• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Super Noob Wireless Question...

I

ivol07

Golden Member
I recently bought a D-Link 614+ router. I'm waiting for my wireless card to arrive, but in the meantime I'm using the 4 ports. Now my question is I set up the 256 WEP security code, named the SSID to be something besides default, set up the firewall how I want it but I noticed that last night someone accessed my router thru a wireless connection. Or at least thats what the logs say. The only thing they could have done was use my internet connection because all PCs were shut off. But my question is, how could they have done this? Isn't my internet connection protected by the WEP security key? Wouldn't someone have to know that in order to gain access? I've only had the router for two days, could they have cracked it that quick? Any ideas?

Thanks in advance.
 
from what I hear, cracking WEP doesn't take too long. I haven't tried this myself and I don't use WEP encryption either. There are tools out there to crack codes. 2days is more than enough time to crack your code. If you can, make sure you can disable your router from broadcasting its SSID. If your router supports MAC filtering, use it. And I'm not sure what access points do this, but I thought I saw somewhere, some hardware device, that automatically generated new WEP keys every X hours to connected clients, that would generate some problems though because I don't know how disconnected clients would get the newer key automatically. You could manually change the key every day or something, or made a script to this for you, ofcourse, but you would need to do the same for the clients. If you have programming skills, this is very doable. Also, there are wireless network snoopers.

http://www.netstumbler.com/modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=2&categories=About+NetStumbler.com
http://sourceforge.net/projects/wepcrack
 
Originally posted by: HJB417
from what I hear, cracking WEP doesn't take too long. I haven't tried this myself and I don't use WEP encryption either. There are tools out there to crack codes. 2days is more than enough time to crack your code. If you can, make sure you can disable your router from broadcasting its SSID. If your router supports MAC filtering, use it. And I'm not sure what access points do this, but I thought I saw somewhere, some hardware device, that automatically generated new WEP keys every X hours to connected clients, that would generate some problems though because I don't know how disconnected clients would get the newer key automatically. You could manually change the key every day or something, or made a script to this for you, ofcourse, but you would need to do the same for the clients. If you have programming skills, this is very doable. Also, there are wireless network snoopers. http://www.netstumbler.com/modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=2&categories=About+NetStumbler.com http://sourceforge.net/projects/wepcrack
Click to expand...


So you know, WEP isnt THAT easily cracked no matter what people believe. You dont crack it in an hour or two...You have to push a TON of data so that they can sniff the air and crack the code. It isnt a "turn on this software and start hashing keys for 5 minutes and then youre in" scenario.

Now if you are in a rural area, and someone was parked outside your house for 18 hours in a car with a laptop, dont you think you would notice?
More than likely, someone sniffed your SSID because you dont have broadcast turned off. Then they changed their SSID on their card to the same as your AP, they got associated but because they dont have your WEP keys they didnt get authenticated.

just keep an eye on your logs, and change your WEP keys, or if the unit supports it, use WPA or key rotation.
Also...shut off SSID broadcast if your hardware supprts it.
 
Thanks for the replys.

Since I've posted this originally I've turned off SSID Broadcast, Filtered out all MAC Addresses except my own, and narrowed the DHCP IP range from 100 to 5. So far so good. The only thing anyone would gain from hacking into my network would be free internet access anyway, but damnit, I pay for that!

Thanks again for the help!
 
well, in my case, if someone were to get access to my wireless lan, I would be more worried about the security of the machines in the lan than the free usage of internet.
 
It takes more then few days to break 256WEP.

If you so worried change the WEP code every 2-3 days.

 
It amuses me to see the people saying how easy it is to break WEP, but I don't see any of them that have actually accomplished it. 😀
 
Originally posted by: gunrunnerjohn
It amuses me to see the people saying how easy it is to break WEP, but I don't see any of them that have actually accomplished it. 😀
Click to expand...
LOL. As a "gunrunner" you probably know that it is very easy to use a Gun. Yet the majority of the people never did. :Q
rolleye.gif
:wine:😀
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top