FYI: I'm writing a paper for a class of mine that concerns wlans. Something that I would like to include is how often peopel change their wlan passwords. I did a search on the internet for a similar poll but I did not find anything of merit. So, I'm hoping I might get some decent data, enough to mention in my paper.
Very rarely.
bump
I never change wlan passwords as i have enabled mac filtering, due to that no one could get access through my router.
same here, have wpa2 + aes with a hidden SSID and enabled mac filtering, so no reason really for me to change it
I never change my wifi password as I'm not the one in charge of that but the one who is I know never changes it as he does not know how to change the password used to auto connect the the router and I'm way too lazy to tell him how
Just FYI MAC filtering isn't the most secure. But using a good WPA/WPA2 password is. I probably should change mine but I don't want to. lol
MrObvious said:
Just FYI MAC filtering isn't the most secure. But using a good WPA/WPA2 password is. I probably should change mine but I don't want to. lol
Click to expand...
Click to collapse
I have router with WPA2 + AES + MAC Filtering enabled and i dont think anybody could crack all this.
jitkr said:
I have router with WPA2 + AES + MAC Filtering enabled and i dont think anybody could crack all this.
Click to expand...
Click to collapse
Technically all encryption can be broken. Right now AES encryption is very hard to break but if you have a weak password it is easy.
I have changed my pw once that's it.
Sent from my LiquidSmooth S3 using xda app-developers app
Every time when I buy a new router!
When:
I update my Router software or change the router.
I told it too many people.
But with the current setup I have something that will propably stay a while.
Wpa2 Aes only. SSID is broadcast, Mac Filtering is off, Key is 46 characters full-typable-charset randomness. Only for my devices.
I have a second network for guests which is open. I have put a button on the router that lets me toggle internet access for the guestnet so that people dont torrent the f*ck outta my bandwidth when I'm away or I'm alone.
If I ever get ultra bored enough I will propably try a overblown EAP-TLS setup just for the lulz, who knows maybe it will be profitable setting such up for other people somewhere in the future.
i never change mine, i guess i should start
I cannt change because I lost my modem login pass
Orginal PWD, never change it
Never. I set a new password when buying a new wireless router, but don't change it once it's set. I live in a very rural area so not much risk of someone trying to hack my network anyway.
twice a month for me
Sent from my Burst S280 using xda premium
never
Related
Hi, thanks in advance for help.
I have someone leeching off my Wifi net, who seems to be able to 'break-in' no matter how i secure the WiFi net.
Anyone know of any free Windows Mobile software that will show signal strength of Wifi CLIENTS nearby. Not Access Points, but CLIENTs.
I want to go find this guy.
thanks
Hi there!
If you got an "leecher" on your network I would recommend you to start your search on your router.
You didn't provide any specs, how did you find out that someone is on your network?
Next question, have you changed both, router pass and wlan key?
Are u using weak encryption (wep)?
Whats about your mac-filter?active?
I would guess you've got an dhcp server on your network/router... go there and check the dhcp releases. Any suspicious entrys? You should know all the devices listed there. If you have found a IP you don't know, ping it and check if its alive (those packages can be ignored by the host), try to access it via smb, you could also try a demo of languard and try to read out details like os, user, owner...
I'm almost shure you can't use your wm device to locate a client of a network, unless you can switch your wlancard to ap-mode and he connects to you ^^
Nope, need signal strenght reader if poss.
Thanks for the comment, but I'm pretty security savvy, and have done most of what you recommend.
I actually can't believe he's still getting in when I've locked down so tight.
Anyway, it's a CLIENT signal strengh program that I'm trying to find.
Rogue clients are malicious wireless client devices that either try to gain illegitimate access to your WLAN or try to disrupt normal wireless service by launching attacks. There are numerous ready-to-launch wireless attack tools freely available on the net. Many of them are open sourced and work pretty well with most Wireless client cards. This turns any curious mind to professional hacker in minutes. Many do it simply for the pleasure of being able to disturb someone remotely. All these developments force WLAN administrators to give a second look at any wireless client that is misbehaving.
What means most of that what i recommended?
Did you actually change the router password AND the wlan key?
Sorry, I don't think that you can trace him with your mobile. as long as hes not connected to your mobilephones wireless network (wich requires your mobile wlan device to switch to ap-mode).
Forget about that.
Please tell us, why do you think somebody is on your network, how did you find out... whats the "evidence" for you that there is somebody.
I'd like to help u, but i need some further details to lock him out.
I hope you know that its just a matter of minutes to break a wep key. GPUs are used to decode it, which is damn fast!
So please provide more specs about your network.
Greetings
1: Use WPA instead of WEP.
WEP is crackable in a matter of seconds.
2: Assign access control/MAC filtering
3: Use your network in ad-hoc mode
Well, WPA is crackable too.
The person in question might change his MAC to yours and create collisions anyways
Can you be sure that he has really associated with your router. I have noticed some client/router combinations "apparently" associate but all traffic is blocked because they did not provide the right key.
As others say - use WPA WPA2 and use a strong (non dictionary) passphrase
get a computer that can run airodump or something similar.
run airodump with it set to the channel of you router - not in hopping mode as you will miss lots of packets.
Airodump will tell you the strength of the signal from his computer so if you have this on a laptop you can move around and possibly can an idea roughly where he is
Thank you, i will try Airodump
Thanks in particular Scote.
I didn't list the router config simply becuase I am confident it's pretty secure:
Router is a new Belkin N1
- 63 random char password from grc.com/passwords
- SSID is "netgear" even though its a Belkin : intention to mislead for access URL.
- WPA2-PSK AES encryption
- SSID not broadcasting
I didn't bother with MAC filtering, as I understand a good 'hacker' can spoof it : If this guy can get through WPA2 I would say he can probably MAC spoof.
My 'evidence', is that up to 3 unkown computers turn up on the 'Clients List', around 4 hours after I change the SSID/password : Each time.
I have 2 laptops, so I will try Airodump or maybe Backtrack (suggested elswhere) on these as a 'direction finder' based on signal strength.
Hmmm...I did read somewhere you can set a Kaiser to be an access point...
Thanks all
Yes you can.
Someone found his stolen Wii/mobile phone (don't remember which one) that way.
There was even an article on the net.
So I go to college and the entire campus is covered by a WPA2 network. This WPA network requires a username and password. But the Nexus One only asks for a password. How do I connect to it?
That'll be WPA Enterprise. Normal WPA doesn't use a username.
It should work.. seemed to in my limited tests (I'm not running it now though as 90% of my wireless devices don't support it, otherwise I'd go back and check the settings etc.)
So does anyone know if n1 supports this EPA enterprise?
You pry need to talk to the IT guys on your campus and set it up as a vpn that should make it work.
no one has tried the nexus one on a college WPA wireless network?
WPA Enterprise (EAP-TTLS/PAP) works for me!
I didn't have to do anything special. On the first connection attempt my N1 set up a password to protect the credentials, and then asked for username/password. Worked flawless.
thanks you have eased my worries
I used 801.11x for security for mine to get it to work.
Volker1 said:
WPA Enterprise (EAP-TTLS/PAP) works for me!
I didn't have to do anything special. On the first connection attempt my N1 set up a password to protect the credentials, and then asked for username/password. Worked flawless.
Click to expand...
Click to collapse
Yeah it worked easily for me at my university. I actually have to write up the WPA2-ENT documentation for all Android 2.X devices. Yippee.
Good to know since the G1 doesn't support WPA2-Enterprise out of the box
Most of the universities I have been at used LEAP authentication. I have no clue if the nexus can connect to it though.
Has anyone tried faceniff on the atrix yet?
yeah it works. lol.
Such a vague post. Whats it all about? Details maaan!
theres always google
I meant on the Atrix which is the forum I am posting in
It works well on the Atrix. I have it and it does seem to work.
Scott
Does anyone know it works on WPA and WPA2? Are they forcing the client re-associate to the AP to sniff the initial key negotiation?
Works on WPA2 here. Does not work on EAP though I don't think.
Why would you want to steal peoples accounts (identities)?
Sent from my MB860 using XDA App
drew68 said:
Why would you want to steal peoples accounts (identities)?
Sent from my MB860 using XDA App
Click to expand...
Click to collapse
To troll in public hotspots
Hmmm does anyone here has an unlocked version? 0.o
Works great for me *edit: on the Atrix*. I asked the dev about putting the unlocked on Market or Amazon (dont like paypal). He said it was removed from the Market and he will look into Amazon.
If he releases some code(maybe he already has, haven't looked), this could open likes of similar apps. I especially like the idea of an Atrix as a wireless monitoring device since it has 5ghz, unlike almost all other phones.
I bought it and got it unlocked. This is more for curiosity's sake than actually hacking. I live out in the country. Not much for open wifi out here.
Scott
I went to a Starbucks today after getting the app, and I couldn't get it to work there.
Not sure if it has to do with the AT&T Wifi at starbucks, but I'm going to do more testing with it.
Did you try stealth mode, I guess some routers are built to monitor that kind of intrusion and stealth mode is the work around
Sent from my MB860 using XDA App
jenarelJAM said:
Faceniff has nothing to do with open vs WEP vs WPA vs WPA2 encryption on the network afaik(I haven't used it, but I read about it). It wont break encryption. My guess is that its doing a simple ARP poisoning attack, routing all network traffic through your phone before it goes out the router, then just filtering for unencrypted facebook/tsitter/etc. packets.
This has been around for years. What's new is that its been ported to a mobile phone and been made accessible to the masses.
Be careful using this guys, your network traffic leaves a trace, and I'm not sure if facesniff spoofs your mac address. You could get in big trouble if you get caught.
Sent from my MB860
Click to expand...
Click to collapse
I understand that you already have to be connected to the AP to do this but... as I understand it with WPA and WPA2 they negotiate session keys so that each connection uses a different key. Hence you cant decrypt another persons traffic. The key is negotiated in the beginning and if you can capture that negotiation, then you can decrypt the traffic.
Does faceniff only monitor new connections and then see if they log into one of those sites? or does it actively try and disassociate people from the AP so they have to reconnect.
Was using it on my home wifi. Was able to hack into mine and my gfs facebook accounts. Then i monitored my neighbors open wifi (tard) and was able to get into his. Told him to put a password on his wifi because of security. I think this is a real eye opener into the world of internet security. Really interesting app. Pretty scary. But yea, using this at school is a bad idea. I was just doing some packet sniffing at college and i got a nasty email saying that if i was doing anything nefarious i could be expelled. So remember: USE STEALTH =)
Hey there,
could someone send me a PM where to get this app.
THX!
jenarelJAM said:
Faceniff has nothing to do with open vs WEP vs WPA vs WPA2 encryption on the network afaik(I haven't used it, but I read about it). It wont break encryption. My guess is that its doing a simple ARP poisoning attack, routing all network traffic through your phone before it goes out the router, then just filtering for unencrypted facebook/tsitter/etc. packets.
This has been around for years. What's new is that its been ported to a mobile phone and been made accessible to the masses.
Be careful using this guys, your network traffic leaves a trace, and I'm not sure if facesniff spoofs your mac address. You could get in big trouble if you get caught.
Sent from my MB860
Click to expand...
Click to collapse
No poisoning needed. Wifi works the same as a hub. If you're associated to the network, you'll see all the traffic. Now there are ways to try to stop this, ap isolation, and whatnot, but it's radio, so there's really no way around it.
CLICK THE "USE SSL CONECTIONS ONLY" PEOPLE!
Well due to a suspicion of someone in my area trying to get into my network I disabled the SSID.
Since then my GT-I9300 stopped seeing it, says it's out of range. My router is TP-Link TL-WR1043ND
Any way I can fix that? I have stock rom with root.
If you disabled your ssid no device will be able to see it. Basically it means your wifi is off. You have to enable ssid in order to connect to it. Few steps you can make to ensure its more secure. Change log in user name and password to your router. Change your wifi ssid and password to a more complicated one.
Sent from my GT-I9305 using Tapatalk
UD3R said:
Well due to a suspicion of someone in my area trying to get into my network I disabled the SSID.
Since then my GT-I9300 stopped seeing it, says it's out of range. My router is TP-Link TL-WR1043ND
Any way I can fix that? I have stock rom with root.
Click to expand...
Click to collapse
I never tried, but I can't believe we don't have the option to connect to a hidden SSID
I downloaded this app and it does work. https://play.google.com/store/apps/details?id=jp.sourceforge.soopy.hidden.ssid.enabler&hl=en
It allowed me to connect to my wifi with the SSID not broadcasting.
If you know the SSID name you can add it manually with the add option.
As has been said, you will need to add your network again, and type the SSID in, just tap "Add Wi-Fi network" under Wi-Fi settings.
Also just so you know hiding the SSID will not provide much more security, it's easy to obtain the SSID even if it's hidden with the right software, also if someone was attempting to gain unauthorised access to your network they probably know your SSID anyway. If you use a strong WPA2 key to secure your network it will provide much more security than hiding your SSID.
No one can crack WPA2. Just stay away from WEP.
jinosong said:
No one can crack WPA2. Just stay away from WEP.
Click to expand...
Click to collapse
Listen to this man.
jinosong said:
No one can crack WPA2. Just stay away from WEP.
Click to expand...
Click to collapse
All kinds of network security can be cracked. It's a matter of resources (time, processing power, etc.). Just keep in mind that some (like WPA2) are just more difficult to break than others (WEP).
And also, don't forget that PEBKAC.
Cheers
PS: I think that changing and hiding the SSID + choosing a strong WPA2 key can bring enough peace of mind. Unless you're dating the daughter of the Head of NSA
Analog33k said:
All kinds of network security can be cracked. It's a matter of resources (time, processing power, etc.). Just keep in mind that some (like WPA2) are just more difficult to break than others (WEP).
Click to expand...
Click to collapse
I knew some idiot was gonna be a smartass and state this. We're talking about a neighbor cracking this guy's home network. Everything can be cracked with enough resources; yes we know that.
jinosong said:
I knew some idiot was gonna be a smartass and state this. We're talking about a neighbor cracking this guy's home network. Everything can be cracked with enough resources; yes we know that.
Click to expand...
Click to collapse
Wow... "Idiot"... "Smartass"... Who is, really? Mr Wikipedia-I-Know-Everything who can't be a bit polite in a forum? Come on, guy... Go breathe some fresh air outside and come back (or not).
Btw, pls give correct answers to the one asking a serious question and stop polluting his thread.
Peace & ciao.
Sent from my GT-I9300 using XDA Premium 4 mobile app
Listen you pre-pubescent know-it-all. I gave him the correct answer, to set it to WPA2, which is safe enough for the guy's needs. Then you come with some wise-ass statement stating nothing's safe from cracking. Do you think the NSA is going to try to crack his internet password?
The worst part of forums like XDA is that we have to put up with little nerdy middle school kids who aren't yet socially apt but want to look like they have a clue.
UD3R said:
Well due to a suspicion of someone in my area trying to get into my network I disabled the SSID.
Since then my GT-I9300 stopped seeing it, says it's out of range. My router is TP-Link TL-WR1043ND
Any way I can fix that? I have stock rom with root.
Click to expand...
Click to collapse
Dude, let's stick to the point you've raised.
YES, you can hide your ssid AND put a WPA2 key on it. You just have to add it as another network. That's my current router configuration, and everything is running quite smoothly.
Let us know if it works.
Cheers
Sent from my GT-I9300 using XDA Premium 4 mobile app
srafa007 said:
If you know the SSID name you can add it manually with the add option.
Click to expand...
Click to collapse
right !
Hi, not sure if this is the right section. If not, please move.
Basically each time I activate my phone's (Samsung S3 4.3 rooted) tethered Wi-Fi, to use the Internet on my iPad, someone can remotely connect and see what I'm doing. Even with WPA2 + strong ass password + MAC filtering. Why I know this is a long story, let's just say I have a stalker and he talks about his exploits to someone who's loyal to me. I'm assuming that it's possible since I've already have had my home Wi-Fi hacked with the WPS exploit.
Is there anything I can do? As in alternatives to stock app of anything else.
raskol9987 said:
Hi, not sure if this is the right section. If not, please move.
Basically each time I activate my phone's (Samsung S3 4.3 rooted) tethered Wi-Fi, to use the Internet on my iPad, someone can remotely connect and see what I'm doing. Even with WPA2 + strong ass password + MAC filtering. Why I know this is a long story, let's just say I have a stalker and he talks about his exploits to someone who's loyal to me. I'm assuming that it's possible since I've already have had my home Wi-Fi hacked with the WPS exploit.
Is there anything I can do? As in alternatives to stock app of anything else.
Click to expand...
Click to collapse
Try https://play.google.com/store/apps/details?id=com.foxfi&hl=en
It is really easy for him to spoof the mac address of your ipad and bypass the mac filtering.
He can also collect your wpa2 handshake and crack it easily with enough time and enough Cuda cores on his gpu.
First, Try a random max character wpa2 password and keep changing it to make him irritated.
Second, go on the offensive with kali linux.
(Put dd-wrt on your router too and disable wps to stop his wpa attack + use strong wpa2 key-no words or phrases)
Third, figure his credentials out and report him to the police.
You could use Kismet to find out his device's mac address and you could use his signal strength to find out what house he lives in then report him to the police.
Lgrootnoob said:
It is really easy for him to spoof the mac address of your ipad and bypass the mac filtering.
He can also collect your wpa2 handshake and crack it easily with enough time and enough Cuda cores on his gpu.
First, Try a random max character wpa2 password and keep changing it to make him irritated.
Second, go on the offensive with kali linux.
(Put dd-wrt on your router too and disable wps to stop his wpa attack + use strong wpa2 key-no words or phrases)
Third, figure his credentials out and report him to the police.
You could use Kismet to find out his device's mac address and you could use his signal strength to find out what house he lives in then report him to the police.
Click to expand...
Click to collapse
Thanks. I'l check this out.
I already secured my home Wi-Fi with DD-WRT, so the big deal is with the tethered connection. For now I've stopped tethering altogether.