When I got the ADSL modem from Bredbandsbolaget ( www.bredband.net ) I got the XAvi X5258-P2 modem with built in 802.11b/g gateway. It is made by Force. XAvi does not list this model on their homepage as it is probably custom made for Bredbandsbolaget. By default the modem uses WEP 64bit encryption.

That is practically equivalent to an open unsecured gateway. It is a bit fantastic to see that even thou the modem has the possibility of vastly higher security, Bredbandsbolaget does not try to increase the level of security by automatic changing of settings, or handing out guides to the users on how to do it manually.
This is unsupported terrain for them as far as changing default settings are concerned.

Fortunately it is possible to change the settings yourself to use for example WPA-PSK. The modem has a http-server listening on 192.168.1.1. By default IP addresses given by the dhcp-server in the ADSL-modem are in the 85-range, and has no routing information for the 192.168-subnet.

 An easy way to add that route is to change a connected computers own IP address to lets say 192.168.1.34, and add 192.168.1.1 as standard gateway.

The settings can be viewed without user/password http://192.168.1.1/wireless/wl_acl.htm

To change any setting, you need to provide user/password. For me the user/password was user/user. It may work with Admin/Admin (note capital A).

If none of those passwords work there is still hope. Bredbandsbolaget has a program called service center that must be able to change settings in the modem (but does not after initial installation as far as I know. This might be future plans thou.) It communicates over plain http with the ADSL-modem, so it should be easy to snoop it´s communication with the modem to figure out the user/password.

Some of the settings in the ADSL-modem one might want to look at is:

• MAC-address locking so that only network cards with certain addresses will be allowed to access the wifi gateway. That in itself is not enough as one can easily change MAC addresses.
• WPA encryption. Preferably WPA with private shared key on small private networks as that is low maintenance. And don´t just use the old WEP key, as someone already might know it :-)
• SSID hiding. It is so to speak harder to connect to something you don´t know the address of. Dont just hide the SSID. Change it also, as it might already be known.

That should make for a wifi gateway you can rely on to be only used by computers you want to allow access.

EDIT: February 26th, 2010: This is still true, but I would not count on WPA. It is also breakable, but not as easy as WEP.