PDA

View Full Version : How much damage can someone do if they get into your wifi AP?



Zatrix
02-20-07, 06:33 PM
If somehow someone in a car or something goes near your house and gets past your web key for your wifi accesspoint/router can they get into your computer?

when i scan around my neighborhood i see TONS of points that dont even have a web key...... couldn't someone easily take control of there whole computer from that?

im thinking of just unplugging my wifi if im not using it at the moment?

so my question is.

1. can they actually ACCESS your computer and files
2. or can they just use your internet connection but not get into your comp?

ThePCGuy
02-20-07, 06:39 PM
Can someone get access to your computer once they break onto your wireless network? Yes. The amount of access depends on the ability of the person connecting. Could someone have full access to your computer, yes. Others will chime in I'm sure.

- Jim

Jon
02-20-07, 06:39 PM
Your systems can definately be compromised if they get an account username/password, which isn't terribly hard to do either. If file sharing is enabled allowing Everyone access, then all files under that share are readily accessible.

Getting free Internet would be the immediate resource available (so long as DHCP is turned on and MAC filtering is disabled or bypassed).

TempliNocturnus
02-20-07, 07:18 PM
It depends on how locked down your computers connected to the AP are. They prolly will not be able to alter your files or operating system, but they can sniff packets being sent and obtain usernames, passwords, and personal data sent to websites that don't use any encryption. This is why it's good to occasionally log into your access point and see if there is any devices on there that you don't recognize.

Other than getting personal data that I send to unsecure websites, the most damage they could prolly do to my AP is flash the firmware with a some file containing gibberish. Doing this will render my wireless router useless, causing me to buy another one.

CrazyIrish
02-20-07, 07:22 PM
Just to be safe, I always turn mine when I'm not using it. Paranoid is prepared.

Zatrix
02-20-07, 08:43 PM
besides turning off ssid broadcast, turning on mac filtering, and enabling a web key , having a fire wall that blocks access from your access point

what else can u do?

kayson
02-20-07, 08:45 PM
It's certainly possible that they can get into your computer if you have filesharing enabled. On my university virtually every single person on the network has a shared folder, so I could just run around putting files on people's pc's if i wanted to. The simple solution is to use WPA and a MAC address filter. It can be worked around, but unless someone specifically wants to get into your PC, they'll go on to an easier target.

TalRW
02-20-07, 09:29 PM
yes use WPA encryption over WEP (not web) because it is much stronger if your hardware supports it.

Goshawk
02-21-07, 10:13 AM
Free internet would be a relatively minor concern, I usually try and change my wireless SSID and password at least once a week, and have WPA turned on. It's good practice to change things up once and a while, it just adds a thin layer of additional security. If your not running wireless at all in your home, it's just a risk leaving it enabled on the AP.

File sharing is a different story, on all of my machines... simple file sharing is turned off, and the file server only allows authenticated users to see the public files, and 3 users for the private ones.

If you have WinXP Pro or win2kpro its kindof fun playing with the access permissions :)


~ Gos

brakezone
02-21-07, 10:54 AM
free internet is the criminal-hackers dream because they can use your connection to do any illegal thing they want, so don't be surprised when the FBI shows up at your house to confiscate all your computers.

cradivonyk
02-21-07, 11:39 AM
free internet is the criminal-hackers dream because they can use your connection to do any illegal thing they want, so don't be surprised when the FBI shows up at your house to confiscate all your computers.

Exactly what I was going to say. Bunch of hackers (or wannabe hackers) hijack a bunch of wifi connections and perform a DDOS attack on a site or something. In the end you may not be held responsible, but they are going to investigate you pretty thoroughly.

kayson
02-21-07, 02:33 PM
Exactly what I was going to say. Bunch of hackers (or wannabe hackers) hijack a bunch of wifi connections and perform a DDOS attack on a site or something. In the end you may not be held responsible, but they are going to investigate you pretty thoroughly.
Yeah that's more of a hassle than serious damage though...

FireMogle
02-21-07, 03:31 PM
My biggest issue is hearing of people d/l kiddy porn from open APs. A charge like that can stick to you no matter how innocent you are.

brakezone
02-21-07, 06:57 PM
I think it should be a law that wireless AP's be locked down. Unsecured wireless AP's enable various illegal activities to take place, which could certainly implicate innocent people as having committed a crime.

Gunlance
02-21-07, 07:07 PM
besides turning off ssid broadcast, turning on mac filtering, and enabling a web key , having a fire wall that blocks access from your access point

what else can u do?

Ditch the wireless and go hard wired. Only way in is to Plug in.

kayson
02-21-07, 07:46 PM
Ditch the wireless and go hard wired. Only way in is to Plug in.
I would almost agree with that. Being wired is just so much better in terms of speed and security. It also helps me out with WinXP home networking. On the other hand, wireless is just so convenient. I can take my laptop and watch tv while im online. i cant drag a cable around the house...

brakezone
02-21-07, 08:07 PM
under the condition that you use a very long completely random key, I think WPA is pretty good. From what i've seen the method used against WPA is brute force and dictionary, which will take forever against a long random key. WEP can be broken too quickly and mac addresses can be easily be bypassed by packet sniffing, making WEP a gaping security threat.

I don't think it's okay to talk about methods hackers might use to crack WPA other than abstractly, so I will not really talk about details, but hackers may drive around and get encrypted packets for WPA and try to crack them on their own time, so WPA with a weak key may even be worse than WEP. Also, you have to keep in mind that decryption is easy to multiprocess, and with the newer more powerful computers, hackers could sniff WPA packets from many different networks and try to decrypt them all at once in a huge operation with alot of CPU power. As a result, I believe that even WPA has security limitations, especially when you consider the future of wireless.

My recommendation is to lower the signal strength as much as possible and use the longest and most random key possible. Employ Mac address filtering and configure the router to only allow certain machines access to the internet, if possible using something other than mac addresses.

I would say always use hardwired except where wireless becomes necessary. Everything that is wireless is broadcasted so that anything nearby can pick up the data; on the other hand, hard wired switched ethernet splits everything up so that the packets can't be sniffed even from other places on the same network.

MRD
02-21-07, 08:13 PM
They can do a lot of damage. If your PC is very secure, they probably can't get access to it, but if you have drives shared and such, it's very easy to get access to them.

If they're very talented, they can probably hack into your pc if it's windows based, windows isn't very secure and there are a lot of vulnerabilities known and worms and such.

It really depends how badly they want to hack in.

Use WPA.

Personally, I use a firewall, and segregate my network into green, blue, and red zones, so that even if my wireless were hacked, it would grant them no access to my wired network. My wireless uses WPA2 w/ AES and MAC address filtering, and I use SNORT intrusion detection on my ipcop box. Also, I use highly secure passwords on everything that people might ever get access to, and I run linux as it's much less hackable.

Zatrix
02-21-07, 11:54 PM
Whenever my computer is on my wireless ap will be unplugged. only time it will ever be operational is when my comp is off and i need to connect my psp , ds, other non computer devices for internet access.

Comments, concerns, ideas?

RP Racing
02-22-07, 12:00 AM
I think it should be a law that wireless AP's be locked down. Unsecured wireless AP's enable various illegal activities to take place, which could certainly implicate innocent people as having committed a crime.

Better yet, it should be illegal to knowingly use someone elses wifi without express permission.

Randyman...
02-22-07, 12:30 AM
Steve Gibson has a fantastic random key generator for WPA passwords:

https://www.grc.com/passwords.htm

It creates a UNIQUE string in either 64 random hexadecimal characters (0-9 and A-F) or using ASCII charachters. I use it for my WPA PSK. No one will ever crack my password :) Good as a Wired LAN IMO...

Beyond that - isolating your WiFi from your LAN is also a great idea (as already mentioned). Also, using your PC's software firewall can help prevent WiFi intrusion, and also prevents other infected PC's on the network from getting ahold of your PC easily...

:cool:

Zatrix
02-22-07, 02:17 AM
Steve Gibson has a fantastic random key generator for WPA passwords:

https://www.grc.com/passwords.htm

It creates a UNIQUE string in either 64 random hexadecimal characters (0-9 and A-F) or using ASCII charachters. I use it for my WPA PSK. No one will ever crack my password :) Good as a Wired LAN IMO...

Beyond that - isolating your WiFi from your LAN is also a great idea (as already mentioned). Also, using your PC's software firewall can help prevent WiFi intrusion, and also prevents other infected PC's on the network from getting ahold of your PC easily...

:cool:

about the key couldn't you just type a bunch of stuff like

ga9ga0-g!!ggst9opsfgklajnbo]\\iybnlambD85aga'atp05i3gg=068=46gssg5h5hah/**gaagavbmnbma

wouldn't that work similar to using a key gen?

MRD
02-22-07, 02:54 AM
The random key gens are even more random, but your pw wouldn't be terribly easy to guess.

Some people uses phrases, which are very easy to guess. You want random mixtures of capital and lowercase letters and numbers as well as other ascii characters in the permitted range (I forget exactly what that is).

I don't really trust the keygens, how do I know they aren't logging the keys? You can use keygens and cut and paste pieces of the keys together to make a key if you want, or pieces from different keygens, or permute them, or do something like that. Also, how do you know that the key isn't being intercepted in transmission?

Yeah, I suppose I'm paranoid...

Goshawk
02-22-07, 09:03 AM
Yeah, I suppose I'm paranoid...


I don't think so :) I use a random assortmant of numbers, letters and ascii thats over 12 characters long... thats paranoid :P


~ Gos

CreePinG_DeatH
02-22-07, 09:37 AM
What about DNS Poisioning? If someone got into your AP, they could change your DNS servers and really cause some damage. Accessing your file would be the least of your worries.

BigFoofieMan
02-22-07, 10:27 AM
What about DNS Poisioning? If someone got into your AP, they could change your DNS servers and really cause some damage. Accessing your file would be the least of your worries.

Stop it your scaring us. To steal a line from Dilbert:
"Spooked, the herd stampedes"
:bday:

Anyone remember the OS that makes a computer into a firewall (im drawing a blank)? How would that play into it.

CreePinG_DeatH
02-22-07, 11:48 AM
Stop it your scaring us. To steal a line from Dilbert:
"Spooked, the herd stampedes"
:bday:

Anyone remember the OS that makes a computer into a firewall (im drawing a blank)? How would that play into it.

Smoothwall? I don't know if it would make a difference or not. If someone gained access to your AP, they don't have to do anything (and thus not even raise your suspicions) and just see what exactly is running on the networks' computers.

TalRW
02-22-07, 01:35 PM
Smoothwall? I don't know if it would make a difference or not. If someone gained access to your AP, they don't have to do anything (and thus not even raise your suspicions) and just see what exactly is running on the networks' computers.

Actually it would make a difference. But for it to you would have to configure it correctly. You would have to either have the wireless AP on either the orange network or the blue (with modification). Therefor even if a hacker broke into your AP they wouldn't be able to hack into your PC's on your green network since the orange and blue networks can not connect to the green network. They could however still like it has been said download illegal files which would be traced back to you but you can at least prevent hacking of your hardwired PC's

CreePinG_DeatH
02-22-07, 02:34 PM
They could however still like it has been said download illegal files which would be traced back to you but you can at least prevent hacking of your hardwired PC's

If they can download anything they want, then couldn't they just download a malicious script/program/worm etc. in order to create a hole for them to access? I don't know what you mean by the green, blue, orange etc., but I would assume it has something to do with access permissions. If the compromised computer can have any type of access, either configured that way or maliciously set-up by others, then wouldn't the hardwired computers just be a matter of time before they are accessed?

TalRW
02-22-07, 02:50 PM
Smoothwall separates computers into networks called green (LAN) orange (DMZ) and blue (Wireless). The blue and orange networks can't communicate with the green network unless a green computer initiates it so even if something on the blue network is infected it won't carry over to the green network. So basically if a hardwired computer is on the green network it is protected against something malicious on the other ones.

Randyman...
02-22-07, 07:18 PM
I don't really trust the keygens, how do I know they aren't logging the keys? You can use keygens and cut and paste pieces of the keys together to make a key if you want, or pieces from different keygens, or permute them, or do something like that. Also, how do you know that the key isn't being intercepted in transmission?

Yeah, I suppose I'm paranoid...

That GRC link uses SSL encryption for the password page :eek: And I, for one, trust Steve Gibson not to be logging these for his own personal hacking uses ;) . Combining 2 or 3 of those PW's into one is not a bad idea, but you'd end up with a PW that is just as random either way :D

:cool:

Skeith
02-23-07, 05:48 AM
Ill tell you, if you have encryption the least thing somone is going to do is sit for an hour breaking in when all they have to do it move 4 feet up the street to get an open WEP connection. I have about 2 non encrypted networks on my street.

I saw this topic the other day, and so, I took my lapotop with me when my mother went out for groceries. I poped open my WiFi mannager and just refrshed the connections as we went along. For every 10 connections there were maybe 3 encrypted ones, and maybe 1 if that, that was properly encrypted.

Hell someone on my streed has a network with a dlink router that just poped open the box and hooked it up. The wifi settings are default with dlink as the pass and dlink as the name. Pretty sad if you ask me.

Mainly all im trying to say, if you use WPA, mac adress filtering, set up your network for static IPs (dont use dynamic DNS) and change the IP ranges and subnets you will be fine, as less than a block away there are unsuspecting people ready to have their internet stolen.

And on the note of what PR Racing said, yes it is illegal to use somones wifi connection without permission. Just as it is illegal to "borrow" your neighbours car without permission. Its just hard to monitor and detect who is stealing who's internet. So all in all its up to the user to make it secure.

I used to think wireless was crappy and insecure, and still do. All my network is wired except for my laptop, and I have done all I can to secure it. And like I said, I dont worry cause there are people just down my streed with wide open networks.

MRD
02-23-07, 06:01 AM
Ill tell you, if you have encryption the least thing somone is going to do is sit for an hour breaking in when all they have to do it move 4 feet up the street to get an open WEP connection. I have about 2 non encrypted networks on my street.

Mostly true. There are cases where it's not.
1) if there aren't other networks in range, and you're the only decent signal strength close enough to where someone wants to mooch from, they might bother to crack your wep.
2) if they want to steal info from you particularly, or harm you particularly in some way, they might bother to crack your wep.
3) if you are are a particularly good/interesting target for some reason (average home user normally is not a particularly special target, but say you were Bill Clinton, you better secure your wireless network...)

Personally, I just err on the side of paranoid, partly because I like learning the technology and locking everything down. I fully realize there is no particular reason anyone would have to hack my network beyond free bandwidth. If they got on my PC they probably couldn't even steal my files because they wouldn't know how to use linux... and even if they did, all they'd get is a bunch of school papers and maybe a few pdf's of technical manuals. Not too exciting. Lol they'd probably think there was something juicy just from the security I have, and be very disappointed.

Because of where I live anyways, there's probably at most 1 other house in range, and that would be crappy signal anyways. We have a good amount of land and so do our neighbors.

Goshawk
02-23-07, 09:57 AM
@Skeith: I've seen that too actually, When the whole Verizon FiOS was new in this area, the installers were using DLink router/access points, and setting up the wireless completely open, and leaving it that way.

Anywhere i go i can hit at least 1 open Dlink access point... its very sad :/ I've tried to warn folks at the shop if they mention they have FiOS... and suggest logging into the router and locking it down.. but thats only a few people/week who shop for wireless goodies.


~ Gos

cradivonyk
02-23-07, 11:04 AM
@Skeith: I've seen that too actually, When the whole Verizon FiOS was new in this area, the installers were using DLink router/access points, and setting up the wireless completely open, and leaving it that way.

Anywhere i go i can hit at least 1 open Dlink access point... its very sad :/ I've tried to warn folks at the shop if they mention they have FiOS... and suggest logging into the router and locking it down.. but thats only a few people/week who shop for wireless goodies.


~ Gos

The wireless AP Verizon put at my parents house was left wide open as well. I went there this past xmas when they just had it installed. Jeebus, that whole unit is ginormous that they put in. Even though my parents live in the woods, I still locked it down for them and turned off SSID broadcasting.

Neuromancer
02-23-07, 11:23 AM
Just to be safe, I always turn mine when I'm not using it. Paranoid is prepared.


Yup I do too

Skeith
02-23-07, 11:40 AM
The wireless AP Verizon put at my parents house was left wide open as well. I went there this past xmas when they just had it installed. Jeebus, that whole unit is ginormous that they put in. Even though my parents live in the woods, I still locked it down for them and turned off SSID broadcasting.
Yeah without SSID broadcasting its hard to even tell its there without a profile.

Zatrix
02-26-07, 06:50 PM
=(

MRD
02-26-07, 07:13 PM
Yeah without SSID broadcasting its hard to even tell its there without a profile.

I broadcast my SSID, because a few of the laptops won't work as soon as I shut it off, and it really doesn't matter. I don't care if people know about it, it's protected enough that they can't get in. Anyone who would stand any chance of getting by the security I have in place isn't going to be stopped by lack of an SSID broadcast.