know the password until I saw it on Genie

Ignorance is bliss. Depending on Genie for every thing. If one can't do anything w/o Genie (s)he will be life time Netgear user. Who says SSID

is for security? Even with max security measures it is not bullet proof. In this case two neighbors don't seem to have any security set up or maybe op's signal is weaker than neighbor's?

Ignorance is bliss?  Huh?

If not Genie, how do you suggest I administer my router, short of putting Tomato on it or something?

Nobody said SSID was for security. And of course the security isn't bullet proof, but in this instance it doesn't even seem to be working as intended.

My signal is vastly stronger than my neighbor's (-18db vs -56db), and even if that weren't the case, Genie / routerlogin.net / 192.168.1.1  should not put me into the admin console of a network I'm not even connected to, regardless of signal strength.

And, as you can see from the screenshot, my neighbor has security set up. I have very strong passwords on my network, don't broadcast my SSIDs, and block access to new devices using access control.

Do you go to help forums to make snarky comments for fun?  If so, at least read the posts so you can make well-informed snyde comments.

I am litrtle sarcastic here to wean you from Genie and liberate yourself from Netgear router, No one is born knowing how to manage router

or anything for that matter. Spend some time learning. Many Youtube tutorials, many folks here will help you if you try yourself. I am almost

80 years old I never used Genie which is robbing your memory, hard driver space running in the back ground. Log into your router, start

doing things yourself.  Tomato f/w is for advanced users. Don't be afraid. You'll be happy when you can do anything with your router maximizing

it's potential.

I get it, you're trolling just to help me. Thank you for looking out for me. 

For what it's worth, I have installed and administered DD-WRT and Tomato on numerous routers before. By your parlance, I am an "advanced user." There are features on the R8000 that don't work with 3rd party / open source OSs, and those features are among the reasons I bought the R8000 in the first place.

Please, if you actually want to be helpful and have something to contribute relevant to the issue at hand, post away. If you just have nothing better to do than troll an obscure help forum, I guess I cannot begrudge you what must be one of your only meager pleasures in life, so OK, keep on trolling I guess.

I am not trolling. You can PM me if yoiu want. Feel sorry for you.

---

@lennyr wrote:

Here is a screenshot showing me loggedin as admin on his network (SSID Netgear76) while connected to my own network (Jet Car 5b)

 

 

 

---

Try again, NO IMAGE showing or available. Use JPG probably.

---

@lennyr wrote:

and, for what it's worth:

 

• my SSIDs are not broadcast
• I have never logged onto that neighbor's network as a user, and only as admin because Genie just plops me into it
• I don't have his network saved because I have never logged onto it, and didn't know the password until I saw it on Genie

---

@lennyr, sorry, but you said before your SSID IS broadcast, "Yes, I tried Acrylic (thanks for the tip). It shows the same thing as other wifi scanners I used. My SSIDs show as much stronger than his." Unless you broadcast it Acrylic CAN NOT see it.

I suggest you study up on LAN's, PRIVATE NETWORKS. There are literallty tons of routers with IP Addresses of 192.168.1.1 NONE of these can be seen by any device UNLESS they have connected to it. Really hard to beleive you can do it since you now claim you are NOT connected to neighbor's network. Especially since you now say it is P/W protected to connect.

Reviewing your original post you said this, "What is more disturbing is that I have admin access to his router and network, and I can see all his devices, as well as my own." There, YOU are connected to his network. You did NOT say when using the PC connected via cable that you saw HIS devices or your wireless devices.

You say you are an 'Advanced User' but I'm beginning to think you are the Troll here.

Please post screenshots and information that shows clearly what you are seeing.

I did post a screenshot, and it is plainly visible to me when I look at my post on the forum. Don't know why you can't see it.  As I said, the screenshot shows me on my SSID, but logged into my neighbor's router as admin.

I don't know why you are adopting a hostile tone. I am just asking for help in a strange situation.

I previously said that Acrylic saw my network because it sees the one I am using at the moment. It does not see the ones that I am not on at the momemt. It doesn't need the SSIDs to be broadcast to see the one I am on atm.  I don't even know why I am justifying myself to you since you seem more interested in finding the lie in my "story" than trying to understand my issue, much less help.

The moderators have to approve the upload before the rest of us can see it.  Unfortunately, the moderators seem to be quite slow about reviewing uploads.  I've asked them to change this policy since it's not really effective against policing bad content.  After all, people can embed links to images hosted elsewhere and those show up immediately.

Anyway, I think many of us are interested in seeing the screenshot.  It, hopefully, will provide insight to what's going on.

@LENNY,

---

I don't know why you are adopting a hostile tone. I am just asking for help in a strange situation.

 

I previously said that Acrylic saw my network because it sees the one I am using at the moment. It does not see the ones that I am not on at the momemt. It doesn't need the SSIDs to be broadcast to see the one I am on atm.  I don't even know why I am justifying myself to you since you seem more interested in finding the lie in my "story" than trying to understand my issue, much less help.

---

First of all you are the one that started to call people 'trolls'. Secondly, I have NEVER seen any reports like this and I'll assume no one else has either. Excuse us for being skeptical because of this.

We're trying to dig deeper and see if we can explain this.

Do you UNDERSTAND that if you are on a network the ONLY place the browser can go for 192.168.1.1 or 192.168.0.1 or ROUTERLOGIN.NET is the ROUTER it is on the network with? If yes, fine, we're all on the same page.

Now I just tested with my SSID on and off with Acrylic.

admin2 is mine. Now I turned OFF the SSID:

Now used Acrylic:

It shows as hidden and if I didn't know it was 'me' it would be tough to tell other than that is how Acrylic works. I assume you made the same discovery.

As the other poster said, we'll have to wait to see the capture, I thought it was because you either had a link to your PC vs. uploading or PNG's didn't display, I use JPG's.

You do seem to have some 'differences' in post to post.

Yes, I do understand that 192.168.1.1, etc. _should_ all resolve to my router. The fact that it doesn't is the root of the problem / mystery.  And yes, I understand skepticism given this strange situation, but there is no reason to be hostile; as for callinng people trolls, perhaps the poster who I called that was well intentioned and just trying to coach me in an unusual way and I should have given the benefit of the doubt. Nevertheless, his posts were not on topic.

As you said, I guess I'll just wait until the screenshot is approved.