Jump to content

Stealing signals

ramdisc

By ramdisc
in Computer Science

 Share

Recommended Posts

ramdisc

ramdisc

Posted
Posted

Hello,

 

I saw an episode of CSI: Miami. And this guy with a laptop was able to steal signals from across the building so he can go into the Net. So his company won't be able to catch him surfing the Net during work.

 

Is this even possible!? People with laptop and wireless connection can easily steal signals by just being in range of the whatever-you-call-it!?

 

There is no protection of any kind to prevent others from stealing it?

Link to comment
Share on other sites
mezarashi

mezarashi

Posted
Posted

Yes, this is very real. The "signal" is a wireless LAN signal. They can cover 20m to 30m. Most universities have a wireless LAN network. Anybody with a card can get access. Most corporate systems now are implementing a security check of course, meaning once a connection is established you must log in with a proper user/pass to gain access. Most home users however don't use this or don't know about it. I heard stories of so many friends who are stealing their neighbor's internet. Many people install an unprotected wireless network and obviously the signal can cross the border.

Link to comment
Share on other sites
Klaynos

Klaynos

Posted
Posted

WEP is very very easy to break.

WPA is breakable but is considerably harder than WEP.

 

Most wifi access points can be locked to only allowing specific mac adresses (a unique code designated to network adapters)... It is not fool proof...

Link to comment
Share on other sites
JC1

JC1

Posted
Posted
WEP is very very easy to break.

But it is secure enough for home users to prevent this sort of war-driving attack.

 

WPA is breakable but is considerably harder than WEP.

It's much harder than WEP due to the fact that TKIP' date=' its security protocol, is incorporated with 802.1x, EAP and Radius server.

 

Most wifi access points can be locked to only allowing specific mac adresses (a unique code designated to network adapters)... It is not fool proof...

This is nothing as some of wireless network adapter's program provides the cloning utility. In other words, we can clone our card to whatever MAC address we want. Therefore, by observing the plaintext of MAC address in the header of packet data of the network traffic, we can identify the mac of source and destination devices, then from that we can clone our card to be them.

Link to comment
Share on other sites
JC1

JC1

Posted
Posted
WEP is very very easy to break.

But it is secure enough for home users to prevent this sort of war-driving attack.

 

WPA is breakable but is considerably harder than WEP.

It's much harder than WEP due to the fact that TKIP' date=' its security protocol, is incorporated with 802.1x, EAP and Radius server. And the way that TKIP uses the encryption key (per-packet key mixing) is even more harder for one to discover the key.

 

Most wifi access points can be locked to only allowing specific mac adresses (a unique code designated to network adapters)... It is not fool proof...

This is nothing as some of wireless network adapter's program provides the cloning utility. In other words, we can clone our card to whatever MAC address we want. Therefore, by observing the plaintext of MAC address in the header of packet data of the network traffic, we can identify the mac of source and destination devices, then from that we can clone our card to be them.

Link to comment
Share on other sites
Klaynos

Klaynos

Posted
Posted
Especially if the default security passwords are used.

 

I take it it's illegal to sponge off over peoples signals ?

 

In most countries I presume' date=' it is *probably* illegal in the UK.

 

 

This is nothing as some of wireless network adapter's program provides the cloning utility. In other words, we can clone our card to whatever MAC address we want. Therefore, by observing the plaintext of MAC address in the header of packet data of the network traffic, we can identify the mac of source and destination devices, then from that we can clone our card to be them.

 

Very true but if someone is launching an attack with no previouse knowledge, every little helps :|

Link to comment
Share on other sites
JC1

JC1

Posted
Posted
Very true but if someone is launching an attack with no previouse knowledge, every little helps :|

 

that's right. :) It always starts from the basic protections. MAC filter is one of them. People should make use of the full available security measures that their AP and wireless cards provide, instead of merely taking it out of the box and plugging it in with all the default set.

Link to comment
Share on other sites
Klaynos

Klaynos

Posted
Posted

Hiding SSID is another thing people should do, I know of 3 wifi networks around me, and in every case I can tell you exactly what type of AP they use as they havn't changed from the default SSID and wouldn't be surprised if the rest of their settings are also set to the default :(

Link to comment
Share on other sites
Royston

Royston

Posted
Posted
What do you mean by the default security pwd?

 

To protect a WEP Lan set up you have the option of a password to secure your signal from rogue internet users. There are a number of default passwords that are available which are incredibly obvious and (so I've heard) often used. eg PF1,PF2,PF3 et.c So it's in people's best interest to think of an original password...unless they have no problem with someone using their signal.

Link to comment
Share on other sites
JC1

JC1

Posted
Posted
To protect a WEP Lan set up you have the option of a password to secure your signal from rogue internet users. There are a number of default passwords that are available which are incredibly obvious and (so I've heard) often used. eg PF1,PF2,PF3 et.c So it's in people's best interest to think of an original password...unless they have no problem with someone using their signal.

I thought you were talking about the default pwd of the AP itself. Well, i never knew that there are the default WEP pwd. AP usually have a feature that you can input the passphrase (of your own word) and from that it generates the 4 random hex number as the encryption keys one of which you would use and set in the supplicants.

Link to comment
Share on other sites
5614

5614

Posted
Posted

Picking up someone else's wireless connection can be as easy as having a wireless NIC & being in range. The computer automatically picks up the signal and then you just click connect to the signal.

 

Encryption and security measures are mentioned in other posts so I wont repeat it all.

Link to comment
Share on other sites
Royston

Royston

Posted
Posted
I thought you were talking about the default pwd of the AP itself. Well, i never knew that there are the default WEP pwd. AP usually have a feature that you can input the passphrase (of your own word) and from that it generates the 4 random hex number as the encryption keys one of which you would use and set in the supplicants.

 

Yeah, they vary dependant on manufacturer. I know some Hex of 10 or 26 characters only have 6 letters and obviously 0-9 to use. Ok there's a lot of combinations there...but with unlimited tries and a bit of logic it won't take long to start using somebody elses signal. I'm sure all this will be considered with future models.

Link to comment
Share on other sites
Mayflower

Mayflower

Posted
Posted

There is no protection of any kind to prevent others from stealing it?

 

Judging by what I've read on other forums... no there isn't a way to prevent it. These 'computer experts' basically said that all forms of wireless router security don't work.

 

We had our net access being used by someone else in this apartment building... hopefully not anymore. It's frusturating to know that it's (supposedly) impossible to prevent.

Link to comment
Share on other sites
JC1

JC1

Posted
Posted
Picking up someone else's wireless connection can be as easy as having a wireless NIC & being in range. The computer automatically picks up the signal and then you just click connect to the signal.

 

Encryption and security measures are mentioned in other posts so I wont repeat it all.

 

Would you mind to find me the links to those posts?? i am interested in reading them. Thank you in advance.

Link to comment
Share on other sites
5614

5614

Posted
Posted
Would you mind to find me the links to those posts?? i am interested in reading them. Thank you in advance.

 

Post #2: "once a connection is established you must log in with a proper user/pass to gain access."

Here we learn about a username/pwd

 

Post #4: "WEP is very very easy to break."

Here we learn about WEP which is a 802.11 encryption protocol

 

Post #4: "WPA is breakable but is considerably harder than WEP."

Here we learn about WPA vs. WEP

 

Post4: "wifi access points can be locked to only allowing specific mac adresses (a unique code designated to network adapters)"

Here we learn about specifying mac addresses

 

Post5: "It's much harder than WEP due to the fact that TKIP, its security protocol, is incorporated with 802.1x, EAP and Radius server."

You said that yourself

 

Post11: "Hiding SSID is another thing people should do"

Here we learn about SSID (service set identification)

 

Post12: "To protect a WEP Lan set up you have the option of a password to secure your signal from rogue internet users"

Here we learn about pwd protecting the WEP setup.

 

Post13: "AP usually have a feature that you can input the passphrase"

You said that yourself.

 

That is the kind of stuff I was referring to. What did you mean by asking that question?

Link to comment
Share on other sites
JC1

JC1

Posted
Posted
Post #2: "once a connection is established you must log in with a proper user/pass to gain access."

Here we learn about a username/pwd

 

Post #4: "WEP is very very easy to break."

Here we learn about WEP which is a 802.11 encryption protocol

 

Post #4: "WPA is breakable but is considerably harder than WEP."

Here we learn about WPA vs. WEP

 

Post4: "wifi access points can be locked to only allowing specific mac adresses (a unique code designated to network adapters)"

Here we learn about specifying mac addresses

 

Post5: "It's much harder than WEP due to the fact that TKIP' date=' its security protocol, is incorporated with 802.1x, EAP and Radius server."

You said that yourself

 

Post11: "Hiding SSID is another thing people should do"

Here we learn about SSID (service set identification)

 

Post12: "To protect a WEP Lan set up you have the option of a password to secure your signal from rogue internet users"

Here we learn about pwd protecting the WEP setup.

 

Post13: "AP usually have a feature that you can input the passphrase"

You said that yourself.

 

That is the kind of stuff I was referring to. What did you mean by asking that question?[/quote']

 

Damn, i was thinking there might have had this topic posted in dept regarding 802.11 security measures in the other threads. :-(

Link to comment
Share on other sites
5614

5614

Posted
Posted

I don't have a wireless network for a few reasons:

 

1) More expensive

2) Security

3) Harder to troubleshoot (though I spose in some respects that's good, learning & a challenge) this would apply to others more so than myself

4) Why bother? You know how some people like to have electronic parts lying around, (I do) and I also like having wires lying around, dunno why, it just kinda looks cool! Regardless the network cable still runs through the roof and behind my bed/desk so you can't see it anyway.

The point is I have no problem with cables... so therefore I have no reason to go wireless.

 

Anyway, it's true that most people don't bother with WEP or WAP, because they don't know what it is, don't know hot to setup it up or just don't see the need to... whenever my cousin comes here (she has a wireless NIC (can I call that a WNIC?)) so she can pick up the neigbour's signal just by selecting 'connect' when her laptop automatically tells her she is within range of a wireless network.

Link to comment
Share on other sites
Royston

Royston

Posted
Posted

Anyway' date=' it's true that most people don't bother with WEP or WAP, because they don't know what it is, don't know hot to setup it up or just don't see the need to... whenever my cousin comes here (she has a wireless NIC (can I call that a WNIC?)) so she can pick up the neigbour's signal just by selecting 'connect' when her laptop automatically tells her she is within range of a wireless network.[/quote']

 

You can do the same as most of you probably know with PSP's. Also in the UK they've set up transmitters in train tunnels so you can log on using a lap top whilst on the move. If you're lucky enough to live in range you have perfectly legal free internet. Obviously there are no protocols otherwise they'd be pointless.

 

I think the majority of people in my local area are more clued up to security, the majority of signals I've seen on a friends lap top were WEP / WPA.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.