Unconfigured Ad Widget

Collapse

Should I be concerned with my wireless network?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • NeoWeird
    Veteran Member
    • Dec 2005
    • 3342

    Should I be concerned with my wireless network?

    I like to do stuff on my own, but this has got me stumped and my googlefu only returns the cliche "zomg ur stealingz my internets!!1!", basic network setups and rhetorical questions about making networks larger and stronger.

    So here's the story. The area around me is sparsely populated. It used to be on my old G network that on good days I could get faint signals from my nearest neighbor only. Well late last year I upgraded to an N network and now I can easily hit 2-4 neighbors constantly, and even up to 6 on good days. My setup is the standard DSL modem/router from Verizon with it's entire wireless function disabled, feeding straight into my Netgear router via cable and running a WEP key encryption.

    I originally setup my network and there was one other network in range running on channel 9 bleeding across channels 7 through 11. So I left my network on it's default of channel 3 bleeding across 1 through 5 to avoid interference. Well the other day I had friends over and we got to talking and eventually it got me wanting to check my setup again. I don't know if it was coincidence or just that I was paying attention now but there was a faint signal running on the same channel I was on. I didn't think much of it and switched channels to get the largest range of uninteruppted frequency. Little less than an hour later this 'new' network signal was on the same channel as me once again. I switch back and they follow. At this point I get their MAC address and deny it through my Netgear router and confirm that my moden/router is not sending out any signal. At this point I reboot my router and modem and go about my business. Several hours later the piggyback network is still off my channel.

    Until this afternoon. They are back on my channel after roughly 5 channel hops across 3 different channels. Their MAC address is blocked and there is nothing in my logs or through my admin utilities to show any unauthorized use as far as I can see. I'd hate to move over to allowing only MAC address' for devices I know because I have people come over with laptops all the time (last night was a small family from my church that had four devices alone that they were using and several others they weren't). So I like the WEP key and giving it only to those people that I know but I can't for the life of me figure out what this neighbor's network is doing following me.

    I'm using Inssider to scan the frequencies and it's giving me a distinct MAC, name, router manufacturer (different from my modem and router), etc. I'd think it might be a ghost of my own if it weren't for such the distinct differences between the two networks.

    What do you computer and network guys think; Should I be concerned?
    quemadmodum gladius neminem occidit, occidentis telum est. - Lucius Annaeus
    a sword never kills anybody; it's a tool in the killer's hand.
  • #2
    CalBear
    Veteran Member
    • Aug 2010
    • 4279

    My advice to anyone using a wireless network: get the hell off of WEP and use WPA-PSK. MAC filtering does nothing. I have broken into my own wireless network when I had WEP mode and MAC filtering enabled (without the intruding PC on the list) and it took no more than 5 minutes. You can easily scan for clients connected to the router, and you can spoof one their MAC addresses. From there, it's just a matter of performing packet injection and using a statistical analysis tool to get the key. I'm not sure you should be worried about what you've been seeing, but WEP is totally insecure.

    WPA-PSK on the other hand, requires brute force dictionary attacks. A lengthy key with various character classes will typically be extremely difficult or next to impossible to crack.

    Comment

    • #3
      nick
      CGN/CGSSA Contributor
      CGN Contributor
      • Aug 2008
      • 19151

      WEP - takes about 5 min to break. MAC filtering - add another 30 sec or so to spoof the MAC address.

      You might want to get a router than supports WPA-PSK/WPA-PSK2, or, if you have multiple computers and a domain, you might want to consider 802.1x, IPSec, and a proper PKI
      DiaHero Foundation - helping people manage diabetes. Sending diabetes supplies to Ukraine now, any help is appreciated.

      DDR AK furniture and Norinco M14 parts kit: https://www.calguns.net/calgunforum/....php?t=1756292
      sigpic

      Comment

      • #4
        us.marshal
        CGN/CGSSA Contributor - Lifetime
        CGN Contributor - Lifetime
        • Feb 2010
        • 218

        Originally posted by CalBear
        My advice to anyone using a wireless network: get the hell off of WEP and use WPA-PSK. MAC filtering does nothing. I have broken into my own wireless network when I had WEP mode and MAC filtering enabled (without the intruding PC on the list) and it took no more than 5 minutes. You can easily scan for clients connected to the router, and you can spoof one their MAC addresses. From there, it's just a matter of performing packet injection and using a statistical analysis tool to get the key. I'm not sure you should be worried about what you've been seeing, but WEP is totally insecure.

        WPA-PSK on the other hand, requires brute force dictionary attacks. A lengthy key with various character classes will typically be extremely difficult or next to impossible to crack.
        Excellent advice. A quick Google search will net you a great instructional website: http://www.practicallynetworked.com/...ess_secure.htm

        Also, when is comes to developing a truly secure key, use a key generator and then substitute a few of the digits to make it your own. Pretty much "hack" proof at that point.

        GRC has a nice key gen located here: https://www.grc.com/passwords.htm
        Go with the 63 character password (Printable ASCII characters).

        Good luck
        I love all things LaRue!
        https://www.larue.com/

        Comment

        • #5
          Exile Machine
          No longer in Business
          CGN Contributor - Lifetime
          • Oct 2009
          • 9551

          +1 on the WPA2. If you want totally secure network, bolt your doors and windows and run Cat-5 cable everywhere. Father-in-law does just that. Won't trust any wireless network.
          Manufacturer of CA AWB Compliance Products from Oct 2009 to Nov 2018

          Comment

          • #6
            JDay
            I need a LIFE!!
            • Nov 2008
            • 19393

            Originally posted by CalBear
            My advice to anyone using a wireless network: get the hell off of WEP and use WPA-PSK. MAC filtering does nothing. I have broken into my own wireless network when I had WEP mode and MAC filtering enabled (without the intruding PC on the list) and it took no more than 5 minutes. You can easily scan for clients connected to the router, and you can spoof one their MAC addresses. From there, it's just a matter of performing packet injection and using a statistical analysis tool to get the key. I'm not sure you should be worried about what you've been seeing, but WEP is totally insecure.

            WPA-PSK on the other hand, requires brute force dictionary attacks. A lengthy key with various character classes will typically be extremely difficult or next to impossible to crack.
            I'd go so far as to use WPA2-PSK and set it to only allow AES encrypted connections, TKIP has been cracked.
            Oppressors can tyrannize only when they achieve a standing army, an enslaved press, and a disarmed populace. -- James Madison

            The Constitution shall never be construed to authorize Congress to prevent the people of the United States, who are peaceable citizens, from keeping their own arms. -- Samuel Adams, Debates and Proceedings in the Convention of the Commonwealth of Massachusetts, 86-87 (Pearce and Hale, eds., Boston, 1850)

            Comment

            • #7
              nick
              CGN/CGSSA Contributor
              CGN Contributor
              • Aug 2008
              • 19151

              Originally posted by Exile Machine
              +1 on the WPA2. If you want totally secure network, bolt your doors and windows and run Cat-5 cable everywhere. Father-in-law does just that. Won't trust any wireless network.
              Smart man, and I'm not being sarcastic
              DiaHero Foundation - helping people manage diabetes. Sending diabetes supplies to Ukraine now, any help is appreciated.

              DDR AK furniture and Norinco M14 parts kit: https://www.calguns.net/calgunforum/....php?t=1756292
              sigpic

              Comment

              • #8
                Satex
                CGN/CGSSA Contributor
                CGN Contributor
                • Feb 2006
                • 3501

                Originally posted by CalBear
                I have broken into my own wireless network when I had WEP mode and MAC filtering enabled (without the intruding PC on the list) and it took no more than 5 minutes. You can easily scan for clients connected to the router, and you can spoof one their MAC addresses. From there, it's just a matter of performing packet injection and using a statistical analysis tool to get the key. I'm not sure you should be worried about what you've been seeing, but WEP is totally insecure.
                5 minutes? I wave the BS flag on that. What did you use to perform the packet injection and statistical analysis?

                Originally posted by nick
                WEP - takes about 5 min to break. MAC filtering - add another 30 sec or so to spoof the MAC address.
                Same as above.

                Originally posted by Comp^2
                WPA2 is the only real way to secure a home wireless network these days.
                WPA2-AES is probably the best way to go nowadays.

                Comment

                • #9
                  Corbin Dallas
                  CGN/CGSSA Contributor - Lifetime
                  CGN Contributor - Lifetime
                  • May 2006
                  • 6245

                  Originally posted by JDay
                  I'd go so far as to use WPA2-PSK and set it to only allow AES encrypted connections, TKIP has been cracked.
                  This is the answer for a secure connection with consumer grade technology.


                  Any to answer Satex, with a highly active connection, one could receive enough information on a WEP to crack it in about 5 minutes.

                  Check into backtrack 4 and read some of the success stories in the forum.
                  NRA Life Member and Certified Instructor: Pistol - Rifle - Shotgun - PPITH - PPOTH - NRA Certified RSO

                  WTB the following - in San Diego
                  --Steyr M357A1 357SIG
                  --Five Seven IOM (round trigger guard)

                  Never forget - השואה... לעולם לא עוד.

                  Comment

                  • #10
                    CalBear
                    Veteran Member
                    • Aug 2010
                    • 4279

                    Originally posted by Satex
                    5 minutes? I wave the BS flag on that. What did you use to perform the packet injection and statistical analysis?
                    The aircrack-ng suite (aircrack, airodump, aireplay) and kismet, along with a good, high powered wireless G device. It seriously only takes a matter of minutes to obtain a key. As was mentioned, it does depend on the activity of the network. If a device is connected to the network and is transferring significant amounts of data, the process is going to be very, very fast.

                    Comment

                    • #11
                      JDay
                      I need a LIFE!!
                      • Nov 2008
                      • 19393

                      Originally posted by Corbin Dallas
                      Any to answer Satex, with a highly active connection, one could receive enough information on a WEP to crack it in about 5 minutes.

                      Check into backtrack 4 and read some of the success stories in the forum.
                      I've done it in less. The point being, WEP is not by any means secure.

                      Oppressors can tyrannize only when they achieve a standing army, an enslaved press, and a disarmed populace. -- James Madison

                      The Constitution shall never be construed to authorize Congress to prevent the people of the United States, who are peaceable citizens, from keeping their own arms. -- Samuel Adams, Debates and Proceedings in the Convention of the Commonwealth of Massachusetts, 86-87 (Pearce and Hale, eds., Boston, 1850)

                      Comment

                      • #12
                        JDay
                        I need a LIFE!!
                        • Nov 2008
                        • 19393

                        Originally posted by CalBear
                        If a device is connected to the network and is transferring significant amounts of data, the process is going to be very, very fast.
                        You just need two wifi cards, one must support injecting packets. This makes it very fast and easy to crack the WEP key on a wifi access point that nobody is even using.
                        Oppressors can tyrannize only when they achieve a standing army, an enslaved press, and a disarmed populace. -- James Madison

                        The Constitution shall never be construed to authorize Congress to prevent the people of the United States, who are peaceable citizens, from keeping their own arms. -- Samuel Adams, Debates and Proceedings in the Convention of the Commonwealth of Massachusetts, 86-87 (Pearce and Hale, eds., Boston, 1850)

                        Comment

                        • #13
                          Scratch705
                          I need a LIFE!!
                          • May 2009
                          • 12530

                          how would i check if others are on my network? through the router or ?
                          Originally posted by leelaw
                          Because -ohmigosh- they can add their opinions, too?
                          Originally posted by SoCalSig1911
                          Preppers canceled my order this afternoon because I called them a disgrace... Not ordering from those clowns again.
                          Originally posted by PrepperGunShop
                          Truthfully, we cancelled your order because of your lack of civility and your threats ... What is a problem is when you threaten my customer service team and make demands instead of being civil. Plain and simple just don't be an a**hole (where you told us to shove it).

                          Comment

                          • #14
                            ocabj
                            Calguns Addict
                            • Oct 2005
                            • 7924

                            If your router has logging, that will give you the information you need to see if any rogue clients have been connecting and using your network (over wifi).

                            Otherwise, you could set up some other mechanism that would trigger some sort of footprint (e.g. a captive web portal).

                            Distinguished Rifleman #1924
                            NRA Certified Instructor (Rifle and Metallic Cartridge Reloading) and RSO
                            NRL22 Match Director at WEGC

                            https://www.ocabj.net

                            Comment

                            • #15
                              JDay
                              I need a LIFE!!
                              • Nov 2008
                              • 19393

                              Originally posted by Scratch705
                              how would i check if others are on my network? through the router or ?
                              In the router's status page there should be a list of remembered DHCP mappings from the clients that have connected. You can also see the connected wireless clients from in there.
                              Oppressors can tyrannize only when they achieve a standing army, an enslaved press, and a disarmed populace. -- James Madison

                              The Constitution shall never be construed to authorize Congress to prevent the people of the United States, who are peaceable citizens, from keeping their own arms. -- Samuel Adams, Debates and Proceedings in the Convention of the Commonwealth of Massachusetts, 86-87 (Pearce and Hale, eds., Boston, 1850)

                              Comment

                              Working...
                              UA-8071174-1