Help ATS with a contribution via PayPal:
learn more

Locking WiFi

page: 1
1
<<   2  3 >>

log in

join

posted on Nov, 29 2013 @ 12:04 PM
link   
I am posting this here because I know there are some smart tech savvy people here. I had to recently lock down my WiFi and have each person in my household's devices registered Mac address plus the password to get onto my wireless system.

The problem I am having is it seems whomever was getting on before stealing access cannot get on, but when they try it knocks us offline. Is there a method to deal with them? Is there a way to identify them and deal with them? I don't have a lot of neighbors, but I really want to identify who is doing this and politely deal with the situation.

Any ideas?




posted on Nov, 29 2013 @ 12:12 PM
link   
Perhaps don't broadcast your SSID?

Turn off ICMP?

If the attacker can't see the target and can't ping or sniff any target to attack, then, there's nothing for them to attack.



posted on Nov, 29 2013 @ 01:01 PM
link   

AliceBleachWhite

Perhaps don't broadcast your SSID?

Turn off ICMP?

If the attacker can't see the target and can't ping or sniff any target to attack, then, there's nothing for them to attack.



Ok, so can you tell me where to find that out? I will start looking online. I didn't know I could hide my connection. Thx



posted on Nov, 29 2013 @ 01:13 PM
link   
Found it, turned SSID off, thx



posted on Nov, 29 2013 @ 01:22 PM
link   
Don't JUST turn the SSID off, although that's really the best solution anyone can offer. If you simply turn it off broadcast but leave it the same, then anyone who knows what it is can still hit it directly as if it were broadcasting.

In addition to turning off the broadcast, change the name entirely to something almost like a password itself. You aren't broadcasting, so it doesn't matter for anyone else seeing it. That should throw the little nuisance off your scent.



posted on Nov, 29 2013 @ 01:26 PM
link   
reply to post by Wrabbit2000
 


Thanks, I put in a phrase, and hopefully they can't see it anyway.



posted on Nov, 29 2013 @ 01:28 PM
link   
Well I'm glad I didn't screw this up permanently.



posted on Nov, 29 2013 @ 01:30 PM
link   
reply to post by UnifiedSerenity
 


Also, if you want to make sure your password is secure, as the person will probably use brute force, which is why it's kicking you off when they try to access it, add a few blank spaces to your password.

For example, if your password was the to ATS123, change it AT S12 3

The blank spaces are almost impossible for most basic brute force attacks to pick through and adds a whole other level of complexity.

~Tenth



posted on Nov, 29 2013 @ 01:47 PM
link   
Rule #1 of password complexity standards:
Passwords should contain a combination of capital letters, lowercase letters, and symbols. My minimum personal preference length for a password is at least 8 characters as well. It sounds like someone is attempting to DDOS (denial of service, brute force attack) your network in some fashion, as I haven't ever encountered a device that disconnects everyone when a blacklisted MAC attempts to connect to it.



posted on Nov, 29 2013 @ 01:48 PM
link   

tothetenthpower
reply to post by UnifiedSerenity
 


Also, if you want to make sure your password is secure, as the person will probably use brute force, which is why it's kicking you off when they try to access it, add a few blank spaces to your password.

For example, if your password was the to ATS123, change it AT S12 3

The blank spaces are almost impossible for most basic brute force attacks to pick through and adds a whole other level of complexity.

~Tenth



Definitely add spaces if your router's firmware accepts them as a valid character too, UnifiedSerenity is 100% accurate with this advice!



posted on Nov, 29 2013 @ 01:56 PM
link   
Thank you everyone! I put in a phrase and my guess is since he can't see it as SSID is now off, he has no chance.

I will let you all know if it does or does not work. So far so good though.



posted on Nov, 29 2013 @ 03:30 PM
link   
reply to post by UnifiedSerenity
 


I think that what is knocking you offline is a radio broadcast. Powerful radio frequency bursts can interrupt your wireless service.

Happy hunting,




posted on Nov, 29 2013 @ 04:07 PM
link   

Bybyots
reply to post by UnifiedSerenity
 


I think that what is knocking you offline is a radio broadcast. Powerful radio frequency bursts can interrupt your wireless service.

Happy hunting,





It just started happening the last two weeks and I thought my girls were causing problems cause it happened after they got home from school. Then the obvious hit me. Other people get home at that time too, and I began my mission to lock down my WIFI. Yeh, first it was the whole password thing. That got hacked too. Then I locked down who can actually sign onto my system via mac address.

Now, with the tips to close SSID so ppl can't see my system and change the name of it with spaces, no one has knocked me off again. So, I am hoping the problem is fixed. I live way out in the country, and I can't imagine radio signals suddenly causing problems, or I could say I am being targeted by the government or those nasty gray aliens who just wanna have some fun pissing me off! Nah, I think it was some neighbor who is too cheap to buy DSL and their kid wanting to DL a bunch of movies or God forbid Porn!

The last thing I need is some dirtbag using my WIFI to DL porn!



posted on Nov, 29 2013 @ 04:23 PM
link   
reply to post by UnifiedSerenity
 


Ok I confess its me doing it.



posted on Nov, 29 2013 @ 04:26 PM
link   

UnifiedSerenity
I am posting this here because I know there are some smart tech savvy people here. I had to recently lock down my WiFi and have each person in my household's devices registered Mac address plus the password to get onto my wireless system.

The problem I am having is it seems whomever was getting on before stealing access cannot get on, but when they try it knocks us offline. Is there a method to deal with them? Is there a way to identify them and deal with them? I don't have a lot of neighbors, but I really want to identify who is doing this and politely deal with the situation.

Any ideas?


What could be happening is the person who is messing with you might be issuing a DE-auothrisation attack on you access point (AP). If you AP does not have de-authorisation attack sensing on it then there is no way you can stop what they are doing.

Now here is the worrying thing. Most of the time when hackers issue a de-auth attack they are trying to get you to hook back up on their router and not your own. When they do this you can perform a Man In The Middle (MITM) attack and essentially read all you passwords , credit card info and just about anything that you send to a website. It done using a system called Karma which any good hacker knows how to use. Basically the router they are using scans the area and then disconnects all WiFi devices within range. Your computer then tries to reconnect to your AP. It send out a probe request for the SSID asking if your AP is available. the hackers AP reads this request and then then mimics your AP's SSID and responds saying 'yes im your AP, lets get you online'. You think you are connected to your AP but you are really connected to the internet on someone else's AP.

It can even read data sent over secure socket layer websites by implementing something called SSL strip. I know this works because i have tested this myself.

edit on 29-11-2013 by PhoenixOD because: (no reason given)



posted on Nov, 29 2013 @ 04:38 PM
link   
reply to post by PhoenixOD
 


This sounds really bad, but in my case I would put a $100.00 down on a high school kid whose mom and dad won't pay for internet and he saw my system which was NOT protected, then it was password protected which he got around and now it is Mac address limited and he kept trying to force on which caused a problem for me. So, now, thanks to you all it seems my SSID is not visible and I changed the name of it.

Let's see if I get knocked off again. If not, then problem is solved. What you are talking about would make sense in the big city, but not out here in BFE.



posted on Nov, 29 2013 @ 04:38 PM
link   

AthlonSavage
reply to post by UnifiedSerenity
 


Ok I confess its me doing it.


I KNEW IT!!!! Thanks for fessing up!



posted on Nov, 29 2013 @ 04:41 PM
link   
reply to post by UnifiedSerenity
 


MAC address filtering is one of the weakest forms of protection in networking as MAC address spoofing takes less than 10 seconds to do on a backtrack live CD.



posted on Nov, 29 2013 @ 05:10 PM
link   
One of the better forms of protection you can use is to replace you 360 degree omni directional aerial is a directional antenna. Then place your AP hard against a wall or corner of a room and point it into your house. You can then adjust the strength of the signal so it only goes to the other side of your house.

You can check the strength of the signal at the furthest point from your AP in your house using a wifi audit tool. There many free ones to choose from.

This is the system many clued up businesses use. If its done right then no one can read or mess with your wifi at all.

edit on 29-11-2013 by PhoenixOD because: (no reason given)



posted on Nov, 29 2013 @ 05:34 PM
link   

parad0x122
Rule #1 of password complexity standards:
Passwords should contain a combination of capital letters, lowercase letters, and symbols. My minimum personal preference length for a password is at least 8 characters as well. It sounds like someone is attempting to DDOS (denial of service, brute force attack) your network in some fashion, as I haven't ever encountered a device that disconnects everyone when a blacklisted MAC attempts to connect to it.









new topics

top topics



 
1
<<   2  3 >>

log in

join