Unsecured Wireless Networks

[jisaac 0]

[Jasper 0]

Snorting packets, never heard of that term before.

 

Now if I want to every try snort my own packets I at least know what software term to look for.

 

It is amazing what goes on in the networking world. Or the communications world for that matter.

[CCTVcams 0]

i've always wondered about this - using someone else's wireless is the same as spoofing an IP address, right? my mom, a school teacher, has a neighbor who's a registered sex offender and she refuses to let us set up her wireless because she has this fear that she'll receive a report from her ISP showing...uh, how can i put this...extreme acts with children.

 

this must have some complications from a legal standpoint. with the proliferation of wireless, how do you prove who actually visited a site, ran a credit card, etc.

 

from a personal perspective, i always set up the security - even if it is easily cracked. if there's 7 unsecured networks and one secured, why would the hacker even bother? kind of like the principle of locking your car doors, right?

[Thomas 0]

The law on it is less then clear. In some areas signing onto it is treated as "hacking" the network. In other areas it is treated as an open network. It's a problem.

[Jasper 0]

If you setup the wireless security like I did from the link provided to me you should not have a problem. If that is too complicated you can use MAC address filtering which only allow the network cards you specify to access the router.

 

Even if someone was able to access the internet through your internet connection there MAC address (Unique serial numbger of their network card) would show up.

 

Thomas knows networking better than I do so maybe he can comment further on this subject to give you some peace of mind.

[kg6mti 0]

It always amazes me how afraid people are about wireless networks. But then they have no problems going into a store and swiping there ATM debit or credit card to make a purchase. The data from that card transaction may or may not be being transmitted half way around the world through several networks using almost any type of connection such as wireless, satellite, or fiber for example. The transaction may pass thought all kinds of switches, routers, and hubs before reaching its final destination.

 

Moral of the story is no network is secure. Even the US government has been hacked, banks, universities, nuclear labs. If someone wants in they will find a way to get in.

 

The best you can do is put as much in their way as you can. The following are just some examples of what a user can do. The harder you make it for someone to "hack" or use your network without you knowing the less likely they are to even try. A smart hacker will look for a easier target that they don't have to work as hard at. Install firewalls both hardware and software. Refuse anonymous Internet request. If you are using a wireless network turn the broadcast off, enable some type of wireless security (WEP or WPA) what ever the strongest method your network provides. Turn on MAC address filtering and limit the number of users allowed to connect to your router if you have one installed. Turning off the DHCP server in your router and using static IP address is a good idea also. If you are really worried you can run a packet sniffer (http://www.ethereal.com/) from time to time to detect unwanted traffic.

 

Other good practices are install antivirus software and be careful what you download and what website you visit. Use some type spy ware detection and removal tools on a regular basis. Make certain that transactions that you expect to be secure really are by checking the status bar in your browser.

[kandcorp 0]

OK, so what about wireless networks that just utilizes the mac filter and no WEP, radius, WPA, etc. Do you think that it is secure as one just using a WEP? I know it would be better to use both but which one is the most secure, if you were to pick one?

[CCTVcams 0]

Even if someone was able to access the internet through your internet connection there MAC address (Unique serial numbger of their network card) would show up.

 

to the best of my knowledge, web logs typically only record a user's IP address, not an associated MAC address? my brother worked at an ISP a while back - they would receive notification when a user was "abusing" access (i.e., hack attempts, spamming, fileshare servers, etc.) and could easily identify the user based on IP. my point is this has become increasingly more difficult to prove as a user can easily say "oh, that must be someone else using my wireless."

 

kg6mti - couldn't agree more. can't imagine it to be too difficult for a waiter to do a data dump at a popular restaurant. what's even worse is when your CC# and expiration prints on the receipt. but in either case, i'm under the beautiful protection of citibank!

 

personally, i would much rather deal with an issue of identity theft than to be mistaken for a pervert! besides, my major qualm with users accessing my wireless is the reduction in bandwidth!!

[Thomas 0]

MAC addresses are pretty easy to spoof. I would never depend on only one layer of security for wireless.

[Jasper 0]

How are you going to spoof a MAC address unless you are already advanced enough to capture that information out of the air?

 

How do you obtain somebody's MAC address if you don't do it that way?

 

I agree about using as much security as possible when using any network, but especailly a wireless one. I doubt the average pervert spends much time studying networking as they are too busy browsing images, etc. But you never know.

[joe4 0]

How are you going to spoof a MAC address unless you are already advanced enough to capture that information out of the air?

 

How do you obtain somebody's MAC address if you don't do it that way?

 

I agree about using as much security as possible when using any network, but especailly a wireless one. I doubt the average pervert spends much time studying networking as they are too busy browsing images, etc. But you never know.

 

Google ARP. http://www.watchguard.com/infocenter/editorial/135250.asp

 

BTW 99% of ATM, Bank, Local Store, 7-11 have allready encripted your data BEFORE sending it over a public network such as the internet. Credit card companys asume the intnernet is unsecure because it is public and program with that in mind so it does not matter if it goes over wireless.

 

It is a bigger problem that your watier steels the number than a hacker.

[KrCCTV 0]

Funny the Houston cable provider wants to lock them up.

 

http://www.twctheft.com/TypeOfTheft.aspx

 

"WiFi Theft – WiFi theft occurs when someone installs a wireless network in a residence or business location and intentionally enables others to receive broadband service for free over their wireless network.

Interesting - notice the focus on illegaility (if any) is on the intentional sharing by the subscriber and not on the free surfing by the receiving user.

[Thomas 0]

The spoofing of a MAC address is simple. Go into the control panel, system, hardware, device manager and look at the configuration of the of your network card. Depending on your drivers you may be able to tweak it.

 

There is plenty of software out there that makes it trival for even dumb users. How I get another machine's MAC address depends on where I am. The only thing that have the MAC address lets me to is two things. One is kick you off a network and second I can impersonate you on a network.

 

I know I sound pissy on this subject but mostly it's just anger with the IEEE. The flaws in WEP were known before the standard was released but due to pressure it was released with problems.

[Jasper 0]

The spoofing of a MAC address is simple. Go into the control panel, system, hardware, device manager and look at the configuration of the of your network card. Depending on your drivers you may be able to tweak it.

 

There is plenty of software out there that makes it trival for even dumb users. How I get another machine's MAC address depends on where I am. The only thing that have the MAC address lets me to is two things. One is kick you off a network and second I can impersonate you on a network.

 

I know I sound pissy on this subject but mostly it's just anger with the IEEE. The flaws in WEP were known before the standard was released but due to pressure it was released with problems.

 

Are you saying I am dumber then dumb? And don't feel pissy, prissy.

 

What I meant was how are you going to find out another persons MAC address so you can spoof it to gain access to their internet connection through their wireless router? Is a persons MAC address being transmitted through the air so you can grab it to spoof it to gain access to the internet by spoofing their MAC addresses?

[Thomas 0]

On wi-fi networks they are broadcast in the data portion of the packet. (Note that it is sent as plain text if if WEP/WAP is on.) On a router you just do arp -a and it gives a list.

[Jasper 0]

Thanks. That is what I thought, but wanted to make sure.