Are home wireless networks really that insecure
Moderator: General Moderators
Are home wireless networks really that insecure
I finally broke down and bought a really nice wireless router and wide area antenna. After getting everything hooked up me and few friend were testing how far we could pickup the signal. I got the router for group of us to use when were down in are village, like at the fire station or at our favorite watering whole! Any way I was wondering if what I was seeing today is a lack knowledge or is it the norm! After getting everything hooked up I noticed (1) other wireless network that was protected with login key like we installed on our wireless network today!
But I also noticed (4) other Linksys Routers that were in our connection range and all of them were open for connections. I mean you could connect and browse the Internet and even see one of their desktops! After seeing that I called another friend that was a friend of the persons computer that was wide open. We spent the next few hours locking down his router and talking and from what he was saying he thought that only his notebook could access the router. At least that is what the sales person told him! So having found this happening with in 4 blocks of my house I am wondering how wide spread this problem really is!
yj
But I also noticed (4) other Linksys Routers that were in our connection range and all of them were open for connections. I mean you could connect and browse the Internet and even see one of their desktops! After seeing that I called another friend that was a friend of the persons computer that was wide open. We spent the next few hours locking down his router and talking and from what he was saying he thought that only his notebook could access the router. At least that is what the sales person told him! So having found this happening with in 4 blocks of my house I am wondering how wide spread this problem really is!
yj
- feyd
- Neighborhood Spidermoddy
- Posts: 31559
- Joined: Mon Mar 29, 2004 3:24 pm
- Location: Bothell, Washington, USA
It's extremely widespread.. people don't know how to lock down their networks, let alone their own computers. Search around for "war driving maps." You should find large areas of many many cities have been mapped telling where "free" jack-in locations can be had, along with which houses and whatnot have wireless networks at all. (Be aware of the laws regarding this in your area however..
)
Personally, I don't run encryption because of the speed requirements our network needs. But, we do MAC filtering, and log the network traffic all the time to make sure it stays locked down.
Some people may choose to leave their routers open and let anyone use their network...
Personally, I don't run encryption because of the speed requirements our network needs. But, we do MAC filtering, and log the network traffic all the time to make sure it stays locked down.
Some people may choose to leave their routers open and let anyone use their network...
Not all the devices on my network even support encryption, and some of the wireless cards we have only support their proprietary encryption and not what the router uses, also speed is an issue (although I would be willing to make the trade off if everything was compatible). Also there is anywhere from 2-5 open networks within range of my house, although the signal strength is poor.
Edit | I wonder if one of those open networks is feyds
Edit | I wonder if one of those open networks is feyds
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
There's (at least) 3 simple steps to securing your wireless network as best you can:
1. Set a WEP Key (usually enough in itself)
2. Allow only listed MAC addresses to connect
3. Turn of ESSID Broadcasting (So you can't scan for it)
There's WPA too but those above 3 are pretty much all you need to be comfortable in your own mind that nobody else is breaking in.
Downfalls to using either one by itself:
Using just MAC address filtering is 100% open to MAC spoofing (scan the area for mac addresses, try setting your equipment to a few that you find and you'll be on the network).
Turning of ESSID broadcasting is only stopping your router from broadcasting it's presence.... you can still hook up to it if you know where to find it.
Really fancy setups using VLAN's and such like so that if someone *does* ever break in they still need to find a way from there onto the VLAN...
1. Set a WEP Key (usually enough in itself)
2. Allow only listed MAC addresses to connect
3. Turn of ESSID Broadcasting (So you can't scan for it)
There's WPA too but those above 3 are pretty much all you need to be comfortable in your own mind that nobody else is breaking in.
Downfalls to using either one by itself:
Using just MAC address filtering is 100% open to MAC spoofing (scan the area for mac addresses, try setting your equipment to a few that you find and you'll be on the network).
Turning of ESSID broadcasting is only stopping your router from broadcasting it's presence.... you can still hook up to it if you know where to find it.
Really fancy setups using VLAN's and such like so that if someone *does* ever break in they still need to find a way from there onto the VLAN...
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
People actually go out and do "Wall Driving".... you take your laptop out in the car and go for a drive, while you constantly scan for networks and see what you can break into very easily.... It's worrying how many huge companies are ignorant about basic security on their networks. I have some DVD called Hackers Exposed or something like that and they show it on there, with some very well-known companies.
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
They call it war driving http://en.wikipedia.org/wiki/Wardriving but yeah I remember back before techtv got overrun by G4, on "the screensavers" kevin rose and that other guy went wardriving and got into a situation that involved climbing a tree to increase signal strength. funny show.d11wtq wrote:"Wall Driving"
QDB provides this warning:
QDB wrote:(Mootar) morons.
(Mootar) these people who live in my apartment complex are connected to my wireless
(Mootar) they must think they're super-cool hackers by breaking into my completely unsecure network
(Mootar) unfortunatly, the connection works both ways
(Mootar) long story short, they now have loads of horse porn on their computer
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
Grim... wrote:QDB provides this warning:QDB wrote:(Mootar) morons.
(Mootar) these people who live in my apartment complex are connected to my wireless
(Mootar) they must think they're super-cool hackers by breaking into my completely unsecure network
(Mootar) unfortunatly, the connection works both ways
(Mootar) long story short, they now have loads of horse porn on their computer
- n00b Saibot
- DevNet Resident
- Posts: 1452
- Joined: Fri Dec 24, 2004 2:59 am
- Location: Lucknow, UP, India
- Contact:
- Maugrim_The_Reaper
- DevNet Master
- Posts: 2704
- Joined: Tue Nov 02, 2004 5:43 am
- Location: Ireland
- n00b Saibot
- DevNet Resident
- Posts: 1452
- Joined: Fri Dec 24, 2004 2:59 am
- Location: Lucknow, UP, India
- Contact:
Maugrim_The_Reaper wrote:Through your insecure network? I hear you can connect to it all the way from Ireland... Interesting wallpaper by the way, does it come in polka dot?Hey! That was my idea! I'm working on it. how did it leak out!