Your WiFi Router - Is It Secure?

[palandri]

I own a townhouse. I know all of my neighbors. My Cisco wireless router died. No big deal, I bought another one. I set up the new one up with the same SSID and WPA2 password. The difference with the new one is I could now see the activity lights.

After I set it up, I checked all of my wireless devices (8 total) and they were all working fine. Later on I noticed my 2.4GHz band seemed really active. I thought I must be getting an update on one of my devices. The activity continued and I thought, what the heck is going on. I pulled up a network map and there are 10 devices connected to my wireless router. I thought, what device am I missing. I even checked the MAC address of all my devices. I wasn't missing any. There were 2 devices connected to my WiFi that I didn't recognize.

I changed the WPA2 password on my router. Then changed the WPA2 password on my 8 wireless devices. Now when I pulled a network map up I get 8 devices connected. Some body, obviously one of my neighbors was tapped into my WiFi.

 

[Laura Knotek]

That's messed up. How did the neighbors get your password?

 

[ImmortalWarrior]

I can brute force a wpa in a decent time if you use common words or variants to make it.

 

[Alex Rodriguez]

Routers are easy to hack if you have knowledge using Linux (Backtrack specifically)

 

[palandri]

That's messed up. How did the neighbors get your password?

I have no idea. I asked my wife if she had given it out to anyone and she said no, I don't even remember it. I also checked firmware updates for my old Cisco router. I was behind one update. I was running 1.0.0.4, and the latest firmware was 1.0.0.5, but there was no mention of a security issue with the 1.0.0.5 update. It was a 10 digit password, which would normally be pretty secure, i.e., 47kLJttYeU.

 

[palandri]

I can brute force a wpa in a decent time if you use common words or variants to make it.

Thanks for letting me know that. It's appreciated.

 

[Laura Knotek]

I have no idea. I asked my wife if she had given it out to anyone and she said no, I don't even remember it. I also checked firmware updates for my old Cisco router. I was behind one update. I was running 1.0.0.4, and the latest firmware was 1.0.0.5, but there was no mention of a security issue with the 1.0.0.5 update. It was a 10 digit password, which would normally be pretty secure, i.e., 47kLJttYeU.

That's weird. That wouldn't be considered a weak password.

 

[palandri]

Routers are easy to hack if you have knowledge using Linux (Backtrack specifically)

Thanks! Now i know.

 

[palandri]

That's weird. That wouldn't be considered a weak password.

That's what i thought.

 

[Alex Rodriguez]

That's weird. That wouldn't be considered a weak password.

It becomes stronger if you put symbols like @#* instead of a use @, if you use i use ! or 1, things like that.

 

[CJ Thunder]

Routers are easy to hack if you have knowledge using Linux (Backtrack specifically)

How? Isn't there a lockout after so many failed attempts from the same mac address?

 

[palandri]

It becomes stronger if you put symbols like @#* instead of a use @, if you use i use ! or 1, things like that.

Thanks!

 

[dipayanster]

on my belkin i have hidden ssid broadcast, use a strong password for wpa2, enabled mac id filtering and added my connecting devices mac ids in allowed list and set a strong password for router configuration access. i guess that as much as i can do. anything more can be done to secure the router?

 

[ImmortalWarrior]

Sure there is, but you don't brute force the router itself. You brute force the "handshake" files locally. Using monitoring you can capture the handshake packets, save them locally, then run them through a brute force with a 40 gb dictionary file.

MAC address filtering is also useless. It's the easiest thing to spoof using almost any distro of Linux.

 

[ImmortalWarrior]

on my belkin i have hidden ssid broadcast, use a strong password for wpa2, enabled mac id filtering and added my connecting devices mac ids in allowed list and set a strong password for router configuration access. i guess that as much as i can do. anything more can be done to secure the router?

Hidden SSID does nothing to protect your network. It's the same level of protection provided by using a POST http request over a GET.

Mac address filtering cam be spoofed in 2 seconds. I spoof all my hack attempts before I even touch the router. Valid MAC addresses are broadcast with the packets from those devices

The only thing you can do is use a fairly long complex password. Make sure you do the same for your router login.

 

[ttsoldier]

Nothing on the internet is safe.

I have a friend who can hack you without being anywhere close to you or your router. The interweb + right tools in the wrong hands = destruction

 

[jdevenberg]

I've got a 16 digit password that has no basis on real words or meaningful number combos. Purely a random string. Pain in the butt for entering into things like wifi printers and such, but its secure and more and more devices are supporting WPS so I don't have to type it as often as before.

 

[beachhoppr]

Its not the character combination that only matters its the length. Technically p1G............... is a tougher password to crack than say Hgh13&#

 

[ImmortalWarrior]

Its not the character combination that only matters its the length. Technically p1G............... is a tougher password to crack than say Hgh13&#

This is important. I haven't done a lot of digging into brute force algorithms and haven't yet written my own, but the first thing I would do is take a dictionary file and run through all the variations of each word and combinations of words. The last step would be to run a systematic one step at a time process of password attempts. Sequentially.....which could take eons.

 

[ImmortalWarrior]

Nothing on the internet is safe.

I have a friend who can hack you without being anywhere close to you or your router. The interweb + right tools in the wrong hands = destruction

Not true at all. If the protocols are configured correctly and a strong SSL encryption is used the data is safer than if you kept a written copy of it in your wallet.

The problem comes when someone uses an open network and passes user credentials and session information unencrypted. I can sniff that out immediately using common tools such as wireshark.

There is a whole gamut of security concerns with database data, cross site scripting and injection attacks but that's not quite the same.