Prev: Intel Pro Wireless
Next: AirSnare freeware for detecting which neighbor is warsittingyour wireless router
From: Mortimer on 18 Jun 2007 12:35
"Lord Possum" <lord.possum(a)yahoo.com> wrote in message
news:MPG.20e076fbc16336b59896c9(a)netnews.insightbb.com...
> Why is this subject even being discussed here?
>
> Why aren't wireless users using WEP/WPN security codes?
>
> So what, that somebody can see you are wireless? With a
> proper security code, who cares?

Presumably it's still a valid subject for discussion, firstly because it
emphasises the *need* for encryption, and secondly because if you suspect
that your encryption has been hacked (eg someone's discovered your password)
you need to be aware of that fact and know who's doing it so you can a)
change the password and b) beat the neighbour about the head with a baseball
bat!

By the way, I presume you mean "WPA" (WiFi Protected Access) rather than
WPN.


From: R. Mark Clayton on 19 Jun 2007 13:37

"Jeff Liebermann" <jeffl(a)cruzio.com> wrote in message
news:1j1b73t05m3sojv7tmim08p9dd5si2epps(a)4ax.com...
> Mike <turnpike_user(a)turnpike_REMOVEuser.THIScomANDTHIS> hath wroth:
>
>>If you have the proper protection on, why worry about it?
>
> Do you just lock the front door and assume that the lock is in working
> order? Do you even look at the lock to check if it's functional? Are
> you sure the "proper protection" is working, or perhaps your neighbor
> has a spare key?

If you use the standard security that comes with every router then the
chances of anyone using it are infinitesimal. The chances of a neighbour
even being able to try and crack the key are exceeding low, and even if hte
CIA tried it would be unlikely.

You are watching too many James Bond movies, where he places a hair over the
gap between the door and the jamb, so he can tell if anyone has entered his
room...

>
> It's the same with any kind of network security, including wireless.
> If you don't monitor the connection, you don't have any clue of what's
> moving on your network or who's using it. For example, I've tracked
> down a few virus infections to the neighbors using the allegedly
> secure wireless connection, and accidentally spreading a virus to open
> shares. I've also seen internet performance come to a grinding halt
> when the local brat does his file sharing exercises. Without
> monitoring, one would never know these things were happening, except
> perhaps by the symptoms, which could be attributable to other causes.

The only "traffic" you are going ot get are identify polls, and that is part
of the protocol. Of you look for base stations from a wi-fi PC, you can see
all in range, but only conenct to those that have been left open or for
which you know the key.

>
> As Prez Reagan often said; "Trust, but verify".

He was a nutter as well!



From: Jeff Liebermann on 19 Jun 2007 15:12
"R. Mark Clayton" <nospamclayton(a)btinternet.com> hath wroth:

>If you use the standard security that comes with every router then the
>chances of anyone using it are infinitesimal. The chances of a neighbour
>even being able to try and crack the key are exceeding low, and even if hte
>CIA tried it would be unlikely.
>
>You are watching too many James Bond movies, where he places a hair over the
>gap between the door and the jamb, so he can tell if anyone has entered his
>room...

Allow me to introduce my neighbors two 15/16 year old (at the time)
brats. Their parents wouldn't let them surf the net because they were
downloading porno, viruses, and doing illegal file sharing. So, the
parents pulled the plug on the DSL when the kids weren't supervised.

Did that stop these kids? Nope. The first thing they did was break
into my house and steal a spare DSL modem. When the parents turned
off the 2-Wire modem/router/wireless, that left the phone line
available for another DSL modem. That worked for a while until they
were caught. I installed a splitter at the MPOE instead of individual
microfilters to prevent a repeat performance.

The next step was to use wireless to break into my network. At the
time, I was using WEP, which did not yet have the large number of WEP
cracking tools available. Rather than figure it out, they just hired
one of their schoolmates that knew quite a bit about WEP cracking to
do the job. The neighborhood WLAN was dead for about a day while
someone was flooding it with traffic trying to collect enough IV's to
perform the crack. It worked.

My traffic monitoring tools soon caught an unusual amount of traffic
coming from what I thought was a laptop owned by one of the other
neighbors. The only problem was that I had that particular laptop in
my office being worked on for a broken display backlighting inverter.
They had borrowed her MAC addresses so that I wouldn't detect any new
MAC addresses with arpwatch. I blocked the MAC address after a few
days when they apparently contracted a worm or virus which tried to
spread to other machines on the WLAN and all over the internet.
Actually, I didn't see it happening as I got a phone call from my ISP
firmly suggesting I disarm the monster or they'll pull the plug on me.

The next escalation surprised me. They snuck under my house and tried
to wiretap into my ethernet connection. I would say they did an
excellent job for a pair of 15/16 year old prospective delinquents.
They found one of he few CAT cables that had nothing attached. I
don't monitor my ethernet connected devices, so I never saw the new
MAC address. The traffic did show up late at night on the router MRTG
graphs, but I assumed that it was some kind of late night update or
one of my RDIST/RSYNC jobs doing its replication thing. The buried
cable was eventually discovered because the house in between was for
sale and the termite inspector somehow tripped over the cable and
asked "whaaazat"?

It's been a few years, and both brats have grown into quite proficient
computah geeks. One is a sysadmin at a local business and part time
student, entrepreneur, and surfer. The other is off getting educated
at state expense.

Although my personal childhood experience was more in the way of phone
hacking than computers, I can see similarities in the approach and
motivation.

Like I said, "trust, but verify".

--
Jeff Liebermann jeffl(a)cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
From: Jack on 19 Jun 2007 15:22
> "R. Mark Clayton" <nospamclayton(a)btinternet.com> hath wroth:
>
>> If you use the standard security that comes with every router then the
>> chances of anyone using it are infinitesimal. The chances of a neighbour
>> even being able to try and crack the key are exceeding low, and even if hte
>> CIA tried it would be unlikely.
>>
>> You are watching too many James Bond movies, where he places a hair over the
>> gap between the door and the jamb, so he can tell if anyone has entered his
>> room...
>
> Allow me to introduce my neighbors two 15/16 year old (at the time)
> brats. Their parents wouldn't let them surf the net because they were
> downloading porno, viruses, and doing illegal file sharing. So, the
> parents pulled the plug on the DSL when the kids weren't supervised.
>
> Did that stop these kids? Nope. The first thing they did was break
> into my house and steal a spare DSL modem. When the parents turned
> off the 2-Wire modem/router/wireless, that left the phone line
> available for another DSL modem. That worked for a while until they
> were caught. I installed a splitter at the MPOE instead of individual
> microfilters to prevent a repeat performance.
>
> The next step was to use wireless to break into my network. At the
> time, I was using WEP, which did not yet have the large number of WEP
> cracking tools available. Rather than figure it out, they just hired
> one of their schoolmates that knew quite a bit about WEP cracking to
> do the job. The neighborhood WLAN was dead for about a day while
> someone was flooding it with traffic trying to collect enough IV's to
> perform the crack. It worked.
>
> My traffic monitoring tools soon caught an unusual amount of traffic
> coming from what I thought was a laptop owned by one of the other
> neighbors. The only problem was that I had that particular laptop in
> my office being worked on for a broken display backlighting inverter.
> They had borrowed her MAC addresses so that I wouldn't detect any new
> MAC addresses with arpwatch. I blocked the MAC address after a few
> days when they apparently contracted a worm or virus which tried to
> spread to other machines on the WLAN and all over the internet.
> Actually, I didn't see it happening as I got a phone call from my ISP
> firmly suggesting I disarm the monster or they'll pull the plug on me.
>
> The next escalation surprised me. They snuck under my house and tried
> to wiretap into my ethernet connection. I would say they did an
> excellent job for a pair of 15/16 year old prospective delinquents.
> They found one of he few CAT cables that had nothing attached. I
> don't monitor my ethernet connected devices, so I never saw the new
> MAC address. The traffic did show up late at night on the router MRTG
> graphs, but I assumed that it was some kind of late night update or
> one of my RDIST/RSYNC jobs doing its replication thing. The buried
> cable was eventually discovered because the house in between was for
> sale and the termite inspector somehow tripped over the cable and
> asked "whaaazat"?
>
> It's been a few years, and both brats have grown into quite proficient
> computah geeks. One is a sysadmin at a local business and part time
> student, entrepreneur, and surfer. The other is off getting educated
> at state expense.
>
> Although my personal childhood experience was more in the way of phone
> hacking than computers, I can see similarities in the approach and
> motivation.
>
> Like I said, "trust, but verify".

I would say a gun should do the trick.......
;)


First  |  Prev  | 
Pages: 1 2 3 4
Prev: Intel Pro Wireless
Next: AirSnare freeware for detecting which neighbor is warsittingyour wireless router