Need network security experts!!!!

Science & Technology Information Technology, Gaming, Machines, Gadgets
21

Re: Need network security experts!!!!

Ok now I put the network on Invisible mode, that should stop broadcasting the SSID right?

22

Re: Need network security experts!!!!

Through the various posts here, it’s prolly evident to cricketplaya that there’s no such thing as bulletproof security. It’s about proper risk management and improving your odds… and it’s a combination of multiple things that people have recommended here which will do that for you. Afterall, the average network hacker only wants to use your bandwidth and is probably not really interested in sabotage or espionage… so they’re not going to spend excessive resources (including their time) on trying to hack into your wifi.

What you need to do is to make sure that the default settings and the most common loopholes and choke points are taken care of.

Tofi has provided a good list to get you started… I’m taking the liberty to add to it:

Don't advertise SSID - just to keep the honest guy honest
Also… change the default vendor assigned SSIDs

Static IP - so the new connections don't automatically get on ur subnet
Additionally, try not to choose addresses at the beginning of a private range. IP addresses like "10.0.0.1" and "192.168.0.1" are commonly assigned to routers and access points and are usually targeted in network attacks.

Use WPA with a long passphrase (8-10+ alphanumeric, impossible to crack with brute-force)
as said earlier, nothing is impossible to crack… but using WPA2 or WPA2/WPA (hybrid) in combination with a strong key phrase, you can make it difficult to crack. Make sure you use a combination of letters and numbers, and rule of thumb used by various security personnel is 14 characters or more considered a safe bet. Also, use your bilingualism to your advantage here… try to think outside the standard dictionary words and phrases.

Mac filtering (not the best, but with above an additional measure)
yes… pretty simple to spoof a physical address but I’d still recommend it. It’s helpful as an additional layer of security.

Use one of those aluminum parabolas that directs the wifi signal in the right direction (you'd be surprised how controlled the signal is)
*really good point – there’s really no substitute for physical security. You should try to place your access point somewhere around the center of your home rather than on the peripheries. Also, if at all possible, place it around your most common workspaces. Having said that, you’d obviously need to consider DOI - distance, obstructions, and interference to come up with an optimal location.
*

Some other simple things that I can suggest are:

  • Change your Default Administrator Username and Password on the routers and access points.

  • Turn Off Remote Administration of your Access Points unless you absolutely need that feature.

  • Turn Off the Network During Extended Periods of Non-Use (when you're away for multiple days on end etc.)

23

Re: Need network security experts!!!!

Thanks Umer bhai!

I have followed most of the tips you guys posted, will see in the coming days how my bandwidth looks.

24

Re: Need network security experts!!!!

Spot on. The other variable is user inconvenience. Some of the strategies recommended do not offer protection, but inconvenience so why implement them?

MAC filtering: As most of you have said spoofing MAC is easy as 123. Will it stop a hacker? what impact will this have on the user. Constantly having to manually register devices on a white list, your pal comes in with his new IPhone he cant connect until you configure your access point to do so. Extra hassle really with nothing gained in security terms.

SSID: To connect to a wireless network you need the SSID. If you disable broadcasting of SSID from the access point (AP) it simply wont pop up up doing a scan for networks in most programs. But the small problem is 802.11 probe packets i.e. your device connecting to a (AP) MUST have the SSID in plain text, before authentication. Hacker simply waits and up pops the SSID, can even force devices to disconnect and reconnect. Again your pal with IPhone will need you configure his device. You just cant tell him the key.

Static IP: Once a hacker has access to your traffic offers nothing. Simply the case of viewing frames and packets to see the network topology. ARP helps too. Your pal problem again. Have fun trying to configure his device, most devices now assume DHCP would be running on the AP to save the user pressing awkward buttons.

Physical security: Physical security does work, but it is overkill for home user. You can get companies that will use directional antennas to make sure only your property is served by your signal but you need experience, rather difficult to do.

My Advice: Keep layer 2 secure as possible, this will prevent ACCESS to your network which is what you are most concerned about. To achieve this use (in order of preference): WPA2, WPA-AES, WPA-TKIP. Some older devices may only support WPA-TKIP, this is fine as only brute force attacks exist at the moment. Pick a good password with alphanumeric characters. A good method to avoid dictionary attacks is picking a phrase e.g. "Yeah i know you twat" would become Yikyt where only the first char of each world is written down. Add some numerals to that and you should have a good password, obviously longer.

25

Re: Need network security experts!!!

Just been going through some of my work on WEP. I have a report which will give a good technical understanding of 802.11, unfortunately I can not publish the report itself for two reasons. Not 100% who actually owns it and some references to myself which is a no no with me in the public domain.

I did recall this video tutorial though, this uses the FMS attack since then more efficient WEP attacks exist: video crack wep aircrack

GAME:- End with BATHROOM MEIN
26

Re: Need network security experts!!!!

[quote]
Windows MAC can be easily changed. Look in your registry. Some drivers support this natively through device manager.

[/quote]

Interesting thread.

Risc, can you explain me on how to hack the MAC ID of any client pc and then emulate on a client machine to ensure access into WLAN? (Regardsless of the OS)

27

Re: Need network security experts!!!!

I dont know about hack MAC ID but if you refer to spoofing then:



Linux

ifconfig ath2 hw ether A1:B2:C3:D4:E5:F6





Windows Reg:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}

Create NetworkEntry value and key in new MAC. Something like that anyway technically speaking. Some programs will do this for you. Deleting the entry will force the OS to load MAC address from NIC EEPROM.

28

Re: Need network security experts!!!!

There is one problem with spoofing, how will you spoof the mac addresse which are restricted for use over the router?
And the reg settings you refering to are set to default as soon as you reset your computer.

29

Re: Need network security experts!!!!

Three Ss': Sniff -> Spoof -> Snoop...

it's pretty simple to use a network sniffer to observe frames from AP to workstations and use that information in spoofing a MAC address.

[quote]

And the reg settings you refering to are set to default as soon as you reset your computer.

[/quote]

As far as I know the value of the NetworkAddress:REG_SZ keyword retains even after a reboot.
However, someone who has access to even the basic tools won't bother with this method. Look up SMac ; Etherchange or Mac Makeup utilities.

Shamsi Airbase
30

Re: Need network security experts!!!!

ppl comment on this technique .

31

Re: Need network security experts!!!!

^ knockout_artist, a network sniffer application can easily provide that information by simply observing the network traffic

Shamsi Airbase
32

Re: Need network security experts!!!!

hmmm

33

Re: Need network security experts!!!!

No doubt, that there are tools available for obtaining the MAC addresses. My concern was how do you "hack"/snoof mac addresses without such tools.
I remember my practical at the University some while ago having tried to obtain mac addresses from client pcs behind A FIREWALL. A very difficult task to perform! Especially If you dont have such tools available.
And yet I have to admit I'm not the best in programming or hacking :p

34

Re: Need network security experts!!!!

^ that is totally irrelevant to this scenario, and the problem the original poster has.

If you look on the TCP/IP stack, MAC addresses is used with routing of Ethernet frames. Ethernet sits on top of physical mediums such as UTP, WiFi, their will be a point where the frame is discarded, and ther IP packet made available on the outside of the firewall. MAC addresses are NOT use in routing traffic over the web but LAN.

35

Re: Need network security experts!!!!

Firstly that is an illegal address. 192.168.x.x. and 10.0.x.x (or something) are private address ranges. Using anything else is silly, e.g lets say you want to visit gupshup this is what happens:

1) Your computer makes a request to a DNS server with argument of paklinks.com
2) DNS server replies with IP address
3) Your computer using the HTTP protocol makes a request to the returned IP with any subdirectories.
4) gupshup replies with data in HTTP format
5) Web browser interprets and renders HTML and objects.

What if the IP address returned by DNS server is the same as that given to your AP. You would be unintentionally blocking out websites yourself.

As pointed out earlier, to find the IP of an AP is trivial anyway.