Kid shouted out that he had my network key

mehmeh12

One of my neighbors just shouted out that he has my wireless network key-im using WPA2 PSK with AES- is it possible to hack this easily?

Karoma

Yes, and I'm not moving away. muhahaha! Got yore key!

GerardKeating

mehmeh12 wrote: »

One of my neighbors just shouted out that he has my wireless network key-im using WPA2 PSK with AES- is it possible to hack this easily?

Depends how strong and/or predictable your password is/was.

No harm to change it.

mehmeh12

GerardKeating wrote: »

Depends how strong and/or predictable your password is/was.

No harm to change it.

63 spaces of upper/lower case letters, numbers and symbols- are there tools to hack WPA2 PSK AES?

i just did a speed test using dublin server and have not got a reduction in speed

Jonathan

Have a look at the DHCP table and see has he got a lease on an IP

Some_Person

Enable MAC filtering, change your key.

mehmeh12

Jonathan wrote: »

Have a look at the DHCP table and see has he got a lease on an IP

Ok i know where i can do that in my router settings-but what does DHCP measure-will it show me all the devices connected to the modem via ethernet and wireless?

also i read somewhere that hackers can hide their ip addresses from DCHP-can someone confirm this?

Jonathan

DHCP is the method by which IP's are allocated to each client connected to the router.

If he is connected, he has to have an IP.

Jumpy

mehmeh12 wrote: »

One of my neighbors just shouted out that he has my wireless network key-im using WPA2 PSK with AES- is it possible to hack this easily?

You have a 63 character key? Thats overkill.

No, he probably has got into another neighbours connection and thinks its yours.

The Muppet

Some_Person wrote: »

Enable MAC filtering, change your key.

If the kid has hacked his wpa key Mac filtering won't be much of a deterrent to him, will it.

Amalgam

mehmeh12, are you sure this isn't just social engineering to give you case of the 'willies'. Maybe the little scrote has someone else's key. He doesn't sound like a Darwin genius, more like Darwin Award.

Why.. if he had the key, would the little turnip tell you.

T-Square

Change your password now.
It is unlikely he has your password,
but to be on the prudent side,
assume he has. So change the locks.

WPA/AES is not currently breakable
WPA2/TKIP is not easily broken by professionals


For WPA/AES the cryptanalysis has been performed,
and the Tews/Becks attack is working,
and some early prototypes have been demonstrated,
but they are far from script kiddie enabled, yet.
It is possible to inject fake ARP packets,
which could result in your packets being sent to all and sundry.

WPA2/AES is the one to chose.

Martyr

if you're on windows..one thing you might want to do along with changing your key and implementing some MAC filtering..

In the list of preferred wireless networks, select properties for your router entry and on the Connection tab, untick 'Connect when this network is in range'

that'll mean having to connect manually each time, but if your router is switched off or not working for some reason and your neighbour sets up his own fake router in proximity of your computer using the same SSID,MAC as your own router. Then he could potentially capture your WPA key or keys to other networks.

it wouldn't matter how large the key is, since it's the hash which is passed to the router anyway, once he has the hash, he doesn't need anything else.

if i'm not mistaken it's possible to de-authenticate the client from the router, perhaps DoS the router using CTS (Clear to send) packet, while the client authenticates on the attackers router?

kid's probably just joking anyway..but you never know.

dub45

Mehmeh you are so paranoid about wireless security it really is ridiculous at this stage.

If you are so worried why not connect by ethernet? And if that is not possible then use the plug solution. (http://www.netgear.co.uk/home_powerline_adapters.php)

How in God's name could he identify you as owning a particular wireless network?

MunsterCycling

Could have his address or house number as the SSID :rolleyes:

mehmeh12

Martyr wrote: »

if you're on windows..one thing you might want to do along with changing your key and implementing some MAC filtering..

In the list of preferred wireless networks, select properties for your router entry and on the Connection tab, untick 'Connect when this network is in range'

that'll mean having to connect manually each time, but if your router is switched off or not working for some reason and your neighbour sets up his own fake router in proximity of your computer using the same SSID,MAC as your own router. Then he could potentially capture your WPA key or keys to other networks.

it wouldn't matter how large the key is, since it's the hash which is passed to the router anyway, once he has the hash, he doesn't need anything else.

if i'm not mistaken it's possible to de-authenticate the client from the router, perhaps DoS the router using CTS (Clear to send) packet, while the client authenticates on the attackers router?

kid's probably just joking anyway..but you never know.

So what your saying is that my computer might succumb to a evil twin attack?

mehmeh12

mehmeh12 wrote: »

So what your saying is that my computer might succumb to a evil twin attack?

If this is the case then whats stopping my pc from connecting to a identical fraud network-if the fraud network has the same ssid and mac address how will my pc know the difference between the real network and the fake network?

sharky86

T-Square wrote: »

Change your password now.
It is unlikely he has your password,
but to be on the prudent side,
assume he has. So change the locks.

WPA/AES is not currently breakable
WPA2/TKIP is not easily broken by professionals


For WPA/AES the cryptanalysis has been performed,
and the Tews/Becks attack is working,
and some early prototypes have been demonstrated,
but they are far from script kiddie enabled, yet.
It is possible to inject fake ARP packets,
which could result in your packets being sent to all and sundry.

WPA2/AES is the one to chose.

http://blogs.zdnet.com/BTL/?p=23384

Martyr

mehmeh12 wrote:

So what your saying is that my computer might succumb to a evil twin attack?

if 'Connect when this network is in range' is ticked, windows from what i recall will send out probes every interval checking if that wireless network is available.

there's usually no level of trust between the client and access point, you can only assume it's the correct AP based on SSID that you and the computer see.

the malicious router would just accept any key you supply then drop the connection.

i can't recall if it's only routers which listen to the CTS (Clear to send) command or clients too, but it might be possible for the malicious router to ignore CTS and accept incoming connections from clients anyway.

mehmeh12

Martyr wrote: »

if 'Connect when this network is in range' is ticked, windows from what i recall will send out probes every interval checking if that wireless network is available.

there's usually no level of trust between the client and access point, you can only assume it's the correct AP based on SSID that you and the computer see.

the malicious router would just accept any key you supply then drop the connection.

i can't recall if it's only routers which listen to the CTS (Clear to send) command or clients too, but it might be possible for the malicious router to ignore CTS and accept incoming connections from clients anyway.

so basically what your saying is that if i dont have some method of authentication like a PEAP server or RADIUS server, then my pc cannot tell the difference between a real or fake access point-annoying because i am just a home user who doesn't have access to said authentication methods

Martyr

wouldn't matter if you were using PEAP/RADIUS unless you were validating the server certificate with Trusted Root Certification Authority - something which individuals or organisations rarely do.

mehmeh12

Martyr wrote: »

wouldn't matter if you were using PEAP/RADIUS unless you were validating the server certificate with Trusted Root Certification Authority - something which individuals or organisations rarely do.

ok fine so how to i prevent evil twin attacks on my wireless network?

cpu-dude

mehmeh12 wrote: »

One of my neighbors just shouted out that he has my wireless network key-im using WPA2 PSK with AES- is it possible to hack this easily?

I'm sorry but I just had to comment on this thread, it's getting silly at this point.

Here OP, if some kid can crack your WPA2 PSK with AES protected network and it's 63 character upper and lower case key - then I quite like to meet him because he's an absolute genius. That feet would take painstakingly long or be near impossible. The odds of it are way too low.

Second of all - I have your wireless key - believe me? Don't believe everything you hear, especially from some kid.

Thirdly - kind of off topic, even if your network was hacked, a reduction in speed wouldn't necessarily indicate it. The only way would be to check the DHCP Table on your router interface.

Finally, don't be so paranoid, it's just broadband - I'm 100% nobody's hacked your network. I've hacked a few networks in my day before (pure bordom and a handy brute force application on an idle PC) and nowadays, with some many networks around... if I don't see an Eircom WEP network or an Open one, I leave it be. Why? Because theirs wireless everywhere, people use their own too.

PS: MAC filtering and WPA-PSK is perfectly secure... jasus even MAC on its on is (people connect and think great but don't get the BB so give us quick because they think it's down).

FruitLover

cpu-dude wrote: »

jasus even MAC on its on is

If someone is going to have a go at cracking WPA, they'll probably also be willing to try MAC spoofing.

jetski

In simple no he hasnt. hes winding you up.

take off ur antenna, enable mac filtering, change its subnet and turn off DHCP then finally change ur key or just chill out.....

cpu-dude

FruitLover wrote: »

If someone is going to have a go at cracking WPA, they'll probably also be willing to try MAC spoofing.

Agreed, but my point was to show that in Ireland of all countries, we don't need to hack wireless networks.

Sure Eircom have over 676,000 DSL customers now - http://www.eircomwholesale.ie/broadband/default.asp

mehmeh12

Jonathan wrote: »

DHCP is the method by which IP's are allocated to each client connected to the router.

If he is connected, he has to have an IP.

Is seeing unknown DCHP an absolute definite sign of a hacker- can IP's be hidden by a wireless hacker? yes i know im crazy-its Ethernet for me

dub45

mehmeh12 wrote: »

Is seeing unknown DCHP an absolute definite sign of a hacker- can IP's be hidden by a wireless hacker? yes i know im crazy-its Ethernet for me

Hallelujah!:rolleyes:

PogMoThoin

Paranoid thread of the year,
Just change Your encryption key and forget it, FFS

FruitLover

mehmeh12 wrote: »

Is seeing unknown DCHP an absolute definite sign of a hacker- can IP's be hidden by a wireless hacker?

An unknown host in your DHCP server's lease table would be suspicious.

To answer your second question: there's nothing to stop an attacker using a static IP once they know your network range. A better place to check would be the router's ARP table (and even this won't help if they're using MAC spoofing).

consultech

All the relevant advice has been given already, easily fixed.


lol how times have changed: In my day we used to do knick knocks and cycle-by calling people ****!