Easy to crack wifi

[jimbobz]

yes all protocols can be hacked. wpa being the most difficult. but even someone with the skills necessary isnt gonna bother with the effort unless you had sex with his girlfriend.

people just cruise for unprotected hubs because there's plenty about.

 

[Lectrician]

WPS is a domestic thing to prevent all the techie type calls from typical domestic customers.

It is something I would never consider using, and in fact, most of the kit I tend to use does not have this feature.

WPA is by far the best security measure to go for, the WPA key you choose should be something random, letters and numbers. I hae sat outside a house before with my phone, and actually managed to connect to their access point by guessing the WPA as their house name. It also surprising how many people have the same WPA as their SSID. You would assume access points would prevent you from doing this, but it seems most do not.

Many people also leave the WPA / WEP the same as the one on the printed label that comes with their freebie box, something else I don't agree with.

As for panicking about people cracking your code and "having a free ride and robbing your internet", that's the least of your worries! If they crack your WEP/WPA/WPS, they have access to your internet and internal network, including any PC's, data storage, servers etc etc you may have connected, unless you have other firewalls in place (and configured correctly!).

 

[Alarm]

Makes me laugh at peoples passwords.
I have "cracked" almost all my friends emails and access points with my blackberry just using either sons/daughters/wives/dogs names ( That was in no particular order).

A mixture of numbers/upper and lower case letters, randomly generated will make it difficult for all but the best and they have better things to do.

 

[rebuke]

Hello there, I am like you and don’t like the thought of others using my internet connection so what I have done is on the Router settings you can hide the SSID.

As others have said, this doesn't do what you think. All it means is your SSID won't show up in the basic list of available networks, anybody who is trying to find open WiFi and/or break through simpler forms of WiFi security will still find it, using tools such as Netstumbler etc...

 

[ebee]

As I said I am merely a layman in computer terms but the person who told me this has run experiments to try cracking the combinations and tells me with this new "4 + 4" rather than 8 digit thingy he has found it far easier.

Yes Ban it is done as a 4 digit (10000) then another 4 digit (10000) = 20 thousand total now rather than an 8 digit = 100 milion as previously that makes it 500 times faster and easier in my book.

He said many people don`t put any security or put obvious passwords in but even the most secure ones can be cracked and the providers just made it a darn sight easier.

That means anyone wanting a free ride on my internet connection can get it.

 

[ban-all-sheds]

Yes Ban it is done as a 4 digit (10000) then another 4 digit (10000) = 20 thousand total now rather than an 8 digit = 100 milion as previously that makes it 500 times faster and easier in my book.

Even worse than that:

(100 million) to 104+104 – 20,000. It fell further still, to 11,000 (104+103) when the researcher noted the last digit of the PIN is a checksum for the other seven digits.

 

[davelx]

set /mode=simpleton


10000 possible 4 digit numbers, each of which may be paired with one of another 10000 possible 4 digit numbers, look like 10000^2 possibilities to me

 

[Inky Pete]

yes all protocols can be hacked. wpa being the most difficult. but even someone with the skills necessary isnt gonna bother with the effort unless you had sex with his girlfriend.

.....and how likely is it that a geek with skills like that is even going to HAVE a girlfriend??????

 

[Lectrician]

yes all protocols can be hacked. wpa being the most difficult. but even someone with the skills necessary isnt gonna bother with the effort unless you had sex with his girlfriend.

.....and how likely is it that a geek with skills like that is even going to HAVE a girlfriend??????

It's always the quiet and un-expected ones who have the sizzerling sex lifes!

 

[ericmark]

My first question is does it really matter? Someone using your WiFi may slow down your connection but I would not expect any one near me would ever bother to try and use my connection as outside the house it will likely keep dropping out anyway.

As to 8 digit code and number of combinations first question is what is the range of digits? As binary 1024 combinations, as decimal clearly many more and as hex more again use the full alphabet plus numbers and add a few Greek then it really gets silly.

More to the point is how much can you remember? So if we have 00000000 to 11111111 then you may forget the access code. That's with only 1024 combinations but use all letters and numbers then two digits gives 1296 combinations and easy to remember.

So I would prefer when I get a visitor to say yes use my WiFi code is EP than to have to start my PC and read a really long digit chain for them to enter.

 

[ebee]

For those of you who knows such things there are:-

http://arstechnica.com/business/news/2012/01/hands-on-hacking-wifi-protected-setup-with-reaver.ars


http://nakedsecurity.sophos.com/201...ceptible-to-hacking-through-security-feature/

 

[JohnW2]

set /mode=simpleton
10000 possible 4 digit numbers, each of which may be paired with one of another 10000 possible 4 digit numbers, look like 10000^2 possibilities to me

You're effectively talking about an 8 digit number. If it's done in two stages, such that you are 'told' when you've got the right 'first 4 digits' number, then that's 9999 lots of 'wasted' searching through the second list of 10,000 possible numbers that you don't have to do.

Kind Regards, John.

 

[JohnW2]

My first question is does it really matter? Someone using your WiFi may slow down your connection but I would not expect any one near me would ever bother to try and use my connection as outside the house it will likely keep dropping out anyway.

As others have pointed out, it's not 'using your connection' which most people are concerned about. They are far more worried about the fact that, having established a connection to your WiFi, then (depending on your exact arrangements) they could well have access to everything in the computers you have operating on your WiFi network.

Kind Regards, John.

 

[davelx]

set /mode=simpleton
10000 possible 4 digit numbers, each of which may be paired with one of another 10000 possible 4 digit numbers, look like 10000^2 possibilities to me

You're effectively talking about an 8 digit number. If it's done in two stages, such that you are 'told' when you've got the right 'first 4 digits' number, then that's 9999 lots of 'wasted' searching through the second list of 10,000 possible numbers that you don't have to do.

Kind Regards, John.

Ah - didn't realise that (hadn't read the entire thread) . Makes sense now.

 

[sergeantash]

Yes it absolutely does matter if someone is using your wireless, for a start if they're downloading illegal content (music, movies etc), you're responsible by law for the consequences. In addition, you may unknowingly be sharing content with these rogue users from your own personal computer, it is not unknown for some amateur IT organisations sharing the root of the C: drive to guest users to ease remote support, in such a context the next door neighbour could take a copy of your Outlook mail store (PST) or your personal/confidential Word/Excel documents!!

Also, once they're on the same network as you (connected to your wireless), they can use very simple tools to scan the content you post to the internet, including capturing login details for sites. They could even configure the router to throttle your access speed to the internet so that they can enjoy full speed!!

There are a few simple ways to secure your wireless connection/network:

- Use a minimum of WPA encryption (do NOT use WEP)
- Use a strong encryption key that isn't guessable!
- Lock your router down with MAC filtering, this will prevent unknown computers connecting even if they know your Wireless key
- Disable UPNP, only devices YOU connect/configure should define access.
- Don't bother hiding your SSID, if you do the above there's no point/need.
- Disable WPS, its for noobs...
- Change the default password for your router admin panel.

And another suggestion that I personally do but isn't strictly required:

- Plug your router into a timer plug socket, switch off at 1am, back on at 8am (adjust to your bedtimes lol!), not only does this keep your router alive and avoid connection issues with your provider, it prevents hacking attempts whilst you sleep, and also saves a tiny bit of power!!

With the above and some common sense, you'll be fine!