Secured Wireless Networking

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

bleepster

Thread Starter
Joined
Jun 8, 2004
Messages
545
I have a question regarding my wireless network at home.

I am using the LYNKSYS WRT45G Router. I have my PC hooked to it via the ethernet cable.

I have my XBOX 360 linked to the router via the wireless network adaptor. I have the WPA (I think thats what it was called) encyption set so that no one can steal my signal, and I typed in my pass phrase on my XBOX 360 and all works great.

again - my PC is NOT wireless - Just my XBOX 360.

How can I be sure that no one is using my wireless network and stealing bandwidth?

Is there a visual way to see? if someone is using my wireless network will there be flashing lights on the router?

thanks for any insight you can offer.
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,647
You need to look at the router to see what attached clients are on your router or look at the logs. A good hacker is going to sneak in by observing traffic and masquerading as a known client on your network. There are ways to prevent people from getting much of anything once they are in your network. You can require VPN authentication once a client establishes a wireless connection. You can have a can have people authenticate to your firewall like Astaro. Or you can periodically change your preshared key and/or your SSID.
 

JohnWill

Retired Moderator
Joined
Oct 19, 2002
Messages
106,429
If you are using WPA encryption and you use a STRONG key, not your dog's name, it's VERY unlikely that anyone can steal your wireless access. A strong key is random number and letters, 20 characters or more.
 

bearone2

Banned
Joined
Jun 4, 2004
Messages
5,809
as has been pointed out on previous posts, unless someone has the software, time to park in front of your house in the obscure white van, that even wep 64, like i use is pretty safe.

of course you're pretty safe cuz the pc is hardwired.
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,647
WEP isn't as safe as you might think. Even 128 bit WEP isn't safer than 64 bit WEP. The Achille's heal is the 24 bit IV (initialization vector.) Hackers will go after that to gain access to your wireless network. There are known tools out there easily found on the internet which will allow anyone proficient in hacking wireless networks to break any WEP encryption in a matter of 10-15 minutes.

WPA also has some vulnerabilities. I forget where I read the method of hacking WPA but it's definitely possible. WPA is still pretty secure but to eliminate the remote chance of anyone trying to penetrate your network, changing the SSID periodically will give hackers fits.
 

TerryNet

Terry
Moderator
Joined
Mar 23, 2005
Messages
81,397
The way to break WPA is with a dictionary attack. Which is why John always says to use a random (not dictionary or guessable words) passphrase. Or, some say even a good WPA passphrase can be broken with a super computer in about 1/2 year.

I think changing the key is more effective than changing the SSID.
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,647
Here's the article discussing how to crack WPA/WPA2:

http://www.smallnetbuilder.com/content/view/30278/98/

You're right about the dictionary attack and the need for long and stron passphrases. But this excerpt is why I said changing your SSID is also an effective measure to cause grief to any hacker looking to get into your network:

"Since the key is salted with the SSID, it makes sense to change your AP's SSID to render the precomputed hash tables useless (assuming you change it to something non-obvious). This forces the attacker to start from square one by either generating a hash table or using just a straight dictionary attack."
 

JohnWill

Retired Moderator
Joined
Oct 19, 2002
Messages
106,429
A 20 character random key of letters and numbers will make your network uncrackable for all practical purposes. Nobody is going to spend the months of computing on a single WPA network when there are so many WEP and unencrypted networks to hack. I don't spend any time worrying about my WPA protected network, because it's simply not worth anyone's time to attempt to breech it. I have a WEP network on one side of me, and a totally unprotected network on the other side. I think they're much more tempting targets. :)

I do have a separate wireless router that's firewalled from the rest of my network for "public" access when someone comes. It's got a WPA key, but something simple that I can remember and quote to allow them access.
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,647
A 20 character random key of letters and numbers will make your network uncrackable for all practical purposes. Nobody is going to spend the months of computing on a single WPA network when there are so many WEP and unencrypted networks to hack. I don't spend any time worrying about my WPA protected network, because it's simply not worth anyone's time to attempt to breech it. I have a WEP network on one side of me, and a totally unprotected network on the other side. I think they're much more tempting targets. :)

I do have a separate wireless router that's firewalled from the rest of my network for "public" access when someone comes. It's got a WPA key, but something simple that I can remember and quote to allow them access.
Agreed. I have my two wireless networks running in my home network on segregated trust zones all broken off by VLANs and firewalls. I also don't bother to do anything special with my pre-shared key and changing my SSID. If anyone really wants in, they can have in but they're not going to get too far.

I also do this segregation for virus/malware containment should there be a remote chance there is an infection.
 

bearone2

Banned
Joined
Jun 4, 2004
Messages
5,809
WEP isn't as safe as you might think. Even 128 bit WEP isn't safer than 64 bit WEP. The Achille's heal is the 24 bit IV (initialization vector.) Hackers will go after that to gain access to your wireless network. There are known tools out there easily found on the internet which will allow anyone proficient in hacking wireless networks to break any WEP encryption in a matter of 10-15 minutes.

WPA also has some vulnerabilities. I forget where I read the method of hacking WPA but it's definitely possible. WPA is still pretty secure but to eliminate the remote chance of anyone trying to penetrate your network, changing the SSID periodically will give hackers fits.
from tom's guide.

do you really think someone is going to take the time to access my wep, i don't.

2. What you Need
Although WEP cracking can be done from a single laptop, ideally you should have two. One laptop performs an active attack to stimulate data flow so that a sufficient number of packets can be captured in a relatively short amount of time, while the other laptop "sniffs" or captures the traffic produced by the attacking laptop. Figure 2 shows the basic idea.

You can actually run a WEP crack using one notebook equipped with a single wireless LAN card, but we don't recommend this configuration as a starting point. With only one notebook, its easy to get confused about what you're doing and we've found that the Auditor programs can get a bit unstable when used in this way.



Figure 2: Two Notebook WEP cracking setup
Note that using an active attack vs. passively capturing traffic increases your chances of detection. But it can significantly speed a WEP key crack by forcing the generation of more packets than you would normally capture in a short time from a lightly-used WLAN.

Tip: Although we refer to laptops / notebooks throughout this series, you can also use desktop computers or a mixture of laptops and desktops. However, you may find using notebooks easier due their portability and the wider range of compatible PC Card wireless adapters available.

Here is a list of required hardware:

Wireless Access Point - This will be the "target" access point and can be any brand. We used a Netgear WGT624 v2

A laptop or computer with wireless capability - This will be the "target" computer and it doesn't matter which wireless chipset or card the computer uses. Our lab had a surplus Dell laptop with built-in wireless that worked just fine

Two 802.11b PC Cards based on the PRISM 2 chipset - Some of the programs (such as Kismet) we use in this series can support a wide variety of wireless cards. But we suggest you stick to using cards based on the PRISM 2 chipset, which are supported by all the programs we will use.

We used two 2511CD PLUS EXT2 cards. The 2511-CD PLUS EXT2 has two MMCX connectors for external antennas and does not have an internal antenna.These cards are typically found under the Senao, Engenius or Wireless LAN brand names (Figure 3).

You can also search this list compiled by Absolute Value Systems to find other PRISM 2-based cards.

Figure 3: Senao 2511 802.11 PC Card

Tip: We bought most of our wireless gear (cards, antennas, pigtails) from wlanparts.com.
 

JohnWill

Retired Moderator
Joined
Oct 19, 2002
Messages
106,429
It can be cracked in minutes using common tools. You are living with a false sense of security. http://www.smallnetbuilder.com/content/view/24251/100/

I don't care a whit, since it's not my network at risk. ;)

From the article...

While it's your network, you do people a disservice by recommending WEP when much better options are available on most currently used wireless hardware.

I would think the example of the many viruses and other exploits that have taken people many man hours to create would have provided the example of why WEP isn't such a hot idea.
 

bearone2

Banned
Joined
Jun 4, 2004
Messages
5,809
excuse me but it was the fbi and they certainly have more capability than most folks driving by my house who want to see my resume'.

At a recent ISSA (Information Systems Security Association) meeting in Los Angeles, a team of FBI agents demonstrated current WEP-cracking techniques and broke a 128 bit WEP key in about three minutes. Special Agent Geoff Bickers ran the Powerpoint presentation and explained the attack, while the other agents (who did not want to be named or photographed) did the dirty work of sniffing wireless traffic and breaking the WEP keys.

This article will be a general overview of the procedures used by the FBI team. A future article will give step-by-step instructions on how to replicate the attack.
 

JohnWill

Retired Moderator
Joined
Oct 19, 2002
Messages
106,429
Once again, you didn't read the article, that part is obvious. They used COMMON TOOLS, READILY AVAILABLE, and the complete process was posted there. It's not that difficult, at least for anyone that cares to actually read the article.
 

bearone2

Banned
Joined
Jun 4, 2004
Messages
5,809
a simple task where one agent accessed another machine nearby.

About half a dozen different software tools were then used by the FBI team, and they are listed - along with their download links - at the end of the article. Thankfully, the Auditor's Security Collection, which we reviewed last year, is a live CD that has all of these tools already installed. Even the FBI likes this distribution.
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,647
a simple task where one agent accessed another machine nearby.

About half a dozen different software tools were then used by the FBI team, and they are listed - along with their download links - at the end of the article. Thankfully, the Auditor's Security Collection, which we reviewed last year, is a live CD that has all of these tools already installed. Even the FBI likes this distribution.
What's your point about accessing a "nearby" machine? Machine, access point, wireless router....they're all the same. And it doesn't mean you have to be right in front of someone's house or right next to the wireless device to be exploited. Wireless signals travel a lot farther than many people think. All it takes is a decent antenna to pick up a signal which many think is too far out of reach. And if you think a decent antenna costs a lot which would prevent many hackers from doing this, think again. Look up Yagi antenna and Pringle's can and you'll see a lot of very effective home made high gain antennas.

But hey it's your network and if you think you're secure enough, that's all that matters. But to say the risk you assume is generally acceptable is not being genuine either.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top