Hack Wifi in Your Spare Time

Learn how computer hacking is done so you can defend against it. http://freehowtohackwifi.com

Archive for the tag “Wi-Fi”

Get a Jump Start on Wireless Security

Before you do anything else, you should go to your wireless router or access point and login to it’s internal configure page. All routers and access points today have web pages where you can login to configure the wireless network name, the password to login, etc. Notice one thing. When you login to that configuration web page, was the password easy to guess? Was it anything other than ‘admin \ admin’ or something like that? Change the default administrative password used to login to the access point or router if it is easy to guess. If possible, change the login name as well. When you change the default password, you’re hardening the security of your wireless network.

Consider physical positioning of the wireless access point

Take your smartphone outside with you and do a little bit of WiFi surveying. See how far outside your home your WiFi signal extends. Consider, could someone malicious access my network from outside the window? What about from the street? How about across the street? try to position the access point or router in the center of your home. WiFi signals degrade over physical space and as they pass through obstacles like walls. Ideally, if positioned central, your wireless signal won’t broadcast past the external walls of your home.

Encrypt with WPA2

It’s very easy to crack WEP encryption. It can be broken within minutes. Use WPA2 to encrypt your wireless network. But don’t think you’re safe just yet. Consider, is the password to access your WPA2 network easy to guess? Do you think it could be cracked?

Don’t just rename your SSID, don’t even broadcast it!

An SSID is the name of your WiFi network as you see it when you’re looking for devices to connect. If you are using a default SSID, change it. Hacker scan download huge lists of default SSIDs to speed up their cracking attempts.

If you’re especially paranoid, you can configure your wireless router or access point to not even broadcast the network name. That means you would need to type in the network name AND the password, but it does provide some level of security through obscurity.

Assign static IP addresses to all the connecting devices.

Most WiFi routers and access points use something called DHCP to give IP address automatically to connecting devices. DHCP usually draws from a large pool of available addresses, so malicious users could easily obtain access to the network if they cracked the password. Turn DHCP off and assign static IP addresses to all the devices you want to connect. By creating a whitelisting, you guarantee that only the devices YOU know about can connect. It takes a bit of time to organize and set up, but for home users with few connecting devices, it works well.

Use MAC Filtering

Take it a step further with MAC filtering. Similar to assigning static IP addresses to devices, you can specify their MAC addresses so only valid MAC addresses can connect. This offers twice the security than just relying on static IP assignment.

Use the WiFi AP’s firewall

To protect against inbound internet threats, enable and configure the access point or router’s firewall. Consider purchasing a dedicated firewall appliance if you want even greater security (and control.

How that you know some simple steps to secure your WiFi connection, learn how to hack it as well at http://freehowtohackwifi.com!


OpEd – Would I Connect to an Insecure Wireless Network?

wifi hackWireless networks are tricky to deal with because, even if they are secured with a preshared key, they do a poor job of providing non repudiation to the network’s owner. It is extremely easy for someone to crack a WEP key (and many times it is easy to crack a WPA1/WPA2 preshared key as well, provided the password is a dictionary-based.) Once this is finished, the attacker can use the wireless network as a digital beachhead of sorts, and launch further attacks. If forensics experts ever get involved, the trail leads back to the wireless network itself. By then, the attacking node has moved on and long gone. Always remember that its trivial for anyone to learn how to hack WiFi.

Would I connect to an unsecured wireless network? Or, would I use a neighbor’s unsecured WiFi? I have done this in the past, but I do not any longer. Honestly, my reasoning is not so much for moral reasons but rather my own self-preservation. Personally, I feel that the responsibility is on the WiFi owner to secure their network. (Breaking an encrypted network is a different story altogether, and one that I do hold a moral compass for.) There are countless open source tools that allow an attacker to sniff, redirect, and modify in transit data as it goes across the air. Weaponized programs such as sslstrip allow someone with minimal computer skills to strip out the SSL encryption used in banking, email, and social networking login forms. Thus, https://gmail.com becomes http://gmail.com, and most laymen don’t pay attention to the address bar the way I do now. Unsecured networks offer no substantial proof that your data will be secure and intact.

wifi hack

What would I do if I found out that someone was using my wireless home network? Firstly, this would not happen because I secure my home WLAN using enterprise encryption (the AES-256 algorithm authenticated to a RADIUS server.) In addition, I use MAC filtering and an IDS in a layered approach to security. (I’m paranoid) However, in the context of the question, if I were to find someone using my WiFi network, I would first set up wireshark or tcpdump and try to determine  the user and what they were using the network for. Piggybacking a wireless network to stream Netflix is one thing. Doing the same to download child pornography is something else entirely.

Passing laws policing the internet sets a dangerous precedent. Obviously, we need laws that will punish those that break an encrypted network, but I do not think punishing WiFi network owners is a good idea (even if they chose to leave it open.) A better solution would be to pressure WAP manufactures to implement out-of-the-box WPA2 encryption using a random, alphanumeric password. WAP manufacturers should stop setting default passwords that are the same across an entire product line. Manufactures could also set complexity requirements for the WAP password. This would cut down on the effectiveness of wireless cracking tools like cowpatty or aircrack. You will never eliminate  threats such as these entirely. A determined attacker will always find away in (perhaps leveraging some sort of social engineering attack to get the owner to divulge the key) and no system is 100% secure. But passing broad laws is not going to help here. Education, and better product security should be the way forward.

Post Navigation