- 12-20-2012, 01:21 AM #1
I own a townhouse. I know all of my neighbors. My Cisco wireless router died. No big deal, I bought another one. I set up the new one up with the same SSID and WPA2 password. The difference with the new one is I could now see the activity lights.
After I set it up, I checked all of my wireless devices (8 total) and they were all working fine. Later on I noticed my 2.4GHz band seemed really active. I thought I must be getting an update on one of my devices. The activity continued and I thought, what the heck is going on. I pulled up a network map and there are 10 devices connected to my wireless router. I thought, what device am I missing. I even checked the MAC address of all my devices. I wasn't missing any. There were 2 devices connected to my WiFi that I didn't recognize.
I changed the WPA2 password on my router. Then changed the WPA2 password on my 8 wireless devices. Now when I pulled a network map up I get 8 devices connected. Some body, obviously one of my neighbors was tapped into my WiFi.
- 12-20-2012, 02:01 AM #5
12-20-2012, 04:00 AM #13
- 73 Posts
on my belkin i have hidden ssid broadcast, use a strong password for wpa2, enabled mac id filtering and added my connecting devices mac ids in allowed list and set a strong password for router configuration access. i guess that as much as i can do. anything more can be done to secure the router?
- 12-20-2012, 07:44 AM #14
Sure there is, but you don't brute force the router itself. You brute force the "handshake" files locally. Using monitoring you can capture the handshake packets, save them locally, then run them through a brute force with a 40 gb dictionary file.
MAC address filtering is also useless. It's the easiest thing to spoof using almost any distro of Linux.
- 12-20-2012, 09:22 AM #15
Mac address filtering cam be spoofed in 2 seconds. I spoof all my hack attempts before I even touch the router. Valid MAC addresses are broadcast with the packets from those devices
The only thing you can do is use a fairly long complex password. Make sure you do the same for your router login.
- 12-20-2012, 12:21 PM #17
I've got a 16 digit password that has no basis on real words or meaningful number combos. Purely a random string. Pain in the **** for entering into things like wifi printers and such, but its secure and more and more devices are supporting WPS so I don't have to type it as often as before.
- 12-20-2012, 02:09 PM #19
- 12-20-2012, 02:13 PM #20
The problem comes when someone uses an open network and passes user credentials and session information unencrypted. I can sniff that out immediately using common tools such as wireshark.
There is a whole gamut of security concerns with database data, cross site scripting and injection attacks but that's not quite the same.
- 12-20-2012, 02:13 PM #21
If it isn't an infinite number of characters in length, it ain't secure. Basically, you can never be too cautious. If someone wants to hack your stuff, they will no matter what it takes. Even if it isn't stored electronically, they'll just hire somebody to burgle your house for it.
- 12-20-2012, 05:03 PM #24
- 12-20-2012, 05:35 PM #25
What crackers do is use dictionary files of the most common passphrases and words that are used for passwords and go through a "trial and error" test on each one. If you pick common words, they can do it fairly easily. If you pick uncommon words, but use a short password, they can brute force it systematically pretty easily. The moment you use a long and complex password based on no real pattern, the number of permutations that a brute force algorithm would need to run through to crack it could take centuries. Literally.
As for information passed over the air, ie. networks wired or wireless, unless it is encrypted it can be read in it's raw format. So ensure that SSL is used for logins when on public networks. If you are wired, on your secure home network with only you and your family etc, you'll be fine...unless your brother or someone is trying to sneak your passwords for fun.
Over the air on a public network, even if it has a password, is still visible by anyone on that network. Open wifi is even worse.
Moral of the story. Make sure sites use https (SSL through self signed or commercial certs) when passing sensitive information, use SSH2 when doing server to server stuff. Use FTP over SSH or FTPES with a cert and keep an eye out for news on security loopholes for the "secure" services you do use. SSL means jack squat if the server is passing session information back and forth without encryption. I could just snag that session and use it to masquerade as you on facebook without ever knowing your password to do it.
Aside from that, not much more you can do.
- By podsnap in forum Windows Phone 7Replies: 1Last Post: 10-07-2011, 04:14 AM