Jump to content
Forum upgrade is live! Read more... ×

Recommended Posts

Turned on my routers wifi and it updated my MS phone apps pretty fast. After this i turned Wifi off for security but it works and it seems very fast.

 

How do you know someone is not using your wifi or hacking into it?

 

 

Share this post


Link to post
Share on other sites

That's what the security is for - as minimum use a WPA2 variant on the router (usually defaults to it). WEP is now next to useless, supposedly can be hacked by a phone based app in barely a minute.

 

If you're real paranoid some routers allow limiting connections based on network Mac ID of the device but then you'd need to add each thing manually.

With my setup, though it's not really security related I've set several of my devices to have reserved IPs - makes it way easier in that I know the phone will always connect on 10.1.1.4 for FTP purposes.

 

Regardless, it seems generic modems don't have very strong antennas. My crappy old DLink would work outside 10 metres away albeit not with the best signal and had configurable signal strength. My recent modems seem to have less powerful signal at a distance and no configuration for the antenna.

 

These days it's like 2/3rds or more of households have a Wifi signal going, so any war-drivers are likely to just scan for someone using no or weaker security.

But for what? It's not like data costs much these days and it's easier to just go to a place with free wifi.

Share this post


Link to post
Share on other sites

I have a Billion 7300gra pretty old now. Seems to be fast.

 

How do you how much data is going through wifi too. I have small quota just don't want too burn through it overnight.

 

It really was amazing the speed ,it was something new to me.

Share this post


Link to post
Share on other sites

If you fashion some aluminium foil into a teepee shape, with a door that's open about 120 Degrees facing into the house that will provide some level of obscurity to attempted access from outdoors. Another piece of alfoil shaped into a sombrero will also help shield access from the roof, as well as improving the ambience within the room.

 

Speed - given most ADSL connections are about 15 mbits/sec or less that comes in under a third of what 802.11g can do, to say nothing of n or ac. The thing is though once you get more devices connected and have LAN type comms going on you can easily max out the bandwidth especially given the hub topology of all the earlier variants of wifi.

 

Quota - it's same as if you were using a desktop with cable attachment. The thing is though with phones you have that annoyance that Apps are constantly wanting to update though I can't imagine a phone with a couple of dozen active apps using more than about 500 Meg per month on updating them.

  • Like 1

Share this post


Link to post
Share on other sites

You can show access logs.

 

A better way is to just check manually. If your phone and computer are the only things using the modem, wired or wireless, then you can check data moved via wifi on the phone itself (presumably), and run netmeter or something to track data used on your desktop. Then compare that to data used via the ISP's loginpage (I prefer desktop gadgets on my second monitor to track it, YMMV).

 

It won't matter if something using it is using it, unless you actually run out of data, and that should be relatively easy to see.

Share this post


Link to post
Share on other sites

Turned on my routers wifi and it updated my MS phone apps pretty fast. After this i turned Wifi off for security but it works and it seems very fast.

 

How do you know someone is not using your wifi or hacking into it?

 

 

 

Use mac address whitelisting ;)

 

I have a Billion 7300gra pretty old now. Seems to be fast.

 

How do you how much data is going through wifi too. I have small quota just don't want too burn through it overnight.

 

It really was amazing the speed ,it was something new to me.

 

Just like Nich said, check the access logs. You could also set up traffic monitoring and just look through that to see who's accessing your internet with (or without) your permission

Edited by SonOfNoddy
  • Like 1

Share this post


Link to post
Share on other sites

Yep.

 

Mac address whitelisting is very easy to bypass if they 'Want to attack you specifically'.

 

But for any wardriver, or day to day schoolyard hacker, it instantly puts you into the 'too hard' basket and they move on.

also, turn off SSID broadcast so you have to type the SSID each time.

 

Its all security through obscurity, which is 'bad' security, but at the end of the day, if you're a 2/10 difficulty, and your neighbor is a 1/10, who's the target now?

 

Mobile data is so common now, very few people break wifi for fun.

Share this post


Link to post
Share on other sites

But for any wardriver, or day to day schoolyard hacker, it instantly puts you into the 'too hard' basket and they move on.

also, turn off SSID broadcast so you have to type the SSID each time.

Hidden SSID presents a different security risk, it's actually better practice to have it switched on.

  • Like 1

Share this post


Link to post
Share on other sites

 

But for any wardriver, or day to day schoolyard hacker, it instantly puts you into the 'too hard' basket and they move on.

also, turn off SSID broadcast so you have to type the SSID each time.

Hidden SSID presents a different security risk, it's actually better practice to have it switched on.

 

 

I'm unaware.

Care to explain quickly?

Share this post


Link to post
Share on other sites

Yep.

 

Mac address whitelisting is very easy to bypass if they 'Want to attack you specifically'.

 

But who would want to attack him specifically? Unless you pissed of anonymous or some mob boss...you didn't, did you?

Share this post


Link to post
Share on other sites

I'm unaware.

Care to explain quickly?

When you have a wifi network saved on your device that has a hidden SSID, your device is constantly announcing to the world that it's trying to find that SSID.

 

As opposed to a broadcasted SSID, which the device will passively wait for.

 

It doesn't make the network easier/harder to break in to, but it reveals information about you. If you had a somewhat unique SSID, it could be used to find out where you live, thanks to all those smart devices revealing physical locations of WiFi networks "to improve location accuracy"

Edited by SquallStrife

Share this post


Link to post
Share on other sites

Think i might turn off my Wifi at night time when i stop using PC for watching DVD's. Being Night time is when most hackers do their dirty work.

 

On my phone i can pick up 3 houses close to me with wifi networks and Telstra Air.

Share this post


Link to post
Share on other sites

Think i might turn off my Wifi at night time when i stop using PC for watching DVD's. Being Night time is when most hackers do their dirty work.

 

On my phone i can pick up 3 houses close to me with wifi networks and Telstra Air.

 

Then use Telstra Air!

Share this post


Link to post
Share on other sites

Mac filtering along with hidden SSID is almost completely useless. Sheesh even Windows 8 and 10 show WLAN networks with hidden SSIDs as available, and cloning MAC addresses is also trivial.

As there are so many apps and programmes out there to get around MAC filtering and hidden ssids it's not even hard to get around them so the obscurity thing is pointless.

The only current decent security is WPA2 with AES (not TKIP) with a decent passphrase. Passphrase should be at least 10 characters and include non-alphanumerics and should not use any proper words or names.

I often use http://www.yellowpipe.com/yis/tools/WPA_key/Generator.php to generate WPA2 keys.

 

You must also turn off WPS on the router as this is also a vulnerability.

 

Also change the password used to log in to the router to stop anyone who is already connected changing router settings.

Share this post


Link to post
Share on other sites

Mac filtering along with hidden SSID is almost completely useless. Sheesh even Windows 8 and 10 show WLAN networks with hidden SSIDs as available, and cloning MAC addresses is also trivial.

As there are so many apps and programmes out there to get around MAC filtering and hidden ssids it's not even hard to get around them so the obscurity thing is pointless.

The only current decent security is WPA2 with AES (not TKIP) with a decent passphrase. Passphrase should be at least 10 characters and include non-alphanumerics and should not use any proper words or names.

I often use http://www.yellowpipe.com/yis/tools/WPA_key/Generator.php to generate WPA2 keys.

 

You must also turn off WPS on the router as this is also a vulnerability.

 

Also change the password used to log in to the router to stop anyone who is already connected changing router settings.

 

 

I use that Microsoft password checker if it comes back as strong then i use that password.

 

What is 'WPS"? . Using a Billion 7300gra .

 

I read the security notes the two passwords are different ,router is harder than WiFi.

Share this post


Link to post
Share on other sites

Wifi Protected Setup - allows automating connection of devices to a router usually by just pressing a single button on each one. But it's a security vulnerability and on some devices can't be disabled.

Share this post


Link to post
Share on other sites

It's a vulnerability but if they have physical access to a home router, there's bigger fish to worry about.

  • Like 1

Share this post


Link to post
Share on other sites

The "delay after failed password" method should be used so much more... just .1 second would make most brute force and dictionary attack methods impractical.

Share this post


Link to post
Share on other sites

Biggest thing here, is not to scare people who are less experienced with this technology (like codecreeper).

This isnt a 'best practice network security' seminar, its a dude with some new tech looking for peace of mind.

 

Look, seriously, as someone who had an interest in 'wardriving' (cataloging open or insecure local wifi) many years ago, there's one thing you learn.

You need to be pretty high on the target list to bother if the access point is 'difficult'.

(I just had to know what was inside "Fucking Piss Tree" ssid......)

 

A basic WPA2 password is enough to deter 90% of 'hackers', if the brute force doesn't get in in the first 1 minute (1 million?) passwords they try, they're off to the next one.

 

a MAC filtering white list, while useless to someone who knows the technology, is 100% effective against Mr School Kid with his iPhone who managed to guess your password somehow.

 

Hidden SSID's are also a great way to ensure passing phones don't list them as 'available'. Most will at least respect they're 'hidden', or at the least, they need the entire scan interval to ensure you're actually there, in my experience it means if you catch your wifi with the last 2 seconds of the 'scan' it wont show if it's hidden.

 

 

Can I spoof a mac address? Yes.

Can I look for hidden SSID's? Of course!

Can I break WPA2? If you have WPS or TKIP, eventually, sure.

 

The question is WHY THE HELL WOULD I ?!?

 

You're instantly a very hard target, with no personal grudge, with probably some slow ADSL connection.

I'm better off getting past McDonalds public WiFi filtering and using their fiber NBN style connection for free.

 

 

Honestly code, Let me give you a real world example:

I have a PirateBox:

https://piratebox.cc/

I live next to a very busy train station.

While there's 10's of 'open wifi' hits from phones doing their 'automatic join if open' trickery, the ammount of data sent, or even attempted to be sent is about 0.

 

5 years ago, when anything more than 100mb on your phone was rare, sure, people wanted your wifi. Now? Its easier just to use your phone!

 

Seriously dude, its hard enough getting windows to file share when you want it to; let alone even bothering to THINK about 'security' beyond a good WPA2 password, and turning off windows file sharing.

Its just...... pointless for a home user.

Edited by Master_Scythe
  • Like 1

Share this post


Link to post
Share on other sites

Trouble with hidden SSIDs M_S is some devices seem to really chuck wobblies about connecting to them.

Mobile phones and tablets seem to be particularly fussy. Perhaps due to the way various manufacturers play with the basic OS?

There should be no reason why this is so but we had a couple of hidden SSIDs at the place I volunteer at just for the "ensure passing phones don't list them as 'available" thing. However this then caused issue with some of our own devices so we reversed the setting.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×