Picking up someone else's internet????

darrenoneill33

Have heard talk about people being able to tap into a neighbours internet? How does this work.
I'm ok, got my own but was wondering could a neighbour be using mine.
I thought you would need some type of password or code to get into someone elses connection.

Enright

i assume that its wireless broadband you are talking about! when a user sets up their wireless router they often for expiedency sake and because it takes a bit of time to set up they omit to secure their network, ie they do not encrypt it. That means that anyone within range with a wireless modem can see and connect to the internet using that connection. If a password is uded, whilst they can still see the broadband connection, they will not be prevented from using it.

nava

darrenoneill33 wrote:

Have heard talk about people being able to tap into a neighbours internet? How does this work.
I'm ok, got my own but was wondering could a neighbour be using mine.
I thought you would need some type of password or code to get into someone elses connection.

Hi

they can pick-up your internet if you have a wireless connection that's not secure, if you have a wireless router make sure you have the Security Mode enable with WPA if available or WEP also enable "MAC Address Filtering" so only the specifed MAC addresses can access your connection.


Regards

Sandwich

It seems quite common to be able to connect to a neighbors router if its a combined broadband/WiFi router. So many people are using no encription at all. How hard it is to break into their connection if they have it protected I dont know.

Also, I think it is illegal to connect to someone else's connection without their knowledge.


I use WEP and and have my router set to only connect to the MAC address of my PC. Is this completely secure as far as someone else using my router?

AFIK "WPA is more secure than WEP" but how much more secure that does mean in practice? My PC WiFi adapter does not a facility to limit it only to connect to the router MAC address so I guess thats less secure. Could someone access my bb connection through my PC's WiFi adapter?

Foxwood

Sandwich wrote:

I use WEP and and have my router set to only connect to the MAC address of my PC. Is this completely secure as far as someone else using my router?

By all accounts, WEP can be cracked in 10 or 15 minutes. You're broadcasting your MAC address all the time, and it's trivial to clone a MAC address, so MAC filtering is not worth the trouble of looking up your MAC address.

AFIK "WPA is more secure than WEP" but how much more secure that does mean in practice?

A lot. WEP is cracked by simply by listening to the traffic being transmitted, and working backwards to recover the key. (a very simplistic description, I know). WPA isn't known to be vulnerable to such an attack. Wikipedia has a good description of the difference.

My PC WiFi adapter does not a facility to limit it only to connect to the router MAC address so I guess thats less secure. Could someone access my bb connection through my PC's WiFi adapter?

Not unless you set your adapter up in ad-hoc mode and allow inbound connections.

Sandwich

Thanks v much. Will switch to WPA. Surprising WEP still seems to be the first option offered when setting up a Wifi component.

Foxwood

Sandwich wrote:

Thanks v much. Will switch to WPA. Surprising WEP still seems to be the first option offered when setting up a Wifi component.

Unfortunately, devices like games consoles often only support WEP, even after all this time. Despite the fact that interoperability and setup is easier for WPA than for WEP. That is only a problem because wireless encryption is either/or - you can't have some devices using WEP and some using WPA.

watty

Mac addresses can be sniffed via ARP packets and then later faked. It is an illusion of security.

128bit shared key WEP is a bit harder to crack. Open key bad. If you can't do WPA, (and incorrectly setup it is worse than WEP correctly set), then WEP is better than nothing.

Also make sure no anonymous shares on any PC and all PCs have good passwords, especially on any administrator accounts and then at least they can only pinch your Internet bandwidth.

Saruman

Lets face it though.. how many people out there know how to crack encryption let alone can be arsed???

I use WEP for no real reason. I just cant be arsed changing it as i do not forsee anyone trying to crack the key!!

Definatly encrypt though.. its more than being able to access your internet... They will also be able to access your computer/s files etc unless you also have that secure.

Maybe if i notice a few more wireless systems in the area but for now im the only one in range.

Smoggy

A freind went on a wifi course and came back saying that WEP is useless , they used 2 programs and with in a matter of minutes they had captured the data and used another program to extract all the info needed such as keys and mac address.

The moral of the story is that any amatuer hacker or someone with limited IT knowledge can bypass WEP quickly making it useless. WPA is the only real solution.

zAbbo

Takes around 10-15mins for me to crack 64bit WEP, 128 slightly harder, as it requires more Unique IV's (over a million should do it)

Usually undetectable passive scanning

Surprisingly easy, and all the information can be found with some google searches.

As said, some devices don't support WPA, so people use WEP instead, those eircom modems are 128bit WEP.

Personally I use 64bit WEP + Mac filtering + Intrusion detection, I know it's not 100% safe, nowhere near it.

Foxwood

Saruman wrote:

Lets face it though.. how many people out there know how to crack encryption let alone can be arsed???

I can think of a 4 word google query that will give you 38,700 web pages that discuss how to crack WEP.

Foxwood

zabbo wrote:

As said, some devices don't support WPA, so people use WEP instead, those eircom modems are 128bit WEP.

I thought eircom gave out the Netopia 3347? The manuall says that the 3347 support WPA-PSK.

watty

I was discussing an expensive security solution about 6 years ago with an IT college. The Administrator claimed the students were not generally clever enough to hack anything. I asked if there was at least one able to do Internet searches and install Linux. He admitted at least half a dozen and bought the system.

Living in an Urban area suburbs greatly increases WiFi risks. ANY form of WiFi should not be used on a network that needs real security. Some people claim WPA can be cracked easier than WEP shared key. WEP "open key" is madness.

You only need a two word search on Google

Watch out for guys in cars pointing Pringle cans at your house

The security problem is exacerbated by the fact that early attempts at encryption were flawed. Wired Equivalent Privacy (WEP) was found to be vulnerable to various statistical weaknesses in the encryption algorithm it employed to scramble data passed over the WLAN. While attempts were made to correct the problem, it's still a relatively simple feat to crack WEP and essentially pull the password right out of the air. In addition, WEP suffers from other problems that make it unacceptable for use in any secure environment.

The wireless community knew early on that these problems existed. However, they also realized that it would take years until the standardized correction was designed and implemented into new hardware. In the meantime, millions of users needed reliable protection. The Wi-Fi Alliance stepped up to the challenge and created an interim "standard" called Wi-Fi Protected Access (WPA).

WPA did an excellent job of patching the problems in WEP. With only a software upgrade, it corrected almost every security problem either created or ignored by WEP. However, WPA also created new problems:

* One flaw allowed an attacker to cause a denial-of-service attack, if the attacker could bypass several other layers of protection.
* A second flaw exists in the method with which WPA initializes its encryption scheme. Consequently, it's actually easier to crack WPA than it is to crack WEP. This flaw is the subject of this article.

WEP with a "shared key", not "open key" *IS* better than nothing or badly setup WPA. But make sure if Wifi is breached every PC etc AND ROUTER needs a non default decent password.

Esel

Is it possible to upgrade a WEP-only router modem to WPA?

aidan_walsh

esel wrote:

Is it possible to upgrade a WEP-only router modem to WPA?

If there is a firmware upgrade that supports it, yes. The encryptions are generally all software based, not hardware.

Esel

Thanks for the quick reply! Will check my model for upgrade possibilities. Are you really 'The Master'?

Sarsfield

watty wrote:

WEP with a "shared key", not "open key" *IS* better than nothing or badly setup WPA.

My router is set to Authentication Type "Automatic" (from a choice of "open system", "shared key", "automatic")

Good? Bad?

Also, if I change my router settings, do I need to change the settings on my laptop & pda?

aidan_walsh

Are you really 'The Master'?

Merely a pretender to the throne.

vimak

if you knew how to secure your wlans i wouldn't be typing this post WPA can also be cracked, so best option for securing the WLAN is to use VPN. However not all boxes support that.

regedit

Hm, my Netgear DG 83G was configured by me to utilise a WEP with an encryption strength of 128 bit! After reading through these posts, it is not very pleasant having to think that someone can hack into the router settings and the PC!
I can see that my router supports VPN so I might give it a go. Partner often works at home from her laptop and she always has to use VPN so it must be the most secure mode out there at the moment!

watty

VPN is only for connecting to a specific server/LAN elsewhere. Not usable to browse internet, nor does it stop someone accessing the Internet via your WiFi/Modem.

I use VPN and simulanously my other WiFi and LAN users can access the Internet in ordinary way. My Internet IP of course changes to that of the remote Network, but the other Wireless & LAN users see no change.

watty

vimak wrote:

if you knew how to secure your wlans i wouldn't be typing this post WPA can also be cracked, so best option for securing the WLAN is to use VPN. However not all boxes support that.

VPN only secures point to point data. It does not affect the WiFi base unit security at all. (Virtual Private Network).

Enterprise WPA is secure, it is doubtful if a consumer WiFi base unit without a Radius server is any more secure in WPA, than in WEP 128bit with a "SHARED KEY"

Ensure the base is in "Infrastructure Mode"/"Airpoint" not Auto
or Ad Hoc.
Ensure you use SHARED key and 128bit if using WEP, and that you actually write down and input the correct length random HEX key (not ASCII).

WPA doesn't work on lots to things. If it is on all your WiFi Clients and WiFi base, ensure that it is setup correctly.

Never leave ANYTHING on "automatic" or with default keys etc.

Write down and change the default password to actually get in to your WiFi. If possible set it that only a LAN connection can change WiFi settings.

Foxwood

watty wrote:

it is doubtful if a consumer WiFi base unit without a Radius server is any more secure in WPA, than in WEP 128bit with a "SHARED KEY"

WEP (even 128bit) can be cracked in a relatively short period of time (minutes, not hours) because the technique used depends on statistical weaknesses in the way the WEP Initialization Vector is created.

The vulnerability in WPA is that it can be brute-forced - you can capture a small amount of header information and then try every possible password to see if you can find the one that matches that particular WPA setup. Even for the minimum 8 character (64-bit) WPA password, that's going to take a long time. For a long password, you're talking years.

Here's an article describing a demonstration by the FBI of cracking a 128-bit WEP session in 3 minutes.

watty

I wonder was that WEP system setup "open key" or "shared key". Shared Key should take hours.

Foxwood

watty wrote:

I wonder was that WEP system setup "open key" or "shared key". Shared Key should take hours.

"Open Key" is more secure than "Shared Key". That's why it was implemented.

(Shared Key uses the WEP key to set up the association between the client and the access point. Open key doesn't).

The attack on WEP is based on statistical weaknesses in the IV. It doesn't matter whether you're using Open-key or Shared Key.

Voipjunkie

vimak wrote:

if you knew how to secure your wlans i wouldn't be typing this post WPA can also be cracked, so best option for securing the WLAN is to use VPN. However not all boxes support that.

No WPA is only crackable by brute force on a weak password with a strong password WPA is perfectly secure in our lifetime.

Esel

Voipjunkie wrote:

No WPA is only crackable by brute force on a weak password with a strong password WPA is perfectly secure in our lifetime.

Define 'our lifetime'.

dub45

esel wrote:

Define 'our lifetime'.

More appropriate question here methinks?

http://www.boards.ie/vbulletin/forumdisplay.php?f=443

antoinolachtnai

Is using someone else's Internet always a bad thing? If it is done in a controlled, secure manner, with the consent of the broadband owner, sharing isn't necessarily a bad idea. That's what FON is about (http://www.fon.com/)

watty

And consent of the Broadband supplier may be needed too.