so me and my friend were talking about wireless network pirates. and i mentioned to her that i check the clients table regularly to make sure nobody is in my networks, stealing my internatz.

so on a whim, i decide to check my router to see who's using ... lo and behold theres an unknown third computer there! that irked me, since i took the pains of setting up a fairly useless WEP key, turned SSID off and used a physical mac address allowance table thinger....

so somehow he got my ssid and managed to add his mac address to my mac table... very annoying. anyway i boot his shit off the network and deleted his mac address.

however, i'd like to know how i can figure out who he is (or how to upload copious amounts of gay porn to his computer) if he ever comes back to my network. any thoughts?

you can park your car near a library and have access. I know this dosent help you much but Good luck.

uhh, yeah, your post was totally useless.

Check samba, see if his computer is sharing anything. If it shows up, try logins like "Administrator" and "Guest". Then if his permissions are weak, upload away.

WEP sucks. Use WPA2 if available, although WPA is still better than WEP. If you want a *really* l33t WLAN, set up a VPN server and put the wireless outside the firewall.

hate to ask, since obvious i fail at computers, but why care if someone is tapping from your network? How can it be different then driving to my library branch and tapping there? who cares? annoyed since you are footing the bill?

WEP sucks. Use WPA2 if available, although WPA is still better than WEP. If you want a *really* l33t WLAN, set up a VPN server and put the wireless outside the firewall.

I understood like 3 of the words in that.... and yet I still know what your talking about. I spend far to much time on the intraweb :doh:

128bit wep is usually more than enough. Use a better key. Might also want to make sure it's not one of your computers.

hate to ask, since obvious i fail at computers, but why care if someone is tapping from your network? How can it be different then driving to my library branch and tapping there? who cares? annoyed since you are footing the bill?


It's like traffic on the road. The more cars on it the slower everything goes.

but why care if someone is tapping from your network? How can it be different then driving to my library branch and tapping there? who cares?
i'm not 100% sure on this but let's say the person using your network for access to the internet decides to download a bunch of kiddie porn or partake in any other seriously illegal activities, i'm pretty sure the fbi is gonna go to your house not theirs.

edit: you should have waited to boot them off the network so you could go through their machine first.

edit: you should have waited to boot them off the network so you could go through their machine first.

yeah i was kicking myself after i deleted all their shits.

for now i changed up all my passwords
wep was a typo, im using wpa pre-shared... which only irks me more.

if he shows up on my network again i swear to god i'm going to go door to door in my apartment, baseball bat in hand.

hate to ask, since obvious i fail at computers, but why care if someone is tapping from your network? How can it be different then driving to my library branch and tapping there? who cares? annoyed since you are footing the bill?
As mentioned: what they do on your WLAN is your problem. Porn, illegal activities, etc. But the thing most people are worried aboot is teh "hackarz". Once you're on their LAN, you're behind their firewall, and it's extremely easy to get into their computers (Especially if they're on windows). That can potentially open you up to identity theft and credit card fraud.

WLANs at libraries and hotels are different, they know they're public and most hotels have a disclaimer saying that it's easy for people to "sniff packets" and capture any data while using this network and that they are not responsible for it. But again, if you have a VPN server at your place, connect to that and it's like being behind your firewall. The tunnel between you and your server is secure.

128bit wep is usually more than enough. Use a better key. Might also want to make sure it's not one of your computers.
That doesn't mean it sucks any less. Still easy to break. Passwords suck, keys are only so good.

128bit wep is usually more than enough. Use a better key. Might also want to make sure it's not one of your computers.

both you and aznopoopy clearly demonstrate you don't know shit about wireless networks. normal haxing software can break those keys in minutes, same with mac address acquisition, ssid turned off doesn't do shit, only falsely re-assure you that you are safe. Aznopoopy, google the subject or something and get a real solution. In a few words, get a WIDS and get periodical wireless auditing al least. Oh and check the sidewalk outside your company for any marks like this:

http://www.cs.wright.edu/~pmateti/InternetSecurity/Lectures/WirelessHacks/Mateti-WirelessHacks_files/image005.jpg

hi. im new here! :peace: post 3.

get the fuck out bitch

get the fuck out bitch


:screwyou:

:screwyou:

http://images.quizilla.com/T/Takkeh/1127264181_sandSuchw3.JPG

cdrad...I'm clearly not as well versed in wireless protocols as you are, so I have to ask this question:

If his router is locked down using a list of accepted MAC addresses, how can an outsider gain access. He would have to log directly in to the router, wouldn't he? Or can he some how grab one of the legit MAC addresses and spoof it?

Or can he some how grab one of the legit MAC addresses and spoof it?

Yes he can, it's a sniffing technique which output is then used as a spoofing technique. The attacker gathers legitimate MAC addresses for use later in constructing spoofed frames. The source and destination MAC addresses are always in the clear in all the frames. There are two reasons why an attacker would collect MAC addresses of stations and APs participating in a wireless network. (1) The attacker wishes to use these values in spoofed frames so that his station or AP is not identified. (2) The targeted AP may be controlling access by filtering out frames with MAC addresses that were not registered.

Wow, that sounds really fun. I've read the paper on how you can get the WEP key by having 2 computers outside the network, one queries the AP and the other just listens in and after the first computer makes enough "guesses" at the key, the 2nd computer can deduce it.

I did not know this was possible with MAC addresses, I thought for sure MAC would be harder to get at. Time to shut down wireless, wired FTW! haha

Yeah, that's one way. The other way is to set up an AP that has a stronger signal than the legitimate AP. The targeted station will try to associate with it, the trojan AP, because of signal strength. Without going into details, the attacker can steal the users password, network access, compromise the user’s system to give himself root access. This is called the Evil Twin Attack.

that all sounds like way too much work
this isn't at a company and i do not do internets for a living

plus he hasn't been back
so i think i'll just sit around and do nothing.

Oh so that's your home setup that is being hax0red? still I wouldn't sit and do nothing. Minimally get some Wireless Intrusion Detection System software installed so you are alerted if somebody is sniffing. There are ways around being detected, but if you are a low value target (compared to a company/enterprise), it's less likely you'll atract a hacker that knows the ways around WIDS.

Open WLAN, on a second network outside the firewall, then VPN into your network.

Let's see you try and break that shit, yo.

Dmz

Oh so that's your home setup that is being hax0red? still I wouldn't sit and do nothing. Minimally get some Wireless Intrusion Detection System software installed so you are alerted if somebody is sniffing. There are ways around being detected, but if you are a low value target (compared to a company/enterprise), it's less likely you'll atract a hacker that knows the ways around WIDS.

thank you cdrad

i'll look into getting some WIDS installed.

lolwtf

anyways
I've been "haxoring" someones wireless network at my garage for like a year and a half now, free wireless internet ftw.

for some reason...

when i say, "i will look into getting wids."

i feel like i am saying 'i will look into getting some aids.'

Yeah. Check, just as an example of a low cost simple solution,

http://www.informit.com/guides/content.asp?g=security&seqNum=148&rl=1