It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

WiFi threat: Attention ATS wireless users

page: 3
21
<< 1  2    4 >>

log in

join
share:

posted on Dec, 30 2011 @ 04:06 AM
link   
A question? So whats the best aand safest way to access the internet with a portable laptop? I dont mean in wi-fi spots. In general, is a mobile broadband any better? Thanks in advance.




posted on Dec, 30 2011 @ 04:19 AM
link   

Originally posted by benrl
Not scared, Im no internet n00b, Ive been selling and building PC's since windows 95, worked for Microsoft for a while (not bragging cause trust me that means jack and squat).


*throws handfuls of ketchup packets at you* PACKETSTORM! LOL I had to do it. I got you beat, I started on a mainframe vax/vms at work, and pre internet or even windows at home for fun. I like your Microsoft comment, I one time very early on in Win 95 called them for assistance on a repeating BSOD I was experiencing, they could not help me, I figured the issue out myself and called them back.



Originally posted by benrl
When ever I encounter internet users who know almost nothing about the machines they are using it always reminds me of the stereotypical women driver who does not know anything about the vehicle shes using (stereo type, not serious)


OHHHH NOIOOOO! Not the SHE thing NOOO LOL. I will never forget my first Linux install I was having difficulties getting optimal performance with my connection so I joined a Linux help channel on IRC to ask about it, with a sorta female nick and this guy kept calling me PHIL. Finally I asked him wtf was up with the PHIL stuff and was informed that females did not IRC and absolutely would not know anything about Linux.

I pwned him dammit. I be 0ld Sch00l



posted on Dec, 30 2011 @ 04:57 AM
link   
Someone posted on another website, a custom built "PC in a briefcase" with 10 mid-range graphics cards and 2 nettwork cards, that could crunch through wpa2-psk personal in less than 30 minutes, using the graphics cards to do the number crunching.

Theres no such thing as a secure wifi, at all. They can all be broken into by someone willing to put the time, money and resources into it.

Yes the "briefcase" was more the size of a small packing crate, but it was portable, if you had a car.

All you can do is make it as hard as possible. Unless I have something someone wants badly, they aren't going to spend 10hrs cracking my wpa2-psk key, they will move on to the guy down the road who is still using WEP64 (idiot).



posted on Dec, 30 2011 @ 05:12 AM
link   
reply to post by brill
 


I'm actually basing my final year dissertation in uni on basic home router security and I agree with you. There are a few basic steps to take that a majority of people don't do with their home routers such as;

- Switch router off when not used e.g. going to bed, work etc
- Turn off unused ports e.g. torrent ports
- Have separate passwords for connecting to router and router admin
- Change passwords frequently
- Check security logs every time you notice your internet running slow
- Keep updated on wireless security
- Run anti-virus frequently

I walked around a few streets with my iPhone testing how many networks I could connect to without having to put in a password and honestly, a majority of people don't even bother to password their routers.

I honestly don't think that the basic quick set up of a router is sufficient enough for a majority of users. Things like passwords should not be optional during the first set up, the user should have to enter a password and then if they don't want to use it, they should have to go into the advanced settings to disable it.



posted on Dec, 30 2011 @ 05:18 AM
link   
reply to post by brill
 


if you're willing to spend 10 hours brute forcing my wireless key, then i guess you deserve access to my copy of Starcraft 2 and Microsoft Office.

Warning heeded but if you have nothing worth stealing, you shouldn't be spending too many late nights awake worrying about this.



posted on Dec, 30 2011 @ 05:34 AM
link   
reply to post by Beavers
 


Brute forcing can be more or less a case of running the program to brute force the password for you. A program that just processes a huge list of passwords and enters them into the password field for you. I'm sure a similar thing happened to TK Max which ended up costing them around $500m in theft and then compensation to their customers who had their credit card details stolen. If I remember rightly it was the chip and pin service that was running to a remote computer and was accessed by hackers.

news.bbc.co.uk...



posted on Dec, 30 2011 @ 07:28 AM
link   
a single wep can be cracked in 10 to 20 mins.


a whole neighborhood could be cracked in less than 10 hrs


the fbi has demonstrated 10 min wep cracking, video is available. i remember watching it not too long ago

edit on 30-12-2011 by spaceg0at because: woof



posted on Dec, 30 2011 @ 07:35 AM
link   
reply to post by spaceg0at
 


It wasn't about WEP cracking, WEP cracking is trivial and any good geek can crack a WEP protected WIFI very rapidly. It was about the more secure WPA-PSK and WPA2-PSK, which are considerably more secure, but still not totally secure.



posted on Dec, 30 2011 @ 08:38 AM
link   
At a recent ISSA (Information Systems Security Association) meeting in Los Angeles, a team of FBI agents demonstrated current WEP-cracking techniques and broke a 128 bit WEP key in about three minutes.

www.informationweek.com...


most homes still have wep networks
edit on 30-12-2011 by spaceg0at because: (no reason given)



posted on Dec, 30 2011 @ 08:55 AM
link   

Originally posted by Beavers
reply to post by brill
 


if you're willing to spend 10 hours brute forcing my wireless key, then i guess you deserve access to my copy of Starcraft 2 and Microsoft Office.

Warning heeded but if you have nothing worth stealing, you shouldn't be spending too many late nights awake worrying about this.


Right. So when and if an end user is compromised in this fashion, then the fun starts. One starts to monitor all traffic leaving said PC, including banking, e-commerce, perhaps business emails. Then start siphoning bank accounts to a mule service, blackmail the user, intercept VoIP traffic, etc. The point here is that although you specifically may not be at risk, thousands are.

On another note a few folks need to re-read the OP. Again this is not about using BackTrack for cracking WPA/WPA2 keys, not at all what has been said. WEP is another issue entirely. Some of the knee jerk responses are clearly showing that people suffer basic reading comprehension.

The time frame for this attack is because there are 8 digits involved. All possibilities are used, you are not capturing and cracking traffic, this is just pound the access point until the WSP is known, and with 8 random digits that time frame works out to approx 10 hours, or less of course.

brill
edit on 30-12-2011 by brill because: (no reason given)



posted on Dec, 30 2011 @ 08:57 AM
link   

Originally posted by spaceg0at
a single wep can be cracked in 10 to 20 mins.


a whole neighborhood could be cracked in less than 10 hrs


the fbi has demonstrated 10 min wep cracking, video is available. i remember watching it not too long ago

edit on 30-12-2011 by spaceg0at because: woof


Re-read the OP, a few times. This is not about WEP..


brill



posted on Dec, 30 2011 @ 10:18 AM
link   
Being in the Network/IT/Security industry, I gotta say that this should be pinned and flagged for every internet user.
There are measures that really need to be taken to increase security of WiFi home networks.
Change to a WPA2 security setup.
Go to a 16 digit password, using uppercase, lowercase, letters, numbers and special characters.
Turn off the SSID broadcast.
Turn on hour setting for usage. If everyone will be asleep from 10 at night to 6 in the morning, most home WiFi routers have this setting.
Set it up to only allow certain MAC addresses. And I know that you can spoof them, but by deploying all of these measures, it makes it that much harder and the person war driving might just move on to the next person.

Hope this helps.



posted on Dec, 30 2011 @ 10:35 AM
link   
Apparently there is a commercial version of this attack with a convenient gui.
More ammunition for script kiddies.

brill



posted on Dec, 30 2011 @ 10:38 AM
link   

Originally posted by brill
Apparently there is a commercial version of this attack with a convenient gui.
More ammunition for script kiddies.

brill


Yep. Nothing like not learning anything, not knowing how it works or why, just pushing a button and *Poof* there is is.

Next step would be using an RSA for your home network.
Or, keep WiFi use to a minimum.



posted on Dec, 30 2011 @ 10:42 AM
link   

Originally posted by BMorris
Someone posted on another website, a custom built "PC in a briefcase" with 10 mid-range graphics cards and 2 nettwork cards, that could crunch through wpa2-psk personal in less than 30 minutes, using the graphics cards to do the number crunching.

Theres no such thing as a secure wifi, at all. They can all be broken into by someone willing to put the time, money and resources into it.

Yes the "briefcase" was more the size of a small packing crate, but it was portable, if you had a car.

All you can do is make it as hard as possible. Unless I have something someone wants badly, they aren't going to spend 10hrs cracking my wpa2-psk key, they will move on to the guy down the road who is still using WEP64 (idiot).

Yep, and the Graphics cards are used for the Cointel crunching as well.



posted on Dec, 30 2011 @ 10:57 AM
link   
reply to post by brill
 


How do you disable anonymous? Seems they take information we have on our computers or elsewhere and share it. Why should I worry about my modem and not anon?



posted on Dec, 30 2011 @ 10:57 AM
link   
Simply setup password which will look something like that:

"This Is My Super S3cret P4ssword 4nd No 1 Will Ever H4ck It"

Good look brute forcing it.... 100 000 years.



posted on Dec, 30 2011 @ 11:01 AM
link   

Originally posted by GunzCoty
10 hours? i did it in 15 mins using backtrack to hack mine. And lets face it Wi-Fi is not really secure at all.
And to think of all the people i see in coffee shops with there laptops open typing away without thinking about the security or lack there of. Hacking a "hot spot" is easier then hacking the laptops using it. Think about that next time your out and about. Be smart be safe.
edit on 12/29/2011 by GunzCoty because:


Or setting up a fake hotspot in the same area, having the unknown user sign in and they have full access to the users device.
WiFi is a very scary thing, when examined.
To the untrained everyday user, it seems easy and useful.
A double edged sword in the Network Community if I ever saw one.



posted on Dec, 30 2011 @ 11:02 AM
link   

Originally posted by ophis
Simply setup password which will look something like that:

"This Is My Super S3cret P4ssword 4nd No 1 Will Ever H4ck It"

Good look brute forcing it.... 100 000 years.

No Special Characters????
A good old packet capture as you first sign on could negate that.
Given you have the right tools and training.



posted on Dec, 30 2011 @ 12:27 PM
link   
reply to post by brill
 


This is assuming you use WPS.
I never use it.
And assuming also that it gets turned off when you use manual mode.
This isn't a problem.

Just go into the router and use the manual setting.
Make sure to use wpa since wep is insecure and can be hacked.

Password should be at least 8 characters with 1 uppercase, 1 lowercase, 1 number and a special character. And make sure it's not a dictionary word.
Something along these lines.
G8f1n0h?

Remember that it's been shown that hackers can crack a simple password in about 8 seconds. Using the right setup of course.



new topics

top topics



 
21
<< 1  2    4 >>

log in

join