|
Technology and Internet Emerging and current tech related issues. Internet, DRM, IP, and other technology related discussions. |
|
Thread Tools | Display Modes |
#1
|
||||
|
||||
wifi being "hacked" problem
my son is telling me one of his friend's keeps hacking our wifi and slowing his connection speed down while gaming, forcing him to constantly reset our wifi router - i barely know enough about wifi and computers in general to get myself into a lot of trouble lol. when i asked how he could be hacking our wifi, he says his friend is getting his IP address and then hacking it that way.
we live out in the country, on 2+ acres of land, and there's no way it's being done from a "skimmer" or something like that physically close enough to access. i'm assuming it's possible to hack the wifi remotely, but if this is happening as our son is saying, exactly what access could he be getting? and how do i prevent this from occurring? i always thought that as long as you kept your SSID name private and your password strong, you were pretty safe. i have a private SSID (you have to know the name and manually type it in), and my password was a 57 character randomly generated password, so i always thought i was pretty secure. thank you in advance for the help! |
#2
|
||||
|
||||
So why is’nt your son hacking his buddies wifi?
__________________
Some say that he once mooned two prostitutes just for a round of drinks, but wasn't surprised by the reply......They call him, the Hutch Some say that he rode a dirtbike 7k miles across the country and that he once applied Bengay to his own testicles for a mere $50............They call him, the Hutch -Top Gear http://media.liveauctiongroup.net/i/...CCAB7CE8D70F60 |
#3
|
||||
|
||||
Your son's speculation is baseless IMO.
If your password is strong, and son didn't leak it, it's secure. It is possible to do a deauthentication attack without password, or jam, but really unlikely. You may have internet, wifi, or other issues, but jumping to hacking is almost always jumping the gun. |
#5
|
||||
|
||||
Make sure your router is up to date with its firmware and use WPA2 with AES.
And if you are compromised, it may not have anything to do with Wi-Fi. Check to make sure the router's username and password are complex and not open for remote login. If rebooting the router clears it, may be a channel issue. Check which channels you are using for Wi-Fi and if any other devices in the home or area are on the same channels. The frequency used for Wi-Fi is free to use, so other devices use it as well. I would also lock down Wi-fi access via MAC addresses or use certs. But I do not know if consumer devices allow it. |
#6
|
|||
|
|||
His friend isn't "hacking" your wifi. What that "friend" of your son is doing, is that he is able to obtain what the IP address of your router (most likely because your son is playing on a server hosted by this idiot) and this fella is launching a Denial of Service attack on your IP address. Basically flooding and bombarding your router with tons of zombie attacks, causing it to slow down.
If you son know who this person is, make a police report. And tell your son to stop playing games on other people's hosted server or visiting questionable web sites. |
#7
|
||||
|
||||
Quote:
|
#8
|
||||
|
||||
Watch 2-4 videos on your router on YouTube
Connect to your router Set up a new admin password to the router Install updates Set up a new Wi-Fi name & password Set up guest Wi-Fi name and password - guests cannot connect to other devices on network and more Take son’s device from him Go into another room. Enter the Wi-Fi & password for guest account into sons device. Return it to him. Now he can use Wi-Fi and cannot give out the password. Decide if you want to use parental controls on guest Wi-Fi network What sites to block Generate a report of all sites visited Set a Time or use on the guest network. Sunday night - Thursday night - shut off Wi-Fi access at 10? 9? 11? Post a list of sites visited on fridge from guest network You will also learn to see what devices are on or have attached to your network.
__________________
Rule 1- ALL GUNS ARE ALWAYS LOADED Rule 2 -NEVER LET THE MUZZLE COVER ANYTHING YOU ARE NOT PREPARED TO DESTROY (including your hands and legs) Rule 3 -KEEP YOUR FINGER OFF THE TRIGGER UNTIL YOUR SIGHTS ARE ON THE TARGET Rule 4 -BE SURE OF YOUR TARGET AND WHAT IS BEYOND IT (thanks to Jeff Cooper) |
#10
|
||||
|
||||
Quote:
It's pretty difficult to (D)Dos as connection without an underlying service to attack. |
#11
|
||||
|
||||
Untrue. A "loaded" TCP SYN packet is 40 bytes without any ACK or handshake, and with window and MSS sizing.
If you can generate on the order of 1000-10000 packets per second you can overwhelm most home routers. It's not completely resource-free to drop a packet, it still takes a quantum of CPU and memory to dispatch it to the proper queue. |
#13
|
||||
|
||||
Quote:
|
#14
|
||||
|
||||
A SYN flood works in three ways: if there is a listening service, ACKs/RSTs can consume upstream bandwidth. Secondly, if the device is NAT'ing, and packets are inspected at the FORWARD stage, the severity of the flood can outstrip the NAT table. Thirdly, even with both prior cases unavailable, the SYN flood can consume the incoming connection buffer or even cause spurious system interrupts on a non-ASIC PHY (software TCP, non offload) to peg the system CPU.
Even worse is a UDP flood on a home router that will send ICMP unreachable on return. That's a guarantee to flood the outbound pipe. Last edited by Robotron2k84; 07-31-2019 at 6:06 PM.. |
#15
|
||||
|
||||
I agree it is a denial of service attack, no one is hacking the router. All you can do is ask the ISP to block the DDOS traffic before it reaches you. And they probably won't help you but it doesn't hurt to ask. If they are willing, they can identify the type of traffic, the source, and then drop packets from that source upstream so it never hits your pipe.
Last edited by SkyHawk; 08-01-2019 at 8:31 AM.. |
#16
|
||||
|
||||
A miles is 640 acres, and cantennas have a range of at least 1 mile+...
Agreed reset SSID and passphrase, then create a guest SSID (almost all modern consumer routers have this "guest" feature) for your son, and give him his passphrase to only his SSID, only to change it on a regular basis. This also helps when my son does not do his chores, I can disable "HIS" SSID, and mine runs fine. My daughter has her own to so I can disable if abused, or caught late at night watching Youtube makeup videos, or whatever, independent of mine and his... Additionally, if being disassociated, try changing this to a valid MAC (anything that starts with 00, and is A-F and 0-9 seems to work for me, as long as chars aren't repeated, it seems), until you get a different IP via "ipconfig /release", then "ipconfig /renew": (000000000001 didn't work.) This MAC change does not guarantee it won't be changed on an attacker's side to include the change, but he can't know what specific MAC your son is using at that moment, just that it is an active on your ESSID: Not my captures, but a screen-scrape I found real quick, and as you can see MAC filter's are of no use, in any way, shape, or form, they are all listed under BSSID, and the associated ESSID to the right. This can be done in a VM, or a natively running a FREE Linux distro, freely. All one has to do is plug the BSSID as their own MAC in the 1st screen(scrape), and one bypassed MAC filtering, that easy, and natively supported in modern OS's (well drivers actually?), even the current 1903 build of Windows 10, OOTB! If you think "friend" is getting on your network, what I have done in the past, and currently for most of my used devices is to give them reserved IPs, so they always get a low number in the 4th octet (say 192.168.1.[2-200]), and DHCP gives out the higher IPs (say: 192.168.1.[201-254]), if you want to go this route... I am not sure it is much of a "security thing", but you will know what is pulling DHCP, separate from "your" regular-stuff as just another "layer" for manual filtering/weeding, and it might be more noticeable if something is pulling DHCP against your will... (but won't help if they spoof a MAC). Personally, I don't use 192.168.x.1 as my router's address, in case someone gets on, they can't get out to the Internet if they don't use DHCP, by default, so they have to pull DHCP to get out, if they crack into my WiFi, if not MAC spoofing. My TVs I run wired Ethernet (where possible, but the danged new Roku's don't have a wired port anymore, the bastages). Last edited by the86d; 08-02-2019 at 4:32 AM.. |
#17
|
||||
|
||||
Quote:
Never was a network admin ... Last edited by Librarian; 08-02-2019 at 9:38 PM.. |
#18
|
||||
|
||||
if he believes someone is using his wifi. easy fix.
just turn it off for a couple hrs. gamer gets the bill for losing the game. and do to his failures no one will play with him.
__________________
big gun's...i love big gun's |
#19
|
||||
|
||||
MAC filters work best as outbound filters in the firewall (if your router lets you do this). MAC filtering by DHCP gets you to an IP mapping, but either can be changed. Traditional MAC filtering works by denying a DHCP request, ignoring a MAC on the PHY, or by black-holeing it as an ARP table entry.
Once you whitelist ethers in your outbound firewall tables, only those devices can talk to the internet. Someone would have to know a legal device MAC to challenge this, which is much more difficult than just randomly changing their own MAC. |
#22
|
||||
|
||||
Quote:
It was bad. EDIT: ...and he now denies this fact... Assuming you are not being facetious, and I have never read a discussion on this, just had conversations among people, what they have done on their home routers, things I ran into, and what some did/do at work: DHCP only hands out 192.168.1.[201-254], once set like this. Reservations let devices always get the same IP via DHCP (same a statically putting them in, but the router just always assigns the same ones for that MAC), 192.168.1.[1-200]. When "tinkering" back in the day... one could always assume the router's IP is the lowest number (192.168.1.1, or 192.168.0.1). If you were jumping on... "other network", if using an IP you plugged manually you would use something like (probably safe to assume "other network" has 50 devices MAX) 192.168.1.61, with a netmask of 255.255.255.0, the router would use is 192.168.1.1 (DNS, DHCP and gateway), as few people change it. If someone tries this, and doesn't pull DHCP, they can't get out to the Internet, if your router isn't set to 192.168.1.1. Wrong DNS, wrong Gateway, only local traffic to that subnet. If MAC is still pulling DHCP, but "son's" MAC has already been changed, you can see it easily in the current leases, or filter for no internet traffic for this IP. Last edited by the86d; 08-05-2019 at 4:27 AM.. |
#23
|
||||
|
||||
What works for me? My router is set to block any new connection. My phone, iPad and X10 controller are all known WiFi devices. TV, PCs and Logitech Duet are all wired.
A friend came by with their Portable to fix a few things. Gave it the router WiFi password but still could not get out. Then I remembered I block new connections. Unblock the new IP and we were fine.
__________________
#NotMyPresident #ArrestFauci |
#24
|
||||
|
||||
Quote:
|
Thread Tools | |
Display Modes | |
|
|