Mud-club
Chat & Social => The Bar - General Chat => Topic started by: Evilgoat on May 11, 2007, 19:43:47
-
I realise this is probobly in the wrong place but for obvious reasonsI'd like people to see this and think.
This afternoon I went out with a laptop and GPS for a 5 min drive round the imediate area, what you see below is the result. This is with the laptop in the footwell, worst possible location, and no real effort applied.
103 Access points total found with :
23 open, no protection at all, this means their Internet connection is available along with their firewall having been negated and any machines running network shares visible to the world. This is VERY VERY stupid unless you know what you are doing. MAC filtering doesnt help, your traffic is still in the clear and liable to snooping. There have been two court cases recently where spammers have used open points like this to send vast amounts of spam. There is also noises being made about people downloading kiddie porn this way too.
If your access point is open, close it, NOW if you dont now how, get help.
60 points, Hardware was easilly identifiable. This means that if there is a known exploit for your box or a back door, an attacker will know how to get in right off the bat, less work, easier target and thus more attractive. Make the SSID/Name something unique and not identifiable to you or the hardware. 3more went on to include the model number. Its also means if you've kept the defaults the attacker now knows all the passwords and keys to get in.
74 Apeared to be using out of the box, default settings with BT Homehubs being the worst offenders here. As above, it means I have 90% of the info I need to get in.
8 had their physical location fairly easilly identifiable with one including its street address. The yelss out 'I have lots of expensive kit here, at least one PC and probobly a laptop too. Dont do it.
Use Wi-Fi when you have no alternative, cables behave better anyway. If you must use it make the SSID something unique and unrelated to you to a stranger, dont use model numbers, vendor names, house names, street addresses or surnames. Use at least 128bit WEP and MAC access control, if possible use WPA and another form of access control. 64Bit WEP is trivial to bypass and 128 Bit isnt much harder, but it stops casual attacks.
I'm posting this as given I wasnt even trying particular hard, and certainly not as hard as someone who wanted to get in would, I could have caused mayhem. I was actually shocked to find that many vunerable networks! 5 Minutes and I have memory map plot of where they all are.
And before you ask, the data isnt available and I wont tell anyone the kit used :)
-
Hi Evilgoat
Funny you should post about this subject, today a work colleague and I did exactly the same thing, with a new sub notebook to test its wireless ability.We drove around the bypass in Newark and back through the town centre, we could not believe how many unsecure networks appeared, and the majority had either the default name of router, ie Netgear, D-Link etc or the house number or company name as their SSID :shock:
-
I haven't sorted out my internet connection at the new house yet but being offline won't be an issue as some kind soul has an unsecure router which is allowing me 54 Mbps :roll:
It would be churlish not to take advantage :lol:
-
:shock: how do ya know if ya open or closed with the doover thingy then?? took me a week to get this extremly "special" :roll: pc to connect to the modem in the first place i dont wanna fart arse around with it again and naff it up lol hehehe but at same time lol no one use my network lol
-
I haven't sorted out my internet connection at the new house yet but being offline won't be an issue as some kind soul has an unsecure router which is allowing me 54 Mbps :roll:
It would be churlish not to take advantage :lol:
And also a criminal offence if you are caught :?
I use a WLAN because it is impractical to have network cables all over the house, but I know how to secure it and I run a hardware firewall. When implemented correctly it's a secure system but I agree about the issue. Manufacturers are as much to blame. These units should be locked down out of the box and the setup should force users to secure them before they can be used.
-
And also a criminal offence if you are caught :?
Not only can you be prosecuted for using an open wifi network without the owners permission but you can also be prosecuted as the owner for allowing the network to be used for criminal activity (i.e. child porn and spamming).
http://news.bbc.co.uk/1/hi/technology/4721723.stm
So if you have an insecure wireless network in you home or business then you could find yourself in the dock defending an offence of allowing child porn to be downloaded via your internet link and consequently added to the sex offenders register with all the implication than carries.
I except this is unlikely but possible all the same.
You would be silly to leave your house unattended with the front door wide open and your car in a car park with the drivers door open but that is what you are doing with an open wifi network.
And by the way Darren it is a criminal offence even if you are not caught. :-$ :-$
-
Here's a shocker for you. Even an encrypted wireless network isn't safe.
We do this for a living. You'd be suprised how easy/quick it can be to gain access to wireless networks when you have the right equipment.
-
I've UTP to every room - bit of effort but no worries :)
-
Thanks guys :wink: . Being a novice to wireless, your advice/tips have helped & ive now gone back to wired connection. The antenna light on the wireless hub is still lit (even though ive re-installed from scratch using wired connection), does this mean people can still get access :?:
-
Well done for highlighting the risks guys
Fortunetly for me i use cables at the moment but i am looking into wireless stuff for the children to use.
Handy, i work with someone that can advise me on what to get and how to lock it down :wink:
On the note of wifi, when i was working on hgv's, a couple of the co drivers had Playstation Portables.
In every trading estate, business park we'd pull into they would find at least 2 open ways of accessing the internet via a company connection.
Shocking how many don't even have passwords for their staff to access via their laptops!
Their not asking for trouble but encouraging it!
:?
-
well, I've got the only access point I know of round here, and anyone connecting to it might be somewhat disappointed by just how wireless it is ...
i.e. it's separated by a three foot airgap from any of the other networking equipment :)
-
hi,
thanks for making this an issue,
its unblievable how many networks are open though, im in a student area of my town, all Terraced houses, next road about 30 metres away. As all houses are full of students everyone has wireless. i think this is an issue people just seem to ignore and we are going to see more and more prosecutions for it.
A coule got done a few months ago for this didn't they.
James
-
You can have a reasonable amount of fun just wandering round looking for stuff, shared network printers are the most fun...
I usually try printing out a section regarding how to turn the security features on their access point on :)
-
I used my PDA to access the internet whilst my partner wasin York Hospital, should have left it with her and installed skype, would have saved us a fortune calling to those expensive phone lines all the beds have now.
-
My neighbour has wireless as well as me. Mine is secured and his is not. I have told him time and time again to do something with it but he refused, either too lazy or ignorant.
He bought a new printer last week and connected it wirelessly. He was out in the garden last weekend telling me about his new purchase. I went in the house and connected to his network and printed a picture of my face on his printer with the text under it I CAN SEE YOU, I checked later and the network was secured!
-
i've got a wireless network because I need it due to where my ntl cable comes into the house - i think it's WPA secured, but apart from that I don't have any protection. short of getting someone in to look at it, is there any software i can buy (sensibly priced) which will protect me? how good are they? i'm going to print off the useful posts here to see what i can find out about my own network, and will be looking at it tonight.
i've just got a new nokia phone and am also amazed at the number of unsecured access points i can access with it - the power of the technology scares me! i have even found a whole load of mp3 tracks that i could "borrow" if i wanted too - think the owner has good security though as i can only see the really rubbish boy-band stuff!!
-
Just a few comments.
There is a lot you can do, and yes, we know WEP is breakable but look at the stats.
Bob has a secured access point with using WEP as does his neighbour, Dave, but Fred's is open. So who's will get attacked?
There are lots of ways round it and tbh if you are uber paranoid do what I do, yes I run deliberately weak WEP encryption but the firewall behind it requies authentication before you can actually do anything. Its a hardened system too so even if someone went for mine (which has no internet connection atm) they wouldnt get anywhere. Add on top of that wireless and wired are seperated by the firewall too.
A lot of it is about making your connection less attractive than the one 100 yards away but you can get really draconian. WEP with MAC Access control as per most new routers is a pretty good start.
Having expanded this now to get more accurate numbers I've found a lot more suprises, once I've done the article you can all look but the comment about enabling it out of box is good, but I have about 12 BT home-hubs where its been disabled on my list :)
Firewall wise (yes I know I work for them) Look at SmoothWall Express or Even Monowall, you only need an old PC to run it. Otherwise go through your router's manual and read it :)
-
the comment about enabling it out of box is good, but I have about 12 BT home-hubs where its been disabled on my list :)
You discovered them on the drive round even though disabled?
-
i beleive as standard they come closed so for them to be open means some one would have had to change the settings and alow it to be open rather than not realising there was any problems
-
I went to help setup my inlaws wi-fi a few weekends ago and discovered that my brother in-law had already done it for them :evil:
The silly whatsit has managed to set it up open, give it the family name, and after trying to follow the instructions which tell you to go to an internet style address to access the router.......
........ he's password protected it so it can't be changed :roll:
And can he remember the password.... "eeeeeerrrrrr didn't know I'd put one on"
:evil:
One open network, best I can do for them is get them to turn it off when they are not using it.
-
I went to help setup my inlaws wi-fi a few weekends ago and discovered that my brother in-law had already done it for them :evil:
The silly whatsit has managed to set it up open, give it the family name, and after trying to follow the instructions which tell you to go to an internet style address to access the router.......
........ he's password protected it so it can't be changed :roll:
And can he remember the password.... "eeeeeerrrrrr didn't know I'd put one on"
:evil:
One open network, best I can do for them is get them to turn it off when they are not using it.
By Disabled I mean someone has gone in and Disabled the security.
As for the above, go find the manual for the router, without exception they have a system reset. You'll have to set the whole thing up again but you can get it right.
-
By Disabled I mean someone has gone in and Disabled the security.
In which case they deserve all they get, ignorance is one thing but physically choosing to remove security is another ball game entirely!
-
Walked into work this morning with the PSP looking for WAPS, just for grins. Amazing how many i found, connected to at least 3. Its only 1/2 mile to work! :roll:
At home, i've turned off the SSID, and use WPA-PSK. I'll be making confirmed MAC address soon too.
-
a particularly nasty and deviant person i know has an unpatched windows PC set up to act as a wireless access point. it has been infected with god knows how many viruses, worms and trojans, and anyone who access it gets bombarded with attacks. :D
it isnt connected to the internet anymore, not since it he set it up, yet it keeps catching new viruses :?
just for laffs, we reinstalled a laptop fresh from a windows CD and associated with his AP, within seconds it started to crash and within minutes it was unusable.
tbh, anyone who associates with it deserves what ever they catch, as they really shouldnt be doing it