Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 36
  1. #16
    Joined
    Dec 2000
    Posts
    5,051

    Re: Possible to track a WiFi hijacker?

    And turn off SSID broadcast
    Thats actually a bad idea now, when you turn that off it forces the client to broadcast the SSID in order to connect to the network.

    It also allows for subversion by rogue access points which can echo the SSID sniffed off the air from clients broadcasting the SSID.

  2. #17
    Joined
    Nov 2002
    Location
    In bed with one of my avatar AMD girls :D
    Age
    39
    Posts
    8,876

    Re: Possible to track a WiFi hijacker?

    Yeah with my old router I had a guy piggyback riding my connection for a few weeks till I figured out that I was actually being piggybacked,at first I thought it was just my ISP crapping out.I had WEP encryption and even MAC adress filtering on but this little bitch still managed to hack my router,even blocked my own PCs from accessing internet,which is why I thought it was my ISP crapping out.Then one day I got suspicious and checked wifi connection logs and saw there was stuff that wasnt supposed to be there.....
    Tryed changing router access password and WEP password again with no luck,the guy still would get in no matter what I did.
    Finally I just said screw this,ditched the old router and got a newer one with WPA encryption and so far havent been hacked since,lol at least that I know off

    Btw about disabling SSID broadcast?Wouldnt that terminate your wifi signal completly?I was thinking of doing that as well,but I have a laptop in this house that needs the wifi signal.Would the laptop still be able to go online with SSID off?
    Last edited by Poci; 03-15-2007 at 01:22 PM.

  3. #18
    Joined
    Aug 2000
    Location
    Vvardenfell
    Age
    58
    Posts
    10,891

    Re: Possible to track a WiFi hijacker?

    I thought advice was still to leave SSID broadcast off? When I'm trying to connect a new built to my wireless network, the network shows as existing, but with no name showing. This would suggest that the router is advertising its presence, but simply hiding the network name. Now I'm sure that there are ways of grabbing the SSID, but I would imagine protection against casual hackers is more important than protecting against experts in a situation where the settings for each are mutually exclusive. After all, an expert could probably always find a way in anyway.


    M

  4. #19
    Joined
    Dec 2000
    Posts
    5,051

    Re: Possible to track a WiFi hijacker?

    Here's the reason why you don't want to disable the SSID broadcast.

    When you disable the SSID broadcast on the access point, the client then requires the exact SSID to be entered. Then the SSID is broadcast in clear text in order to find the access point.

    So you can see theres no need to be an expert in order to pick up the SSID in this case.

    Btw about disabling SSID broadcast?Wouldnt that terminate your wifi signal completly
    Nope, but you'd need to make sure the SSID is correctly entered into the client and as I mentioned above the client will broadcast the SSID in order for the access point to pick it up.

  5. #20
    Joined
    Aug 2000
    Location
    Vvardenfell
    Age
    58
    Posts
    10,891

    Re: Possible to track a WiFi hijacker?

    Then surely it makes little difference to experts who will capture the SSID anyway, but will deter more casual hackers who won't see the SSID? Just trying to understand here.


    M

  6. #21
    Joined
    Feb 2001
    Posts
    18,901

    Re: Possible to track a WiFi hijacker?

    what i find amazing is in residential neighborhoods how many people don't use any security at all. i didn't 3 years ago when i first set this up as a) it would slow down my connection using wep and wireless b protocols at the time b( who else would have a router in a cul-de-sac where everyone is 50+ except for our family? well, times have changed..3 years later, my neighbor is in his 30s, has a son...neighbor across the street who's in my age (40s) and a lot more wireless connections. when i set up my wireless N , it was an absolutely necessity to go wpa..matter of fact, i went wpa-2 as i'm pickup up no less than 6 wireless connections from others..3 of those at 95% or better, 2 of them, completely unsecured. and i know that there are only 3 people in our cul de sac who have wireless..so i'm getting those 3..but i have a park behind me so no signal from there. the closest signal outside our neighborhood is the length of a football field away behind other houses and i'm picking them up at 65 to 75% with wireless N

  7. #22
    Joined
    Dec 2000
    Posts
    5,051

    Re: Possible to track a WiFi hijacker?

    but will deter more casual hackers who won't see the SSID? Just trying to understand here.
    The kiddies use tools provided to them by the experts, and since there is no protection on the SSID broadcast from the client its way to easy to use it to subvert a wireless connection. ( For one it gives them one major piece of the puzzle, that being the ability to tell which packets are from the target network.)

  8. #23
    Joined
    Dec 2004
    Location
    New Zealand
    Posts
    138

    Re: Possible to track a WiFi hijacker?

    So, if I hide my SSID, hijackers can still find it because it is sent in clear text and this somehow gives them a better chance of hacking the system? More so than broadcasting the SSID normally? Or is it just pointless to hide it due to the fact an experienced hacker could find it anyway...

    ( For one it gives them one major piece of the puzzle, that being the ability to tell which packets are from the target network.)
    Could they tell which packets are being sent with a network broadcasting the SSID normally? Or would the encryption prevent that?

    This is confusing
    Last edited by mr_zen256; 03-18-2007 at 06:51 PM.

  9. #24
    Joined
    Dec 2000
    Posts
    5,051

    Re: Possible to track a WiFi hijacker?

    You can't hide the SSID, you can only control which end is sending it out.

    There are several very good reason why you don't want your clients broadcasting the SSID.

    1.) It allows a potential attacker the ability to map out all the clients belonging to the target network. ( Allows possible subversion.)

    2.) Makes it easier to pickup the SSID, as you have multiple broadcasting points.

    3.) Makes it easier for an attacker to setup a fake access point.

    The other point is it doesn't take an expert to do this, all of these exploits come in sets of security tools used by kiddies who don't know anything about networking or security. ( Hallmark of kiddies handy work are mass bandwidth pulls and fairly easy to tell signs of increased network usage, an expert would not be so obvious.)

  10. #25
    Joined
    Dec 2004
    Location
    New Zealand
    Posts
    138

    Re: Possible to track a WiFi hijacker?

    ( Hallmark of kiddies handy work are mass bandwidth pulls and fairly easy to tell signs of increased network usage, an expert would not be so obvious.)
    That is exactly what happened.

    I still havent had any intruders since changing to WPA and MAC filtering.

    In my router settings there is a checkbox for "Enable SSID broadcast". I unchecked that and set up a new SSID in the router. Since the SSID doesnt show up on the wireless network list I manually entered the SSID into the access point on the other PC and it connected fine.

    If I am correct in my understanding you would recommend checking that box so the SSID is visible?

  11. #26
    Joined
    Dec 2000
    Posts
    5,051

    Re: Possible to track a WiFi hijacker?

    No, I'm saying that disabling the broadcast on the access point isn't going to secure your network and in certain cases makes it more interesting for attackers. ( It can also cause connectivity problems in areas with a fair number of wireless devices.)

  12. #27
    Joined
    Dec 2004
    Location
    New Zealand
    Posts
    138

    Re: Possible to track a WiFi hijacker?

    No, I'm saying that disabling the broadcast on the access point isn't going to secure your network and in certain cases makes it more interesting for attackers. ( It can also cause connectivity problems in areas with a fair number of wireless devices.)
    Thanks for the heads up. I'll put it back on the default setting. I'll probably look at getting WPA2 at some point too.

  13. #28
    Joined
    Dec 2000
    Posts
    5,051

    Re: Possible to track a WiFi hijacker?

    At some point I'm going to play with a wireless honey pot to see how bad things are out my way.

  14. #29
    Joined
    Jul 2001
    Location
    UK
    Age
    51
    Posts
    20,229

    Re: Possible to track a WiFi hijacker?

    Quote Originally Posted by Bryan View Post
    At some point I'm going to play with a wireless honey pot to see how bad things are out my way.
    That sounds like an interesting project

    Would be interested to look at unsecured connections as well as WEP encrypted - see if you can tempt some break-ins.

    Maybe you could put a sign at the end of the road - "free wireless this way"

  15. #30
    Joined
    Aug 2000
    Location
    Vvardenfell
    Age
    58
    Posts
    10,891

    Re: Possible to track a WiFi hijacker?

    Quote Originally Posted by mr_zen256 View Post
    Thanks for the heads up. I'll put it back on the default setting. I'll probably look at getting WPA2 at some point too.
    Slightly OT: anyone know any NICs which support WPA2? My router does, but not the NICs, which are standard WPA.


    M

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •