Boat Drinks  

Go Back   Boat Drinks > General > Computer and Consoles

Reply
 
Thread Tools Display Modes
Old 26-06-2007, 00:32   #1
mejinks
Magners
 
mejinks's Avatar
 
Join Date: Jul 2006
Posts: 2,865
Default A word of caution

A friend of mine has been receiving letters from his ISP saying he had been going over his usage blah blah, but he cannot see how he has as he works mostly into late evening and only lightly browses the internet in the night.

I took a look this evening and found he was using his wireless connection for his laptop and everything was dog slow for a broadband line. It would have been slow for dial up standards. I notice the ADSL status light on his Netgear flickering away like a madman, so I think "hello?!?" and dive into the router.

Even though he had WEP set up, there appeared to be a local leech who had sniffed his key and was using his connection to download things.

I've just spent the latter part of the evening removing keyloggers and setting him up on WPA. As his wireless card is from the ark, we needed a trip to PC world to buy a new network card.

I was gutted as this is the first time I have ever seen this, I now realise maybe I should have left everything the way it was and called the police, but alas, alarm bells ringing and hunger made me do some rash decision making and previous experience of the local plod made me nervous.

The moral is, check you aren't on WEP, use WPA as a minimum and if like me you have a decent router, set up internal RADIUS authentication for wireless clients and keep an eye on suspicious things.
__________________

Quote:
Originally Posted by Piggy
HAHAHAHA !!!! .. perhaps I should try my bum instead *ponders*
mejinks is offline   Reply With Quote
Old 26-06-2007, 00:47   #2
Flibster
Moonshine
 
Join Date: Jul 2006
Posts: 3,388
Default

Also, deny all MAC addresses apart from yours.
__________________
Flibster is offline   Reply With Quote
Old 26-06-2007, 04:11   #3
Joe 90
Absinthe
 
Joe 90's Avatar
 
Join Date: Jan 2007
Location: Chester
Posts: 2,345
Default

cables all over the house FTW

no1 can hack my CAT5
__________________
360 Blog | Join GiffGaff | Twitter
Joe 90 is offline   Reply With Quote
Old 26-06-2007, 06:53   #4
Garp
Preparing more tumbleweed
 
Garp's Avatar
 
Join Date: Jun 2006
Location: Hawaii
Posts: 6,038
Default

WPA is still hackable. Sure it'll generally take a lot longer than hacking WEP, but its perfectly feasible. Wireless is insecure, full stop.

If you want to try it for yourself the tools you'll need are right here:
http://www.grape-info.com/doc/linux/...ck-ng-0.6.html

They are *nix based, but you could run them within a cygwin session on a Windows box, and there are almost certainly going to be Windows variants out there somewhere.
__________________
Mal: Define "interesting"?
Wash: "Oh, God, oh, God, we're all gonna die"?
Garp is offline   Reply With Quote
Old 26-06-2007, 10:47   #5
Daz
The Stig
 
Daz's Avatar
 
Join Date: Jun 2006
Location: Swad!
Posts: 10,713
Default

Your router should have a screen to show you.
__________________
apt-get moo
Daz is offline   Reply With Quote
Old 26-06-2007, 10:48   #6
Feek
ex SAS
 
Feek's Avatar
 
Join Date: Jun 2006
Location: JO01ou
Posts: 10,062
Default

A lot of routers have an option to display who is connected - I know mine does, but I can't tell you where. Have a plonk around the front end in a browser and see if it's there somewhere. What router do you have?
__________________
Feek is offline   Reply With Quote
Old 26-06-2007, 10:49   #7
Davey_Pitch
I iz speshul
 
Davey_Pitch's Avatar
 
Join Date: Jun 2006
Location: Liverpool
Posts: 6,296
Default

In your router management there should be a page which shows all connected deviced. For me there are usually 3 - my 2 pc's and my Xbox 360. If I ever saw more than that I'd be checking it out to find out who it is.
__________________

Our deepest fear is not that we are inadequate. Our deepest fear is that we are powerful beyond measure. It is our light, not our darkness, that most frightens us. Your playing small does not serve the world. There is nothing enlightened about shrinking so that other people won't feel insecure around you. We are all meant to shine as children do. It's not just in some of us; it is in everyone. And as we let our own lights shine, we unconsciously give other people permission to do the same. As we are liberated from our own fear, our presence automatically liberates others.
Davey_Pitch is offline   Reply With Quote
Old 26-06-2007, 11:15   #8
Garp
Preparing more tumbleweed
 
Garp's Avatar
 
Join Date: Jun 2006
Location: Hawaii
Posts: 6,038
Default

3 responses in as many minutes... anyone spot a bunch of bored geeks around here?
__________________
Mal: Define "interesting"?
Wash: "Oh, God, oh, God, we're all gonna die"?
Garp is offline   Reply With Quote
Old 26-06-2007, 11:19   #9
CliffyG
Vodka Martini
 
Join Date: Aug 2006
Location: Lower Cambourne
Posts: 576
Default

WEP / WPA doesnt really matter, if they want in bad then they can get in. MAC address filtering helps a little as does not being DHCP'd but these are all easy to get round as with a little packet sniffing and spoofing you'd be in.
__________________
CliffyG is offline   Reply With Quote
Old 26-06-2007, 11:28   #10
Daz
The Stig
 
Daz's Avatar
 
Join Date: Jun 2006
Location: Swad!
Posts: 10,713
Default

Aye, the best you can do is keep out the opportunists, if somebody really wants to get in they can do. There are other ways beyond encryption and access control to 'secure' wireless access, but they're technologies not directly related to wireless, and require infrastructure.
__________________
apt-get moo
Daz is offline   Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 10:34.


Powered by vBulletin® Version 3.7.4
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.