Jump to content
The mkiv Supra Owners Club

If my wireless router is insecure - what can people really do?

DaveK

By DaveK
in Off Topic

 Share

Recommended Posts

DaveK Newbie

DaveK

Posted
Posted

My company is "upgrading" our home internet connections. As a result, we are being given new wireless routers. In their infinite wisdom, they have locked the configuration, we are forced to use the new router (because they've changed the login details and won't tell us what they are), and they have not made the router very secure at all (no MAC filtering, broadcast SSID, WEP etc.).

 

So - what I want to know is - if somebody does hack in to the wireless connection, what does it mean?

 

Does it mean that they can simply use my ADSL connection? Or - does it mean that they can also :

 

- see what's on my laptop

- Monitor (and understand) the transferred data

 

I'd hate to think that somebody could see me logging into my bank.

Link to comment
Share on other sites
chilli Newbie

chilli

Posted
Posted

FYI mac filtering and broadcast SSID provide no real security at all - that's a common misnomer

 

if someone hacks your wireless, they will be able to read all the traffic on it (and inject new traffic of their own!)

 

if you do any online banking, there is a real risk there also

 

one of the biggest issues is that someone who knows what they are doing can then use your equipment as a stage to attack something bigger, with no comeback on themselves - all traces will lead back to you ;)

 

apart from that, not much :D

Link to comment
Share on other sites
chilli Newbie

chilli

Posted
Posted
Doesn't SSL provide additional security for sites like banks though? So even if they were monitoring, they still wouldn't be able to understand it?

 

absolutely. it's unlikely anyone would attempt or succeed in cracking ssl, that's designed to be secure over a public network therefore it doesn't need additional encryption to make it secure.

 

but it's about the weakest link, if the security on your machine or network isn't spot on then the idea is to get some backdoor installed on it, keyloggers etc can capture your login details and enable a hacker to use your account without even worrying about ssl. Also a lot of people use common passords etc, you can get some passwords for looking for the ones available in plain, like on forums etc and use try them in higher security sites.

Link to comment
Share on other sites
Ark Newbie

Ark

Posted
Posted

Anything can be decrypted, including SSL.

All you can really achieve with any security setting is to make it difficult for people, so they go next door where the security is lower. MAC filtering can be circumvented...if you can be bothered, when next door's AP is open. SSID's can be sniffed out...if you can be bothered.

 

If you don't like the router config, brute force it to crack the password, and change it. Or just stick your own router on there and use a cheap switch to bridge them together.

Link to comment
Share on other sites
chilli Newbie

chilli

Posted
Posted
Anything can be decrypted, including SSL.

 

not really. Ok in _theory_ anything can be decrypted. But something like AES with a decent keylength would take much longer than we will be around to crack ;) in fact with 256 bits I think it takes longer than the universe has been around. Not to say things won't change but compared to everything else the SSL is the 6ft thick safe door, what you're trying to avoid is the open window around the side ;)

 

All you can really achieve with any security setting is to make it difficult for people, so they go next door where the security is lower. MAC filtering can be circumvented...if you can be bothered, when next door's AP is open. SSID's can be sniffed out...if you can be bothered.

 

well that's the point. If you are even remotely interested in using or hacking someone else's wireless, mac filtering and non-broadcast ssid's are defences made of straw, you need to do virtually nothing extra to get around those ;)

 

If you don't like the router config, brute force it to crack the password, and change it. Or just stick your own router on there and use a cheap switch to bridge them together.

 

if it doesn't contravene the companies policy then just use you're own router - they are so so cheap these days that it's hardly worth messing around :)

 

(no MAC filtering, broadcast SSID, WEP etc.).

 

in summary you don't need to worry about the SSID and MAC stuff, it's amateur smoke and mirrors at best.

 

however if it hasn't even got any security enabled, even basic WEP then it's a wide open door, I'd personally refuse to use it and take it up with your IT department!

Link to comment
Share on other sites
DaveK Newbie

DaveK

Posted
  • Author
Posted
however if it hasn't even got any security enabled, even basic WEP then it's a wide open door, I'd personally refuse to use it and take it up with your IT department!

 

It does have WEP - but it's annoying to be forced to use WEP when I was using WPA-PSK.

 

However - the good news is, it seems it will be totally secure. They have given me the router - but not the changover date and not the WEP key. So at the moment, I can't use it anyway.

 

Idiots.

Link to comment
Share on other sites
Pete Enthusiast

Pete

Posted
Posted
i was always under the impression that each computer had its own ip address and that if several computers used a wireless modem that it would still use their ip address and not of the wireless modem?

Depends upon your environment configuration. Far too much to type out here right now.

Link to comment
Share on other sites
Shane Newbie

Shane

Posted
Posted
....:blush: i have access to about 3 "open" routers on my street - when my own internet goes down my machine automatically logs onto another one :p

 

My son was at Uni in Lincoln and for 2 years they used the neighbour's connection in the house that three computer mad students shared. Bet he wondered why his connection always seemed slower during term time.

Link to comment
Share on other sites
ivan Newbie

ivan

Posted
Posted
....:blush: i have access to about 3 "open" routers on my street - when my own internet goes down my machine automatically logs onto another one :p

Same here.

Chances are that if there's an unsecure connection in the area they'll hack that one rather than try yours. I wouldn't worry too much.

Link to comment
Share on other sites
Conrad Newbie

Conrad

Posted
Posted

What is the range of a wireless router?

 

I can't even get a signal from the office/spare room to our living room? We have a fairly large old farm house so all internal walls are 9" brick thick, I just assumed this was why.

 

How can Penguin for example get a signal from other houses in his street? I have used two diff routers and both the same signal strength...

 

Sorry for the hijack Dave!

Link to comment
Share on other sites
mattanna Newbie

mattanna

Posted
Posted

router range is anything from 100 to 300 metres depending on model, you can set your own security on routers by creating a hex code for it, only thing is it blocks sometimes, i live in aterraced house an dpick up about 5 different internet connections, most of which are secure, a couple are not though and i can connect to them

Link to comment
Share on other sites
MarkR Newbie

MarkR

Posted
Posted

If you're using wep, you'll at least have some protection and the casual internet user would usually use another unprotected network.

 

To crack wep you need a laptop with a wireless card capable of injecting packets into the destination to generate enough encrypted traffic with the unique iv (initialisation vector), and also a fair amount of knowledge and understanding of wep, coupled with the right tools (linux based tools like kismet, aireplay, airodump and aircrack). Then you can collect the encrypted traffic and run the tools against the collected data to beak the wep key. It takes a while if you don't know what you're doing, and even when you think you're doing it right it sometimes goes wrong.

 

For most people this is way outside the scope of their knowledge so wep should be fine in the home environment. Personally, i'd refuse to use an open link.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. You might also be interested in our Guidelines, Privacy Policy and Terms of Use.