1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Secured Wireless Networking

Discussion in 'Networking' started by bleepster, Mar 31, 2008.

Thread Status:
Not open for further replies.
Advertisement
  1. bleepster

    bleepster Thread Starter

    Joined:
    Jun 8, 2004
    Messages:
    545
    I have a question regarding my wireless network at home.

    I am using the LYNKSYS WRT45G Router. I have my PC hooked to it via the ethernet cable.

    I have my XBOX 360 linked to the router via the wireless network adaptor. I have the WPA (I think thats what it was called) encyption set so that no one can steal my signal, and I typed in my pass phrase on my XBOX 360 and all works great.

    again - my PC is NOT wireless - Just my XBOX 360.

    How can I be sure that no one is using my wireless network and stealing bandwidth?

    Is there a visual way to see? if someone is using my wireless network will there be flashing lights on the router?

    thanks for any insight you can offer.
     
  2. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    6,272
    You need to look at the router to see what attached clients are on your router or look at the logs. A good hacker is going to sneak in by observing traffic and masquerading as a known client on your network. There are ways to prevent people from getting much of anything once they are in your network. You can require VPN authentication once a client establishes a wireless connection. You can have a can have people authenticate to your firewall like Astaro. Or you can periodically change your preshared key and/or your SSID.
     
  3. JohnWill

    JohnWill Retired Moderator

    Joined:
    Oct 19, 2002
    Messages:
    106,418
    If you are using WPA encryption and you use a STRONG key, not your dog's name, it's VERY unlikely that anyone can steal your wireless access. A strong key is random number and letters, 20 characters or more.
     
  4. bearone2

    bearone2 Banned

    Joined:
    Jun 4, 2004
    Messages:
    5,809
    as has been pointed out on previous posts, unless someone has the software, time to park in front of your house in the obscure white van, that even wep 64, like i use is pretty safe.

    of course you're pretty safe cuz the pc is hardwired.
     
  5. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    6,272
    WEP isn't as safe as you might think. Even 128 bit WEP isn't safer than 64 bit WEP. The Achille's heal is the 24 bit IV (initialization vector.) Hackers will go after that to gain access to your wireless network. There are known tools out there easily found on the internet which will allow anyone proficient in hacking wireless networks to break any WEP encryption in a matter of 10-15 minutes.

    WPA also has some vulnerabilities. I forget where I read the method of hacking WPA but it's definitely possible. WPA is still pretty secure but to eliminate the remote chance of anyone trying to penetrate your network, changing the SSID periodically will give hackers fits.
     
  6. TerryNet

    TerryNet Moderator

    Joined:
    Mar 23, 2005
    Messages:
    79,612
    First Name:
    Terry
    The way to break WPA is with a dictionary attack. Which is why John always says to use a random (not dictionary or guessable words) passphrase. Or, some say even a good WPA passphrase can be broken with a super computer in about 1/2 year.

    I think changing the key is more effective than changing the SSID.
     
  7. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    6,272
    Here's the article discussing how to crack WPA/WPA2:

    http://www.smallnetbuilder.com/content/view/30278/98/

    You're right about the dictionary attack and the need for long and stron passphrases. But this excerpt is why I said changing your SSID is also an effective measure to cause grief to any hacker looking to get into your network:

    "Since the key is salted with the SSID, it makes sense to change your AP's SSID to render the precomputed hash tables useless (assuming you change it to something non-obvious). This forces the attacker to start from square one by either generating a hash table or using just a straight dictionary attack."
     
  8. JohnWill

    JohnWill Retired Moderator

    Joined:
    Oct 19, 2002
    Messages:
    106,418
    A 20 character random key of letters and numbers will make your network uncrackable for all practical purposes. Nobody is going to spend the months of computing on a single WPA network when there are so many WEP and unencrypted networks to hack. I don't spend any time worrying about my WPA protected network, because it's simply not worth anyone's time to attempt to breech it. I have a WEP network on one side of me, and a totally unprotected network on the other side. I think they're much more tempting targets. :)

    I do have a separate wireless router that's firewalled from the rest of my network for "public" access when someone comes. It's got a WPA key, but something simple that I can remember and quote to allow them access.
     
  9. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    6,272
    Agreed. I have my two wireless networks running in my home network on segregated trust zones all broken off by VLANs and firewalls. I also don't bother to do anything special with my pre-shared key and changing my SSID. If anyone really wants in, they can have in but they're not going to get too far.

    I also do this segregation for virus/malware containment should there be a remote chance there is an infection.
     
  10. bearone2

    bearone2 Banned

    Joined:
    Jun 4, 2004
    Messages:
    5,809
    from tom's guide.

    do you really think someone is going to take the time to access my wep, i don't.

    2. What you Need
    Although WEP cracking can be done from a single laptop, ideally you should have two. One laptop performs an active attack to stimulate data flow so that a sufficient number of packets can be captured in a relatively short amount of time, while the other laptop "sniffs" or captures the traffic produced by the attacking laptop. Figure 2 shows the basic idea.

    You can actually run a WEP crack using one notebook equipped with a single wireless LAN card, but we don't recommend this configuration as a starting point. With only one notebook, its easy to get confused about what you're doing and we've found that the Auditor programs can get a bit unstable when used in this way.



    Figure 2: Two Notebook WEP cracking setup
    Note that using an active attack vs. passively capturing traffic increases your chances of detection. But it can significantly speed a WEP key crack by forcing the generation of more packets than you would normally capture in a short time from a lightly-used WLAN.

    Tip: Although we refer to laptops / notebooks throughout this series, you can also use desktop computers or a mixture of laptops and desktops. However, you may find using notebooks easier due their portability and the wider range of compatible PC Card wireless adapters available.

    Here is a list of required hardware:

    Wireless Access Point - This will be the "target" access point and can be any brand. We used a Netgear WGT624 v2

    A laptop or computer with wireless capability - This will be the "target" computer and it doesn't matter which wireless chipset or card the computer uses. Our lab had a surplus Dell laptop with built-in wireless that worked just fine

    Two 802.11b PC Cards based on the PRISM 2 chipset - Some of the programs (such as Kismet) we use in this series can support a wide variety of wireless cards. But we suggest you stick to using cards based on the PRISM 2 chipset, which are supported by all the programs we will use.

    We used two 2511CD PLUS EXT2 cards. The 2511-CD PLUS EXT2 has two MMCX connectors for external antennas and does not have an internal antenna.These cards are typically found under the Senao, Engenius or Wireless LAN brand names (Figure 3).

    You can also search this list compiled by Absolute Value Systems to find other PRISM 2-based cards.

    Figure 3: Senao 2511 802.11 PC Card

    Tip: We bought most of our wireless gear (cards, antennas, pigtails) from wlanparts.com.
     
  11. JohnWill

    JohnWill Retired Moderator

    Joined:
    Oct 19, 2002
    Messages:
    106,418
    It can be cracked in minutes using common tools. You are living with a false sense of security. http://www.smallnetbuilder.com/content/view/24251/100/

    I don't care a whit, since it's not my network at risk. ;)

    From the article...

    While it's your network, you do people a disservice by recommending WEP when much better options are available on most currently used wireless hardware.

    I would think the example of the many viruses and other exploits that have taken people many man hours to create would have provided the example of why WEP isn't such a hot idea.
     
  12. bearone2

    bearone2 Banned

    Joined:
    Jun 4, 2004
    Messages:
    5,809
    excuse me but it was the fbi and they certainly have more capability than most folks driving by my house who want to see my resume'.

    At a recent ISSA (Information Systems Security Association) meeting in Los Angeles, a team of FBI agents demonstrated current WEP-cracking techniques and broke a 128 bit WEP key in about three minutes. Special Agent Geoff Bickers ran the Powerpoint presentation and explained the attack, while the other agents (who did not want to be named or photographed) did the dirty work of sniffing wireless traffic and breaking the WEP keys.

    This article will be a general overview of the procedures used by the FBI team. A future article will give step-by-step instructions on how to replicate the attack.
     
  13. JohnWill

    JohnWill Retired Moderator

    Joined:
    Oct 19, 2002
    Messages:
    106,418
    Once again, you didn't read the article, that part is obvious. They used COMMON TOOLS, READILY AVAILABLE, and the complete process was posted there. It's not that difficult, at least for anyone that cares to actually read the article.
     
  14. bearone2

    bearone2 Banned

    Joined:
    Jun 4, 2004
    Messages:
    5,809
    a simple task where one agent accessed another machine nearby.

    About half a dozen different software tools were then used by the FBI team, and they are listed - along with their download links - at the end of the article. Thankfully, the Auditor's Security Collection, which we reviewed last year, is a live CD that has all of these tools already installed. Even the FBI likes this distribution.
     
  15. zx10guy

    zx10guy Trusted Advisor Spam Fighter

    Joined:
    Mar 30, 2008
    Messages:
    6,272
    What's your point about accessing a "nearby" machine? Machine, access point, wireless router....they're all the same. And it doesn't mean you have to be right in front of someone's house or right next to the wireless device to be exploited. Wireless signals travel a lot farther than many people think. All it takes is a decent antenna to pick up a signal which many think is too far out of reach. And if you think a decent antenna costs a lot which would prevent many hackers from doing this, think again. Look up Yagi antenna and Pringle's can and you'll see a lot of very effective home made high gain antennas.

    But hey it's your network and if you think you're secure enough, that's all that matters. But to say the risk you assume is generally acceptable is not being genuine either.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/698892

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice