On Thu, 30 Dec 2004 08:45:53 +0800, "MAYAR" wrote just a simple question in the Subject line.
Mayar,
WEP hasn't been secure for years, and can be hacked very quickly.
Here's the tool:
Not very, just a little.
Someone once remarked that a lock only stops honest people. If you have a large network and think people are actively trying to hack it that would be one thing. If you have a single open router in a large apartment building people will jump on. If you use WEP in that situation, it will most likely be "secure". Security is a relative thing.
A lock, even a weak lock, is good protection for physical premises, because the burglars with skills to pick a lock (or psychopathic nature to smash the door down) are not necessarily everywhere. You're betting that those folks are not in your neighborhood.
These guys were caught because they were stupid.
The non-stupid ones are still out there, and they're everywhere. They can sit in a van somewhere in a parking lot, and "burgle" dozens of networks in comfort, even the one in your exemplary large apartment building. How many private WLAN operators will be able to involve the FBI (assuming that they ever realise when they're being burgled)?
Thats the point tho - why would anyone bother to hack your 512k dsl line, when they could park down the road outside Walmart and hack their corporate
34MB line with as little effort? To run with your burglar analogy, why take the risk of getting nicked for pinching the cash from a little old lady's bedroom, when for hte same risk you could nick ten mil in bearer bonds?Taking a moment's reflection, Mark McIntyre mused: | | Thats the point tho - why would anyone bother to hack your 512k dsl line, | when they could park down the road outside Walmart and hack their | corporate 34MB line with as little effort? To run with your burglar | analogy, why take the risk of getting nicked for pinching the cash from a | little old lady's bedroom, when for hte same risk you could nick ten mil | in bearer bonds?
Some people do it just to do it.
That's a good point. Maybe some of the bad guys will try to use Walmart.
OTOH, Walmart will probably have enough muscle to get the FBI after the bad guys, like Lowe's did. If you get hijacked, how easy will it be for YOU to convince the FBI to go after your hijacker?
Seriously, they don't have to park outside your house. With the right antenna, they could be a couple miles away.
Walter Nowakowski got caught because he was stupid. His setup worked so well that he was driving AND looking at what he was downloading at the same time AND enjoying what he was downloading - and drove down a one-way street, the wrong way.
I don't worry about guys like Walter - I worry about the ones smarter than he is. And I'd bet most of them are hella smarter.
In which case, probably nothing is going to stop them. They'd probably get turned on by the idea of cracking your security.
Seriously tho, the chances of someone parking outside the average Joe's house on the offchance that he has an insecure wirless network are pretty low.
Taking a moment's reflection, Mark McIntyre mused: | | In which case, probably nothing is going to stop them. They'd probably get | turned on by the idea of cracking your security.
WEP won't, but WPA would ... provided a good key is used, and then changed at intervals.
| Seriously tho, the chances of someone parking outside the average Joe's | house on the offchance that he has an insecure wirless network are pretty | low.
Granted. But, they don't have to be right outside in a van with a giant antennae on the top. They could be a few blocks away, or in the next house/apartment. I have four wireless networks I could have a go at from my office, and three more at home.
Following this up late, but they can't be blocks away with the average consumer wireless kit. I've two routers and neither reaches to the end of my front garden (~40ft). The idea of someone blocks away connecting is laughable.
Following this up late, but they can't be blocks away with the average consumer wireless kit. I've two routers and neither reaches to the end of my front garden (~40ft). The idea of someone blocks away connecting is laughable.
Hi guys! My first post.
By your comments the wireless network is unsafe at all ... so whats the
point of having it then, thats one, and two, is there any way i can
find out i'm being hacked, or hacked with aircrack thing u were talking
in previous posts, and is there any way to stop it at all.
I got a new antivirus which has a special WIRELESS PROTECTION feature,
i hope it works, it's called Trend Micro PC-cillin Internet Security
2005On Mon, 03 Jan 2005 12:46:38 GMT, CoolMeEddY wrote:
The BEST way to keep people out of a wireless network is VERY debatable! However....locking out all except certain network cards is a good one. I am talking about MAC address filtering. If you go into your wireless router setup there is a section where you can put in a MAC address and aloow ONLY those on the list to communicate with your network. The key is FIRST put in the MAC addresses THEN enable the protection, otherwise you won't be able to get in to your own router!! The problem with this is that MAC addresses ARE hackable, they just take a concerted effort, AND unless you specifically let them no one else can use your network. That is not good if you have friends that bring over their computers or a medium to large business, etc., too much entering!!! The MAC addresses currently accessing your router are available in the router setup pages. WEP is MUCH easier for larger businesses, but can be hacked in a small amount of time. The thing to think about wireless protection is that, it is a lot like a padlock, it keeps the honest people honest! No, I REPEAT, NO wireless network is secure enough to keep out a determined hacker with enough time on their hands. Even a wired network can be hacked, if you have access, so can someone else!!! The key is how much do you want to keep the people out! The ONLY secure computer is a standalone one that IS NOT connected to ANYTHING AND is not visible by anyone but the single user! And even then if several people use it, it is NOT secure!
The advantage of using MAC address filtering is that if someone does obtain and clone your MAC address, they will still cause collisions and stutters with your connection that should be noticable if you pay attention to that sort of thing. It will also cause a degraded connection for the hacker, making it less likely they will want to use it for any length of time.
Of course, the disadvantage is that a cloned MAC will not show up separately in your wireless access list to alert you to the fact there is "someone else" out there.
If you use only WEP, its insecure. That doesn't mean you will be hacked, only that if someone tried it would be relatively easy.
Its similar to having a house without a burglar alarm - you can still use it, but its not as secure.
You would need an intrusion detection system. Proper ones are pretty costly, a websearch might help find out more.
Use WPA, its much more secure. Use XP's security (or the equiv for unix/linux/macos) to ensure you do not leave open access to your sensitive files.
No idea. What does their website say?
Taking a moment's reflection, Mark McIntyre mused: | | Following this up late, but they can't be blocks away with the average | consumer wireless kit. I've two routers and neither reaches to the end of | my front garden (~40ft). The idea of someone blocks away connecting is | laughable.
Laugh away. I have an alley which ends at my back yard. It runs for four blocks. With a cantennae attached to the WLAN card in my laptop, I can connect from the end of that alley to my WAP54G access point. Without the cantennae, I can still connect a half block away in either direction.
Taking a moment's reflection, f/f george mused: | | The problem with this is that MAC addresses ARE hackable, they just | take a concerted effort, AND unless you specifically let them no one | else can use your network.
Actually to takes little effort. The client and router MAC address are included in every packet exchanged ... unencrypted. So a passive packet sniff will easily capture all valid MAC addresses. They wait for you to disconnect your client, and then change their MAC address to match, and they are in ... assuming you don't have WEP or WPA. So, encryption is the only real security measure.
Taking a moment's reflection, TV Slug mused: | | The advantage of using MAC address filtering is that if someone does | obtain and clone your MAC address, they will still cause collisions and | stutters with your connection that should be noticable if you pay | attention to that sort of thing. It will also cause a degraded | connection for the hacker, making it less likely they will want to use it | for any length of time.
Um, not really. Only one MAC address is allowed to connect at a given time. If a MAC address is already listed as connected, a second connection with that MAC address will not be allowed. Therefore, the above is erroneous.
| Of course, the disadvantage is that a cloned MAC will not show up | separately in your wireless access list to alert you to the fact there is | "someone else" out there.
It will if you see connections from that MAC address when you know your computer was not connected. As above, while you are connection a cloned MAC will not be able to.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.