Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Kid shouted out that he had my network key

  • 23-09-2009 5:46pm
    #1
    Closed Accounts Posts: 921 ✭✭✭


    One of my neighbors just shouted out that he has my wireless network key-im using WPA2 PSK with AES- is it possible to hack this easily?


Comments

  • Registered Users, Registered Users 2 Posts: 19,396 ✭✭✭✭Karoma


    Yes, and I'm not moving away. muhahaha! Got yore key!


  • Registered Users, Registered Users 2 Posts: 7,806 ✭✭✭GerardKeating


    mehmeh12 wrote: »
    One of my neighbors just shouted out that he has my wireless network key-im using WPA2 PSK with AES- is it possible to hack this easily?

    Depends how strong and/or predictable your password is/was.

    No harm to change it.


  • Closed Accounts Posts: 921 ✭✭✭mehmeh12


    Depends how strong and/or predictable your password is/was.

    No harm to change it.

    63 spaces of upper/lower case letters, numbers and symbols- are there tools to hack WPA2 PSK AES?

    i just did a speed test using dublin server and have not got a reduction in speed


  • Moderators, Education Moderators, Home & Garden Moderators Posts: 8,260 Mod ✭✭✭✭Jonathan


    Have a look at the DHCP table and see has he got a lease on an IP :)


  • Closed Accounts Posts: 491 ✭✭Some_Person


    Enable MAC filtering, change your key.


  • Advertisement
  • Closed Accounts Posts: 921 ✭✭✭mehmeh12


    Jonathan wrote: »
    Have a look at the DHCP table and see has he got a lease on an IP :)

    Ok i know where i can do that in my router settings-but what does DHCP measure-will it show me all the devices connected to the modem via ethernet and wireless?

    also i read somewhere that hackers can hide their ip addresses from DCHP-can someone confirm this?


  • Moderators, Education Moderators, Home & Garden Moderators Posts: 8,260 Mod ✭✭✭✭Jonathan


    DHCP is the method by which IP's are allocated to each client connected to the router.

    If he is connected, he has to have an IP.


  • Registered Users, Registered Users 2 Posts: 7,606 ✭✭✭Jumpy


    mehmeh12 wrote: »
    One of my neighbors just shouted out that he has my wireless network key-im using WPA2 PSK with AES- is it possible to hack this easily?

    You have a 63 character key? Thats overkill.

    No, he probably has got into another neighbours connection and thinks its yours.


  • Registered Users, Registered Users 2 Posts: 14,006 ✭✭✭✭The Muppet


    Enable MAC filtering, change your key.

    If the kid has hacked his wpa key Mac filtering won't be much of a deterrent to him, will it.


  • Registered Users, Registered Users 2 Posts: 6,026 ✭✭✭Amalgam


    mehmeh12, are you sure this isn't just social engineering to give you case of the 'willies'. Maybe the little scrote has someone else's key. He doesn't sound like a Darwin genius, more like Darwin Award.

    Why.. if he had the key, would the little turnip tell you.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 759 ✭✭✭T-Square


    Change your password now.
    It is unlikely he has your password,
    but to be on the prudent side,
    assume he has. So change the locks.

    WPA/AES is not currently breakable
    WPA2/TKIP is not easily broken by professionals


    For WPA/AES the cryptanalysis has been performed,
    and the Tews/Becks attack is working,
    and some early prototypes have been demonstrated,
    but they are far from script kiddie enabled, yet.
    It is possible to inject fake ARP packets,
    which could result in your packets being sent to all and sundry.

    WPA2/AES is the one to chose.


  • Closed Accounts Posts: 1,567 ✭✭✭Martyr


    if you're on windows..one thing you might want to do along with changing your key and implementing some MAC filtering..

    In the list of preferred wireless networks, select properties for your router entry and on the Connection tab, untick 'Connect when this network is in range'

    that'll mean having to connect manually each time, but if your router is switched off or not working for some reason and your neighbour sets up his own fake router in proximity of your computer using the same SSID,MAC as your own router. Then he could potentially capture your WPA key or keys to other networks.

    it wouldn't matter how large the key is, since it's the hash which is passed to the router anyway, once he has the hash, he doesn't need anything else.

    if i'm not mistaken it's possible to de-authenticate the client from the router, perhaps DoS the router using CTS (Clear to send) packet, while the client authenticates on the attackers router?

    kid's probably just joking anyway..but you never know.


  • Moderators, Technology & Internet Moderators Posts: 12,450 Mod ✭✭✭✭dub45


    Mehmeh you are so paranoid about wireless security it really is ridiculous at this stage.

    If you are so worried why not connect by ethernet? And if that is not possible then use the plug solution. (http://www.netgear.co.uk/home_powerline_adapters.php)

    How in God's name could he identify you as owning a particular wireless network?


  • Registered Users, Registered Users 2 Posts: 4,864 ✭✭✭MunsterCycling


    Could have his address or house number as the SSID :rolleyes:


  • Closed Accounts Posts: 921 ✭✭✭mehmeh12


    Martyr wrote: »
    if you're on windows..one thing you might want to do along with changing your key and implementing some MAC filtering..

    In the list of preferred wireless networks, select properties for your router entry and on the Connection tab, untick 'Connect when this network is in range'

    that'll mean having to connect manually each time, but if your router is switched off or not working for some reason and your neighbour sets up his own fake router in proximity of your computer using the same SSID,MAC as your own router. Then he could potentially capture your WPA key or keys to other networks.

    it wouldn't matter how large the key is, since it's the hash which is passed to the router anyway, once he has the hash, he doesn't need anything else.

    if i'm not mistaken it's possible to de-authenticate the client from the router, perhaps DoS the router using CTS (Clear to send) packet, while the client authenticates on the attackers router?

    kid's probably just joking anyway..but you never know.

    So what your saying is that my computer might succumb to a evil twin attack?


  • Closed Accounts Posts: 921 ✭✭✭mehmeh12


    mehmeh12 wrote: »
    So what your saying is that my computer might succumb to a evil twin attack?

    If this is the case then whats stopping my pc from connecting to a identical fraud network-if the fraud network has the same ssid and mac address how will my pc know the difference between the real network and the fake network?


  • Registered Users, Registered Users 2 Posts: 515 ✭✭✭sharky86


    T-Square wrote: »
    Change your password now.
    It is unlikely he has your password,
    but to be on the prudent side,
    assume he has. So change the locks.

    WPA/AES is not currently breakable
    WPA2/TKIP is not easily broken by professionals


    For WPA/AES the cryptanalysis has been performed,
    and the Tews/Becks attack is working,
    and some early prototypes have been demonstrated,
    but they are far from script kiddie enabled, yet.
    It is possible to inject fake ARP packets,
    which could result in your packets being sent to all and sundry.

    WPA2/AES is the one to chose.
    http://blogs.zdnet.com/BTL/?p=23384


  • Closed Accounts Posts: 1,567 ✭✭✭Martyr


    mehmeh12 wrote:
    So what your saying is that my computer might succumb to a evil twin attack?

    if 'Connect when this network is in range' is ticked, windows from what i recall will send out probes every interval checking if that wireless network is available.

    there's usually no level of trust between the client and access point, you can only assume it's the correct AP based on SSID that you and the computer see.

    the malicious router would just accept any key you supply then drop the connection.

    i can't recall if it's only routers which listen to the CTS (Clear to send) command or clients too, but it might be possible for the malicious router to ignore CTS and accept incoming connections from clients anyway.


  • Closed Accounts Posts: 921 ✭✭✭mehmeh12


    Martyr wrote: »
    if 'Connect when this network is in range' is ticked, windows from what i recall will send out probes every interval checking if that wireless network is available.

    there's usually no level of trust between the client and access point, you can only assume it's the correct AP based on SSID that you and the computer see.

    the malicious router would just accept any key you supply then drop the connection.

    i can't recall if it's only routers which listen to the CTS (Clear to send) command or clients too, but it might be possible for the malicious router to ignore CTS and accept incoming connections from clients anyway.

    so basically what your saying is that if i dont have some method of authentication like a PEAP server or RADIUS server, then my pc cannot tell the difference between a real or fake access point-annoying because i am just a home user who doesn't have access to said authentication methods


  • Closed Accounts Posts: 1,567 ✭✭✭Martyr


    wouldn't matter if you were using PEAP/RADIUS unless you were validating the server certificate with Trusted Root Certification Authority - something which individuals or organisations rarely do.


  • Advertisement
  • Closed Accounts Posts: 921 ✭✭✭mehmeh12


    Martyr wrote: »
    wouldn't matter if you were using PEAP/RADIUS unless you were validating the server certificate with Trusted Root Certification Authority - something which individuals or organisations rarely do.

    ok fine so how to i prevent evil twin attacks on my wireless network?


  • Closed Accounts Posts: 1,089 ✭✭✭cpu-dude


    mehmeh12 wrote: »
    One of my neighbors just shouted out that he has my wireless network key-im using WPA2 PSK with AES- is it possible to hack this easily?
    I'm sorry but I just had to comment on this thread, it's getting silly at this point.

    Here OP, if some kid can crack your WPA2 PSK with AES protected network and it's 63 character upper and lower case key - then I quite like to meet him because he's an absolute genius. That feet would take painstakingly long or be near impossible. The odds of it are way too low.

    Second of all - I have your wireless key - believe me? Don't believe everything you hear, especially from some kid.

    Thirdly - kind of off topic, even if your network was hacked, a reduction in speed wouldn't necessarily indicate it. The only way would be to check the DHCP Table on your router interface.

    Finally, don't be so paranoid, it's just broadband - I'm 100% nobody's hacked your network. I've hacked a few networks in my day before (pure bordom and a handy brute force application on an idle PC) and nowadays, with some many networks around... if I don't see an Eircom WEP network or an Open one, I leave it be. Why? Because theirs wireless everywhere, people use their own too.

    PS: MAC filtering and WPA-PSK is perfectly secure... jasus even MAC on its on is (people connect and think great but don't get the BB so give us quick because they think it's down).


  • Registered Users, Registered Users 2 Posts: 2,534 ✭✭✭FruitLover


    cpu-dude wrote: »
    jasus even MAC on its on is

    If someone is going to have a go at cracking WPA, they'll probably also be willing to try MAC spoofing.


  • Registered Users, Registered Users 2 Posts: 820 ✭✭✭jetski


    In simple no he hasnt. hes winding you up.

    take off ur antenna, enable mac filtering, change its subnet and turn off DHCP then finally change ur key or just chill out.....


  • Closed Accounts Posts: 1,089 ✭✭✭cpu-dude


    FruitLover wrote: »
    If someone is going to have a go at cracking WPA, they'll probably also be willing to try MAC spoofing.
    Agreed, but my point was to show that in Ireland of all countries, we don't need to hack wireless networks.

    Sure Eircom have over 676,000 DSL customers now ;) - http://www.eircomwholesale.ie/broadband/default.asp


  • Closed Accounts Posts: 921 ✭✭✭mehmeh12


    Jonathan wrote: »
    DHCP is the method by which IP's are allocated to each client connected to the router.

    If he is connected, he has to have an IP.

    Is seeing unknown DCHP an absolute definite sign of a hacker- can IP's be hidden by a wireless hacker? yes i know im crazy-its Ethernet for me :)


  • Moderators, Technology & Internet Moderators Posts: 12,450 Mod ✭✭✭✭dub45


    mehmeh12 wrote: »
    Is seeing unknown DCHP an absolute definite sign of a hacker- can IP's be hidden by a wireless hacker? yes i know im crazy-its Ethernet for me :)

    Hallelujah!:rolleyes:


  • Closed Accounts Posts: 13,874 ✭✭✭✭PogMoThoin


    Paranoid thread of the year,
    Just change Your encryption key and forget it, FFS


  • Registered Users, Registered Users 2 Posts: 2,534 ✭✭✭FruitLover


    mehmeh12 wrote: »
    Is seeing unknown DCHP an absolute definite sign of a hacker- can IP's be hidden by a wireless hacker?

    An unknown host in your DHCP server's lease table would be suspicious.

    To answer your second question: there's nothing to stop an attacker using a static IP once they know your network range. A better place to check would be the router's ARP table (and even this won't help if they're using MAC spoofing).


  • Advertisement
  • Closed Accounts Posts: 1,956 ✭✭✭consultech


    All the relevant advice has been given already, easily fixed.


    lol how times have changed: In my day we used to do knick knocks and cycle-by calling people ****!


  • Moderators, Technology & Internet Moderators Posts: 12,450 Mod ✭✭✭✭dub45


    consultech wrote: »
    All the relevant advice has been given already, easily fixed.


    lol how times have changed: In my day we used to do knick knocks and cycle-by calling people ****!

    Indeed! For more paranoia take it to the Personal Issues forum!


This discussion has been closed.
Advertisement