I just picked up a wireless router (the $15 Stooples deal) and hooked up my notebook.

FINALLY got it working, and hooked up the WEP security. My buddy in IT said that the wireless 80211 stuff can be hacked within minutes. Any other precautions besides anti virus, firewall etc I would need?

Just looking for some ideas.

Your buddy is right. The older tools use to take days to collect enough samples to crack the WEP key. The newer tools can hack WEP keys within minutes.

But, if you were the victim of a hacker, chances are he does not plan to put a virus on your computer. He would probably just use your internet and see what files you have on your network.

If you want to be protected. Don't use wireless, if you must, use WPA instead of WEP.

Gee is right, WEP was badly designed to start with. As for hacking, hopefully we'll see some laws like the US has, making it illegal to use someone else's wireless connection, for malicious purposes or otherwise.

Yeap. However, although WEP is not the safest thing in the world, please still enable it. This, at least, will put you in the "slightly" more unfavorable hacking target catagory compared to all the *wide open* wireless routers in the same area !!

Every once in awhile, go into the admin screens of your wireless router and take a look at the DHCP table. If you see more entries than the total number of PCs on your own network, I think it's time to change the WEP key or buy yourself a newer router with WPA.

Disable your SSID broadcast.. mostlikely if people can't immediately see it, they won't bother trying to hack it.

As for hacking it within minutes.. I'd like to see that.

For home use WEP 128 is fine ... amateurs just looking for some free internet will go to your neighbors instead.

Just : enable 128 WEP, rename the default SSID, disable SSID broadcast, enter your Network card MAC adresses if your device supports it. With that, you should be OK. If you are really paranoid, change the WEP key every few weeks and turn off your device when you are away.

M.

Disable your SSID broadcast.. mostlikely if people can't immediately see it, they won't bother trying to hack it.

As for hacking it within minutes.. I'd like to see that.

I guess you are behind in the times.

The older method requires you to use a program to grab packets in the air. The problem was, you needed days to gather enough packets to get enough samples to guess the WEP key. You had to rely on the owner to send these packets.

The newer method (you can google it) does not require this. You use two notebooks (or computers), one computer will generate an attack on the router. The router will then respond with deinials. Use the second computer to grab the packets. But these random packets will provide you all the samples you need to crack the WEP key within minutes.

So even with a complex WEP key, the most time it ever took me was 20 minutes.

So even with a complex WEP key, the most time it ever took me was 20 minutes.

Lol..

you wardrivin Haxxor!

my area doesn't really look like the kind that would invite wardrivers.

Mind you, I don't want an open invite to people parking outside my house with a couple of hackers.

I guess it's akin to having a car, and having the windows unlocked, and no club on the steering wheel.

My neighbourhood is too ghetto for me to worry about wifi freeloaders. :D

Gee, but I'm not saying it's impenetrable if you disable the SSID, not in the least.. I'm just saying that at least that will throw off a few lurkers who may see your network out there, and THEN wish to figure out the ways to hack it.. considering only people in your immediate vicinity can hack your wifi signal.. if your neighbours don't know now how to do it, if they don't even know you have a signal out, why would they bother to learn how to hack something that as far as they know doesn't even exist..

ya know?

You should treat the wireless part of your LAN as 'open to strangers', ie. don't use unauthenticated file sharing etc.
While cracking WEP is effortless for small number people, chances are you'll have neighbours who never bothered to change their default settings when they first plugged in their router, thereby making it easier for freeloaders to use those free internet instead of yours. You can do a scan for available wireless networks in your home and see, if only to avoid overlapping channels with your neighbours.

My neighbourhood is too ghetto for me to worry about wifi freeloaders. :D
Lol, lucky. I live in apartment building and can usually find 2-7 networks I can connect to, without any security.

Yes, WEP can be cracked in minutes (http://whoppix.hackingdefined.com/Whoppix-wepcrack.html) .

use WPA-PSK if you have access to it and WPA II if you have it..

but seriously...who even bothers to hack WEP...its not even worth the couple of minutes....unless your neighbour works for the government and has information that u can blackmail him/her with....

I've always wondered, is there any benefit to putting up a wall of signal-absorbing/reflecting material? A layer between the wireless router and "outside" would at least hinder potential snoopers, wouldn't it?

My neighbourhood is too ghetto for me to worry about wifi freeloaders. :D
Those are the areas where you should worry the most! :-0

so when you disable SSID broadcasting, how do you find your wireless network?

so when you disable SSID broadcasting, how do you find your wireless network?
You should be able to manually enter it, it just means that it won't be broadcasting itself for everyone to see.

mac address filter + wep encoding should provide you with enough security. :)

Lol..
you wardrivin Haxxor!


No war driving. It was for educational purposes. I hacked my own network.

Gee, but I'm not saying it's impenetrable if you disable the SSID, not in the least.. I'm just saying that at least that will throw off a few lurkers who may see your network out there, and THEN wish to figure out the ways to hack it.. considering only people in your immediate vicinity can hack your wifi signal.. if your neighbours don't know now how to do it, if they don't even know you have a signal out, why would they bother to learn how to hack something that as far as they know doesn't even exist..

ya know?

Absolutely, just because WEP is a joke, doesn't mean you should not use it. It will deter the casual hacker. If someone was really determined to get in, they will. If you have to use wireless, then take all the precautions.

If it isn't your enighbours stealing your signal, then it is your own fault if you don't notice the guy parked on the street with a notebook.

I've always wondered, is there any benefit to putting up a wall of signal-absorbing/reflecting material? A layer between the wireless router and "outside" would at least hinder potential snoopers, wouldn't it?

Those are the areas where you should worry the most! :-0

If you have something sensitive that you don't want people to see. Don't get on the net. If you are going to go spend all that money for that special lead paint (I have seen the ad), you are better of using that money and getting a wired network.

so when you disable SSID broadcasting, how do you find your wireless network?

Disabling the SSID is not effective. You can flood the airwaves sending random requests with your notebook and your router will retrun a bad packet saying you are not authorized. Thus revealing your Access Point.

mac address filter + wep encoding should provide you with enough security. :)

MAC Spoofing takes care of the MAC address issue. I just wait till you are online and I can easily get your MAC address. If you have your computer check email or update your antivirus constantly, then it is constantly transmitting. So this is easily obtainable.

Bottom line, if someone is determined to get in, they will. Follow the advice of others here, turn on WEP, MAC address etc. It will deter most. If you absolutely don't want anyone on your network. Do use wireless.

yeah I realize that disabling SSID broadcasting is not going to prevent a determined hacker from gaining access to my wireless network. However it is the same as any type of security... you can use a club, alarm, taser :) , or whatever, but when it comes down to it a determined individual will probably find a way around it... all you can really do is make other networks more attractive by making your network "less" accessible!

Disabling SSID broadcasting is one more step to make your network less available.

yeah I realize that disabling SSID broadcasting is not going to prevent a determined hacker from gaining access to my wireless network. However it is the same as any type of security... you can use a club, alarm, taser :) , or whatever, but when it comes down to it a determined individual will probably find a way around it... all you can really do is make other networks more attractive by making your network "less" accessible!

Disabling SSID broadcasting is one more step to make your network less available.

As I said before, it will deter most casual WiFi Seekers. So use everything in your arsenal. Anyone looking for a free connection will just move on to an easier target.