Wireless Router Security?
- Thread starter rutters
- Start date
jaffa
Inactive User
Depends what security you have set on it, wep is pants and can be hacked, wpa/wpa2 would be harder to hack but I am sure they could be done.
Theres loads of other stuff you can do like filter the mac addresses so only mac address on your list can connect or make your SSID not visible.
Would it reduce your speed, well I guess if there is traffic management with your ISP and a hacker has used up the limit then your speed will decrease.
Theres loads of other stuff you can do like filter the mac addresses so only mac address on your list can connect or make your SSID not visible.
Would it reduce your speed, well I guess if there is traffic management with your ISP and a hacker has used up the limit then your speed will decrease.
As jeffa said, WEP has been cracked. You can download software off the web and with two wireless devices crack it inside of 20 minutes.
WPA could in theory be cracked at 52 or 56-bit I believe but it would take so long that its not worth it unless you have a lot of spare time on your hands.
WPA II is secure afaik.
There used to an issue that not all of the old devices supported anything other then WEP but I believe that is pretty much an old issue now and everything supports at least WPA.
Of course there is a overhead in bandwitch for encryption, maybe between 5% for WPA and up to 10% for WPA II. Plus some overhead in CPU as well if the card does not have hardware engine for encryption.
You can have MAC filtering as well in which you supply a list of devices that are allowed to connect. But this can be defeated with MAC spoofing were you enter a known MAC address to get into a filtered router, though this will stop the real device from attaching. Of course it can be a pain to maintain the MAC list if devices are changing frequently.
You can switch of SSID which broadcasts your network name. But there are simple tools readily available to track down hidden networks.
As for your router, make sure you change the default admin password and switch off external administration.
If you get hacked there are couple of issues. First they can see traffic on your internal network. Second they use your bandwidth so yes it will run slower for you and if you are on capped limit then you find yourself hitting that cap. Other thing is they could use your connection for illeagal activity and you would be liable for it.
WPA could in theory be cracked at 52 or 56-bit I believe but it would take so long that its not worth it unless you have a lot of spare time on your hands.
WPA II is secure afaik.
There used to an issue that not all of the old devices supported anything other then WEP but I believe that is pretty much an old issue now and everything supports at least WPA.
Of course there is a overhead in bandwitch for encryption, maybe between 5% for WPA and up to 10% for WPA II. Plus some overhead in CPU as well if the card does not have hardware engine for encryption.
You can have MAC filtering as well in which you supply a list of devices that are allowed to connect. But this can be defeated with MAC spoofing were you enter a known MAC address to get into a filtered router, though this will stop the real device from attaching. Of course it can be a pain to maintain the MAC list if devices are changing frequently.
You can switch of SSID which broadcasts your network name. But there are simple tools readily available to track down hidden networks.
As for your router, make sure you change the default admin password and switch off external administration.
If you get hacked there are couple of issues. First they can see traffic on your internal network. Second they use your bandwidth so yes it will run slower for you and if you are on capped limit then you find yourself hitting that cap. Other thing is they could use your connection for illeagal activity and you would be liable for it.
- Joined
- Jun 4, 2007
- Messages
- 4,045
- Reaction score
- 525
WPA2 with MAC filtering will do the trick. Also, easy 1 to forget - change the router admin password and hide the SSID!!
To add to the above, get funky with your WPA/WPA2 password. A good example: "Q18 (*#E7z¥Ç'yo_-µ€" and so on. Note that not all routers will accept some characters as pw. Also, with some routers you may have problems when enabling MAC filtering. Another thing is to limit the amount of DHCP leases offered. And lastly, if you really want to go all out, set up a RADIUS server
Last edited:
for me as long as u have a password set and some form of encryption u should be ok , i know where i live there isnt to many hackers lol,
You would be surprised how many bored teenagers there are sitting around. As I mentioned the WEP crack software is easily available off the web and though you many not think you are worth hacking, people still do it for fun.
Thanks for the advice guys. Anyone know the name of the WEP hacking s/ware? Think I'll find out more.
Also..as a side line could anyone tell me how long they normally have their modems powered up for? I want to leave it on but don't want it blowing up!!
cheers
Also..as a side line could anyone tell me how long they normally have their modems powered up for? I want to leave it on but don't want it blowing up!!
cheers
You can use something like AIRCRACK
How To Crack WEP Wireless Networks For Noobs! - Video
You can also google 'how to crack wep encryption' there are loads of guides.
Just as a side note, the software works best with particular chipsets, the details should be on their website. And also its much much quicker if you have two wireless devices. One to generate traffic and one to capture the packets. Of course if you flood somebody's network they may notice.
As for modem, they are generally designed to be on 24x7. Just make sure it is in a ventilated place and not on top of a heat source like a heater or TV or something they should be fine.
TheCheekyMonkey
Inactive User
wep has been open for ages, and is like fitting a new door lock to your door and leaving the key under the matt.
wpa and wpa 2 are very secure as long as you follow a few rules.
keep your key fairly random, at the very least incorporate uper case and lower case and numbers in it. If you have it as "johnsmith" then your asking to have it opened.
Basically most wpa cracks involve brute force, or dictionary attacks, just trying varyations of words until it gets the write one, if your jey is "vhvg&^T7BVHJbHJytVGhVJHjvB" then its very unlikely to be cracked, regardless of wether its wpa or wpa2, simple as that.
thats not to say there isnt other way of compromising your network without even getting the network key. Hiding your ssid is fine, but if its got a secure enough key whats the point? netstumbler or any other wireless scanning program will show your network and mac address anyways, which is all thats really needed for the hack.
the algorythm that is used by some isp`s to generate there network keys has been obtained, and reversed. so basically they can take the mac address of a router and generate the network key that has been used at factory for that router.
sky`s routers are a good example, but virgins have also been cracked.
same door, just putting the key under the flower pot instead of the matt.
this isnt to confused as wpa or wpa2 has been cracked.
install the linux distribution "backtrack", everything you need and more!!!!
wpa and wpa 2 are very secure as long as you follow a few rules.
keep your key fairly random, at the very least incorporate uper case and lower case and numbers in it. If you have it as "johnsmith" then your asking to have it opened.
Basically most wpa cracks involve brute force, or dictionary attacks, just trying varyations of words until it gets the write one, if your jey is "vhvg&^T7BVHJbHJytVGhVJHjvB" then its very unlikely to be cracked, regardless of wether its wpa or wpa2, simple as that.
thats not to say there isnt other way of compromising your network without even getting the network key. Hiding your ssid is fine, but if its got a secure enough key whats the point? netstumbler or any other wireless scanning program will show your network and mac address anyways, which is all thats really needed for the hack.
the algorythm that is used by some isp`s to generate there network keys has been obtained, and reversed. so basically they can take the mac address of a router and generate the network key that has been used at factory for that router.
sky`s routers are a good example, but virgins have also been cracked.
same door, just putting the key under the flower pot instead of the matt.
this isnt to confused as wpa or wpa2 has been cracked.
install the linux distribution "backtrack", everything you need and more!!!!
Thanks for all the replies guys:banana:
Just had another thought..going to Canary Island in 2 weeks. My hotel has Wifi but charge 25euro for connection. Is the cracking software easy enough o use to make it worth taking my netbook?
cheers
Just had another thought..going to Canary Island in 2 weeks. My hotel has Wifi but charge 25euro for connection. Is the cracking software easy enough o use to make it worth taking my netbook?
cheers
Similar threads
-
- Sticky
