I've been researching the term War Driving. It’s when someone gets in their car and brings along a computer or other wireless device that can pick up signals from people's wireless routers. They drive down streets mapping the places that have a strong unprotected connection. They can even use protected connections with a little hacking skill.
I was just wondering if your wireless router is protected enough from a "War Driver" attack.
The problem is that a lot of people don't change their router from default settings (no encryption, no password for web interface). I'm using WPA2 encryption with a very long pass phrase, and DHCP is turned off. I'd say that this is fairly secure
Speaking of Wardriving, I found the tutorial at http://www.howtoforge.com/wardriving_garmin_kismet_gpsdrive_ubuntu quite interesting.
I just got rid of my router a couple of weeks ago, i no longer had a need for the wireless connection I don't think that would be a problem in the town i live in
no, because I don't feel like putting password in all my computer. If someone come over with a PSP or a laptop, they can go online to.
Do you know if a "War Driver" uses your internet connection to do something they shouldn't be doing, your held accountable because its your IP address that they used.
If I were you I would set a password and just tell your friends it when they come over to use your internet. Thats the safest way to go.
Here is a video from YouTube describing "War Driving": http://youtube.com/watch?v=sMFpvJ1WUew
wow, I never know that, I guess I better set a password to the network.
To start with, my router is at the back of the house. This means we can get medium reception in the back garden but at the front outside, none at all. Then the SSID isn't broadcast so they'd need to know that obviously. Encryption is just standard WPA, nothing special but should be secure enough. A small thing but it only takes 802.11g, so anyone trying this with an old 802.11b device will have no luck. Like Dan, DHCP server is off so they'd have to manually set their details to accommodate the network (after guessing at the subnet scheme used and the IP of the router), and also with the subnet, if we are all currently on (which is often), there wouldn't be any free IP's for him/her to use.. Lastly, wireless access is only allowed for certain defined MAC addresses, so unless they steal and use one of our own adapters, we are also safe here.
I'm secure enough for where I live. If we moved to somewhere more urban I might like a little more security.
Apart from Billwaa here who has just admitted not having a password, I don't think I know of anyone who doesn't have some security at least. The basic setup programs you can get with routers now for n00bs include setting a password. Anyone else use an un-secure wireless connection?
I think most people just take their routers out of the box without setting it up thinking nothing is going to happen. Hey, if it works then I’m happy. To start with, my router is at the back of the house. This means we can get medium reception in the back garden but at the front outside, none at all.[/quote]
Believe it or not, the farthest WIFI connection ever made was 310 km apart. With the right equipment they can so anything.
That’s one of the best ways of keeping people off your network. For example, when you use the internet feature on your PSP, it scans for routers that broadcast their SSIDs. If the router doesn't broadcast its SSID, the network is basically invisible to people that don't know it.
That's the best way to protect your network. Every WI-FI or internet-enabled device has a different MAC address. You can setup your router to just let certain MAC addresses access it.
Just don't rely solely on MAC filtering. My school had a network that relied on MAC Filtering (it wasn't encrypted or anything), and it is easily bypassed using a Linux PC. A utility called 'Kismet' can easily show you all the MAC addresses in use on an unencrypted or WEP network. Then, using information found on on Wikipedia, we were able to change the wireless NIC's MAC address to one obtained via Kismet
Note that this is only if you rely solely on MAC filtering. If you're using it as mathiaus is, you'll have no trouble
It would still take about 400 years to crack it
WPA, unlike WEP, uses dynamic keys based on the pass phrase you specified. So, the key used is always changing. Sure, someone could try to brute force the key of one packet, but it would be useless
I use old TP cables
It would be really nice with wireless LAN, but sadly I´m not good enough at making it safe. So I prefer not using it at all.
But sooner or later I guess I will have to learn how to configure a wireless LAN in a safe way.
Anyone have some good links how to do this?
The one Daniel15 provided only seemed to explain a wardriving software.
Here is a good site listing the best ways to protect your network:
My wireless network is as secure as possible. It uses WPA2 encryption, has mac filtering enabled, DHCP disabled and a completely random password using both cases of the alphabet, symbols and number. I doubt it will get hacked
Another way to get onto a network that filters mac addresses is to use ipconfig /all, then use a program to spoof your mac address.
Okay, I understand how WEP keys work (only a static password) but how does WPA2 work? How do your devices know the changing passwords?
My network just has basic 64 bit WEP encryption to prevent people from mistakenly using my internet. I'm sure anybody could break in, hell the password is just my name...
What I really want is some tools like Kismet, Airsnort and the likes to run on Windows. I have BackTrack network tools but I want it all to run on Windows, if anyone has any ideas PM me please!
Has anyone ever seen a tool to moniter if people are using your router other then the logs?
exactly, people dont know the dangers of not protecting the network. if someone came along and decided they wanted to try hacking some government website, its you who would take the crap for it.
there are tools like kismet and aircrack, designed for cracking a WEP network, which analyse packets of data being sent. i think they also give u MAC addresses. if theres a MAC address thats on ur network, but isnt one of urs then u found someone using ur network.
i did get a router, but it was slow as anything. i was getting d/l speeds of 5-6kbps, whereas with the standard Cat5e cables i use i get speeds ranging between 100-255kbps.
I've covered all those points. On point 2, I was also able to disable wireless access to the admin panel so they would need to wire up like myself to change settings.
This is what I like about normal routers. You can change all sorts of settings. I've setup broadband for family and friends before now and the routers that come with the packages let you change the bare minimum which is bad as it reduces security and actually allows for their service to be abused.
I did not know that... my ISP called me and told me that they had complaints of virus's coming from my I.P
or something like that...
they came over and looked through it and found that it wasn't me and that i was a victim and they told me to put some antivirus and firewall software on it and to protect my connection
I don't have a wireless router and have no plans to get one given the present problems associated with them and my present lack of need for one.
I use WEP encryption
I have MAC authentication
I have hidden SSID
I use DHCP server
I use WEP encrption on my router, with long authentication key, but still someone with good hacking skills can hack any network they want. On the street signal is extremely low, and only sometimes available in good weather...
Anyone with a strong WiFi receiver could pickup your signal from almost a mile away with the right equipment.
Myth! This is actually the worst way to protect your network (other than no protection at all). All packets which pass through the wireless network will have their MAC address contained in them. A beginner hacker could simply sniff packets, find the MAC address, and then change the MAC address of his computer to the right one, easily accessing the network.
WEP is a first-generation security protocol. It has a good cipher, but the implementation is really bad. A hacker can break WEP security.
WPA, on the other hand, is some nice security. Use that.
I guess MAC filtering can discourage the hackers to stop hacking your network. It’s good to have as much security measures as possible in place.
Ok, I wont go into detail for fear of gettin in trouble. But from what I "hear" it's fairly easy to find un-secure wireless and hack somone's network...Come on now...It's a direct connection to inside the network with YOUR laptop...
How easy is that...
BTW: In my opinion there is no such thing as wireless security...Be WPA, WPE or WPA2, Both keys can be cracked in seconds...
If you want wireless with the BEST SECURITY, Use infared. That way no one outside your house can hack anything, and on that note they would almost have to break into your house to access your wireless....This is assuming the signal doesnt leak out a window or anything of that sort...
Infrared is extremly slow, and would need a direct link though. If your going to do that you might as well just use plain ethernet.
My spin of all of this is that the average user isn't going to use your open wifi for malicious purposes, but if you store personal information like social security numbers or work information then your network should be locked.
If you only use it to surf and never purchase anything or store personally identifiable information - then there really isn't a reason to worry. If someone does do something from your wifi such as hacking and you are blamed for it, law enforcement has ways of determining if the hacking took place on your computer or another one that remotely connected to the network.
Just go with your gut feeling and by how you use the net.
We may be getting a router sometime, and when we do it'll be locked ten ways to sunday because we sometimes do online banking.
I have a few questions. First, isn't a MAC address a physical address stored on that device; how is it changeable? Another question I have is about legal issues. Is it illegal to use unprotected networks to browse the internet?
Although it's not meant to be changeable, it can be changed. These days, network cards have flashable firmware. Since the MAC address is in the firmware, someone can just edit the firmware image, and the network card would use the new MAC address.
Additionally, a lot of network cards allow the MAC address to be changed via the driver (this is only effective until you reboot).
On Linux, you can change it by:
On Windows, some network cards support something similar (eg. the Realtek RTL8139 I have supports it). Go to Control Panel --> Network Connections. Right-click on "Local area connection", and choose Properties. Next to the network adapter's name (at the top, under to "Connect Using"), click the "Configure..." button. On the Advanced tab, there's a property called "Network Address". Change this to whatever MAC address you like.
See the Wikipedia MAC address article for more information
It's a bit of a grey area... Is it legal to walk into someone's house if the door is open?
As far as I know, using an unprotected network is legal, as they're allowing access to their network.