I went down to futureshop today to pickup a wireless card to have intraweb access at my hotel(The only provide wireless or dialup...so meh). Upon arriving home I figured I'd get the card installed and play around with it, low and behold as soon as I installed it the damn thing found 3 wireless routers/access points in my apartment building.
The question I put to the people of SDN is what should I do? so far alot of people have told me to leech their internet.(I did for alittle bit.) some said "Hax0r their routers and change the passwords!!11), others went meh.
So whats a guy to do? I think I know who the people are in my building that have these wireless routers. should I say "Hey look I can access your internet anytime I want..." or should I keep my mouth shut and leech every once in awhile? I know it's not illegal to use someone wireless connection aslong as WEP isn't in opereation; however, if it is..then trying to gain access to the WAP makes it illegal.
"LairdCorp, where total dominion is our number one goal!"-LairdCorp's Motto
I attempted to warn a buissnies close to where I live that their wireless connection is exposing their intranet.
They threathened with police because I was hacking their network...
I said nothing just left.
Not my problem that anyone with a wireless card can acces their servers, read all sort of stuff and change whatever.
The dumbasses had administrator/admin as the domainadmin's username password.
[img=right]http://hem.bredband.net/b217293/warsaban.gif[/img] "Either God wants to abolish evil, and cannot; or he can, but does not want to. ... If he wants to, but cannot, he is impotent. If he can, but does not want to, he is wicked. ... If, as they say, God can abolish evil, and God really wants to do it, why is there evil in the world?" -Epicurus
Fear is the mother of all gods.
Nature does all things spontaneously, by herself, without the meddling of the gods. -Lucretius
Leeching is a "solution" many would suggest, but do the honest thing. Get your own wireless internet (if you want it) and make sure its more secure than your neighbors. Also inform them of the problem, and what can be done to make it so any average idiot can't get in.
Terr Fangbite wrote:Leeching is a "solution" many would suggest, but do the honest thing. Get your own wireless internet (if you want it) and make sure its more secure than your neighbors. Also inform them of the problem, and what can be done to make it so any average idiot can't get in.
Ok for those of us not computer inclined what can be done. I am asking because this summer I will be installing a wireless network where I live.
Terr Fangbite wrote:Leeching is a "solution" many would suggest, but do the honest thing. Get your own wireless internet (if you want it) and make sure its more secure than your neighbors. Also inform them of the problem, and what can be done to make it so any average idiot can't get in.
I wouldn't call the standard WEP encryption that comes with wireless routers and switches secure (they key packets are broadcast at a regular interval - you just need to catch it and recongize what it is - so some one with a wireless connection and a packet sniffer can hack into your wireless network). But at least WEP will keep the average Joe off of your network.
And do what Faram says: don't use the default passwords and logins. That way, if someone does break the wireless encryption, they have to do some work to get into your computers. (Note: breaking the wireless encryption does give them access to any packets going across your network)
Well, if the WLAN is unsecured, I'd take a look myself Might leave a note or something...
Personally, my WLAN is secured with WPA, MAC filter list, SSID transmit off, and DHCP off, as well...
So reasonably secure within its limits.
Great Dolphin Conspiracy - Chatter box
"Implications: we have been intercepted deliberately by a means unknown, for a purpose unknown, and transferred to a place unknown by a form of intelligence unknown. Apart from the unknown, everything is obvious." ZORAC GALE Force Euro Wimp Human dignity shall be inviolable. To respect and protect it shall be the duty of all state authority.
Arrow Mk84 wrote:
I wouldn't call the standard WEP encryption that comes with wireless routers and switches secure (they key packets are broadcast at a regular interval - you just need to catch it and recongize what it is - so some one with a wireless connection and a packet sniffer can hack into your wireless network). But at least WEP will keep the average Joe off of your network.
Wrong. The keys are not transmitted over the wire. If they were, why would you need to enter the key manually at all? The initialization vector is transmitted over the wire. It's a twenty-four bit number which is mixed with the 40 or 104 bit "WEP key" to produce a 64 or 128 bit key for RC4. The problem with WEP is that there are many IVs which are "weak" and allow an attack on the cipher. Collect enough packets with weak IVs, and you can recover the key. This could take anywhere from hours to days, depending on the amount of traffic on the network.
"This war, all around us, is being fought over the very meanings of words." - Chad, Deus Ex
I really prefer gigabit ethernet if a gigabit router is available. Failing that 100baseT has nice speeds, and I never have to worry about losing signal in the middle of something.
Of course, the only problem is that it's wired, but that's just the price you pay for security.
dont do anything you would regret getting caught doing.
This day is Fantastic!
Myers Briggs: ENTJ
Political Compass: -3/-6 DOOMerWoW
"I really hate it when the guy you were pegging as Mr. Worst Case starts saying, "Oh, I was wrong, it's going to be much worse." " - Adrian Laguna
I'm inclined to say inform your neighbors of the problem. I have a feeling they'll thank you for it, and you could always pass on useful advice that would allow them to further secure their networks. If they get snippy and want to try and claim you're hacking their network, remind them that the burden of proof is on them that you actually did so and are not simply informing them of a problem you accidentally discovered (remember, they have taken virtually no measures so I doubt you'll face arrest).
Then again I have this really bad habit of assuming other people are in-fact intelligent and reasonable, and wouldn't try and pull any bullshit when you go out of your way to help.
“There are two kinds of people in the world: the kind who think it’s perfectly reasonable to strip-search a 13-year-old girl suspected of bringing ibuprofen to school, and the kind who think those people should be kept as far away from children as possible … Sometimes it’s hard to tell the difference between drug warriors and child molesters.” - Jacob Sullum[/size][/align]
If they didn't encrypt, it's the same as running a long cable and a hub and sticking them out in the street. Just be nice and don't run BitTorrent through their connection 24x.7.
[img=right]http://www.tallguyz.com/imagelib/chmeesig.jpg[/img]My guess might be excellent or it might be crummy, but
Mrs. Spade didn't raise any children dippy enough to
make guesses in front of a district attorney,
an assistant district attorney, and a stenographer.
Sam Spade, "The Maltese Falcon" Operation Freedom Fry
The Yosemite Bear wrote:So why is it that Government is so bad at computer protection?
They pay shit and they manage poorly.
[img=right]http://www.tallguyz.com/imagelib/chmeesig.jpg[/img]My guess might be excellent or it might be crummy, but
Mrs. Spade didn't raise any children dippy enough to
make guesses in front of a district attorney,
an assistant district attorney, and a stenographer.
Sam Spade, "The Maltese Falcon" Operation Freedom Fry
I tracked down my coworker (who's now with another company) and had him comment on my post and yours. His reply:
He is more or less correct. The amount of time that passes is not correct. And all IV’s are weak. They are just too few bits. And once you have two of the same IV’s you also have user-defined part of WEP, since the user-defined part of WEP never changes. WEP key is both the IV and the user side.
Wireless Hacks wrote:
“The original 802.11b specification defined a 40-bit user-specified key. This key is combined with a 24-bit Initialization Vector (the IV), a random number that is part of the WEP algorithm. Together, this yields 64 bits of “key,” although the IV is actually sent in the clear!
Likewise, a 104-bit WEP is used with the IV to yield 128 bits of “key.” This is why user-defined keys are 5 characters long (5 characters * 8 bits/character = 40 bits) or 13 characters long (13 characters * 8 bits/character = 104 bits). The user doesn’t define the IV; it is part of the algorithm (and is generally implemented as 24 random bits.)”
“The initialization vector in WEP is a 24-bit field, which is sent in the cleartext part of a message. Such a small space of initialization vectors guarantees the reuse of the same key stream. A busy access point, which constantly sends 1500 byte packets at 11Mbps, will exhaust the space of IVs after 1500*8/(11*10^6)*2^24 = ~18000 seconds, or 5 hours. (The amount of time may be even smaller, since many packets are smaller than 1500 bytes.) This allows an attacker to collect two ciphertexts that are encrypted with the same key stream and perform statistical attacks to recover the plaintext. Worse, when the same key is used by all mobile stations, there are even more chances of IV collision. For example, a common wireless card from Lucent resets the IV to 0 each time a card is initialized, and increments the IV by 1 with each packet. This means that two cards inserted at roughly the same time will provide an abundance of IV collisions for an attacker. (Worse still, the 802.11 standard specifies that changing the IV with each packet is optional!)”
1) Use a Wireless card in monitor mode and use Kismet (even if the network is not advertising Kismet will find it. There are a plenty of monitor tools that do the same).
2) Find a MAC address. Kismet will tell you this already. Or use tcpdump or Ethereal (the hard ways).
3) Crack the WEP. AirSnort is a good tool. Most of the time it can do the packet decryption in real time. Or once again you can use Kismet to capture the packets and let AirSnort try and find the WEP in non-real-time. Also AirSnort can use a dictionary attack on the WEP. This can be faster than trying to find it through brute force.
4) Log in. Use tcpdump to find a valid IP on the network and use a variation of it. Usually though once you have the WEP and a valid MAC most networks will use DHCP.
If your object is to decrypt the packets passively and not enter the network than you have to build a table of IV’s and figure out the pattern. Which requires a lot more recording time and hard drive space. It can be done though.
Wireless Hacks wrote:“Table-based Attack
The small space of possible initialization vectors allows an attacker to build a decryption table. Once he learns the plaintext for some packet, he can compute the RC4 key stream generated by the IV used. This key stream can be used to decrypt all other packets that use the same IV. Over time, perhaps using the techniques above, the attacker can build up a table of IVs and corresponding key streams. This table requires a fairly small amount of storage (~15GB); once it is built, the attacker can decrypt every packet that is sent over the wireless link.”
So, yes, my statement was oversimplified, but its not going to take days to break into a wireless network.
I would be honest, and inform the neighbors you think you could hack from. Or at least one neighbor.
What I would then do is explain the whole situation of how wireless hacking works, and that was not your intention when you discovered their access was available to you. I would then offer to help them encrypt it, if you were allowed to leech off them for say, 1/4 the price. It's a win-win: you get internet access at a discounted price, and you're doing the honorable and neighborly thing, and they also benefit from the discount, and know their access is more secure.
Of course, I would feel out the neighbors first, see how friendly they are.
Do not say that you can hack them. Dont even imply it.
Tell them that your wireless network is unsecure, and that it is the equivelent of leaving a door unlocked and open facing a side street.
You did not take any active measures to detect their problem. And it is their responsibility to secure their network.
"Okay, I'll have the truth with a side order of clarity." ~ Dr. Daniel Jackson.
"Reality has a well-known liberal bias." ~ Stephen Colbert
"One Drive, One Partition, the One True Path" ~ ars technica forums - warrens - on hhd partitioning schemes.
I would politely tell them that you were setting up your own wireless system and noticed that their network appeared open to you.
For all you know, they did it on purpose to be nice to people who might be in the area. I don't always have the best of luck presuming that people will be understanding, but you might have any number of choices, from collecting a bit of consulting money to help them secure their system to sharing the cost of access to getting a free ride for being helpful.
Always try to think of any and all opportunities available from the situations you have at hand, weight them against the liabilities, and make your decision based on that.
Note: I'm semi-retired from the board, so if you need something, please be patient.
Personally, if they are transmitting openly, and I need a connection, I'll leech, but you know, just be nice and don't download a lot of stuff or poke around on their network. I like to leave my wireless router free, even if there were people close enough, it's a nice service to offer others at no cost to you. As long as no one is harmed, everything is cool. I'll be glad to sacrifice a small precentage of my connection so someone visiting can browse the web or play an online game while they are around. Even if someone wanted to use my connection, rather than pay for their own service, I really don't see the harm unless I'm seriously impacted.
InnocentBystander wrote:Personally, if they are transmitting openly, and I need a connection, I'll leech, but you know, just be nice and don't download a lot of stuff or poke around on their network. I like to leave my wireless router free, even if there were people close enough, it's a nice service to offer others at no cost to you. As long as no one is harmed, everything is cool. I'll be glad to sacrifice a small precentage of my connection so someone visiting can browse the web or play an online game while they are around. Even if someone wanted to use my connection, rather than pay for their own service, I really don't see the harm unless I'm seriously impacted.
It would bring you in a bit of legal stress if someone were using your net to do illegal stuff, wouldn't it?
Great Dolphin Conspiracy - Chatter box
"Implications: we have been intercepted deliberately by a means unknown, for a purpose unknown, and transferred to a place unknown by a form of intelligence unknown. Apart from the unknown, everything is obvious." ZORAC GALE Force Euro Wimp Human dignity shall be inviolable. To respect and protect it shall be the duty of all state authority.
It all depends, how well do you know the people who own the networks? Of they are the types of assholes who steal your morning paper leech away, but of they are ok with you do them the same favour.
I hope those of you leaving your network open are using IPSEC...
ah.....the path to happiness is revision of dreams and not fulfillment... -SWPIGWANG
Sufficient Googling is indistinguishable from knowledge -somebody
Anything worth the cost of a missile, which can be located on the battlefield, will be shot at with missiles. If the US military is involved, then things, which are not worth the cost if a missile will also be shot at with missiles. -Sea Skimmer
George Bush makes freedom sound like a giant robot that breaks down a lot. -Darth Raptor
Pu-239 wrote:I hope those of you leaving your network open are using IPSEC...
Bah.
I just have a captive portal page, with terms, and they are bandwidth limited and can only use a few ports.
Free to all, but heavily restricted. And firewalled off from my lan - getting to my lan from my wireless is the same as getting to my lan from the internet. VPN, or nothing
Pu-239 wrote:I hope those of you leaving your network open are using IPSEC...
Bah.
I just have a captive portal page, with terms, and they are bandwidth limited and can only use a few ports.
Free to all, but heavily restricted. And firewalled off from my lan - getting to my lan from my wireless is the same as getting to my lan from the internet. VPN, or nothing
IPSEC==VPN
ah.....the path to happiness is revision of dreams and not fulfillment... -SWPIGWANG
Sufficient Googling is indistinguishable from knowledge -somebody
Anything worth the cost of a missile, which can be located on the battlefield, will be shot at with missiles. If the US military is involved, then things, which are not worth the cost if a missile will also be shot at with missiles. -Sea Skimmer
George Bush makes freedom sound like a giant robot that breaks down a lot. -Darth Raptor
Might leave a note or something... 
