Solved

Wireless Hackers - What CAN they do?

Posted on 2004-09-30
7
555 Views
Last Modified: 2013-12-04
I was discussing the advantages/disadvatages of the different levels of wirelss security for 802.11 wirless networks. Someone said they leave theirs wide open because they dont feel anyone can do anything if they do pickup the signal outside his house. "What CAN they do?". I know you can port scan and look for vulnerabilites, but are there more serious and direct hacks where you can gain access?

What is possible once you are on the same router and subnet by picking up a stray signal?

mike
0
Comment
Question by:MikeMiller
7 Comments
 
LVL 11

Expert Comment

by:ghana
ID: 12193145
If security is based on WEP then hackers can sniff packets. WEP keys are static and not dynamic. Because of that it depends on the traffic on the WLAN how long it takes to find out the keys and to hack the net.

I know people who don't care about WLAN security because they won't see any problems if others using their network infrastructure. It doesn't disturb if others are able to use the WLAN to get internet access. From my point of view this can cause problems too: If hackers use the cracked WLAN access to start DoS attacks against remote servers then this will be done with the IP address(es) of the WLAN owner. If the attacked site goes down and they were able to find out the attacking IP the WLAN owner will be responsible for possible loss of money and so on.
0
 
LVL 3

Expert Comment

by:zamoti
ID: 12195424
As Ghana said, most people don't really care because they believe that there is nothing terribly important on the network.  One of the most useful things for someone to exploit is the antonymity of somebody else's Internet connection.  As said, they could launch bot attacks using your IP (the attack would be likely traced back to you because if they're using your connection, they're not terribly interested in using a bunch of proxies to cover their tracks.)  They might not be the script-kiddy type, but a real criminal might use the connection to send messages to cohorts.  Not to get too far flung with this, but if a terrorist wanted a means of hard-to-trace communication, they could easily get a laptop with a parabolic antenna, go driving and find a nice suburban neighborhood with lots of insecure WAPs.  I know, getting a little Tom Clancy here...

All of the above stuff would assume that the attacker is in proximity of your WLAN.  If somebody is standing on the sidewalk in front of your home with a laptop, you might be able to figure out what he/she is up to.  However, since most people don't change the default password on their router/AP, they can easily access the configuration and open ports to your network.  Then they could go home and take their time figuring out a way to get into your computer, install some sort of BS server (kazaa, gaming, DDoS bot, etc.)

Basically with enough time and resources, they could basically do whatever they want.  Sniff packets, send you to fake web sites steal passwords, steal credit card numbers, make you cry.  You get the picture.  

Would you want complete strangers to have access to your telephone?  Not much different really.

Cheers,

Z

0
 
LVL 3

Author Comment

by:MikeMiller
ID: 12195458
Since they are on the same router as your PC, is it easy for them to gain access to the PC?

With wireless aside, if someone is on the same router and subnet as you, is it easy to Hack their Windows PC?

mike
0
Network it in WD Red

There's an industry-leading WD Red drive for every compatible NAS system to help fulfill your data storage needs. With drives up to 8TB, WD Red offers a wide array of solutions for customers looking to build the biggest, best-performing NAS storage solution.  

 
LVL 3

Accepted Solution

by:
zamoti earned 125 total points
ID: 12195516
The average idiot isn't going to stumble upon anything by accident, but if a little snooping is done, much can be found.

Since they are technically "inside" of your network, most firewalls aren't going to stop them.  Even if you use a software firewall like ZoneAlarm, you will likely be unprotected (most people put their internal network into the "safe zone" in order to share files and such).  Once they're inside of your network they only thing stopping them is Windows itself.  While people like to take potshots at Windows for being insecure it's not exactly easy to break in without a little work.  If the computer in question hasn't had any sort of updates AND file and print sharing is turned on, you're quite vulnerable.  Using a common port scanner like nmap (www.insecure.org) one could figure out if there are any open ports (of which there should be plenty) and then devise a scheme to exploit them.  Administrative/hidden shares (like C$ which is simply the root of your drive) is typically available and easy to get into if the user has a weak password.  Certain programs can do brute-force password guessing attacks for weak passwords in just a few minutes.

To actually answer the quesion, it's not a walk in the park to break in, but it's not that hard if an experienced hacker sets to it.

To answer the greater question, a WLAN should always be secured as much as possible.  Enable MAC filtering (though not tough to defeat), turn on WEP to the highest encryption available, disable SSID broadcasts and don't use channel 6 'cause everybody else uses it and it's the first place someone will look for a stray wireless connection.

0
 
LVL 3

Expert Comment

by:zamoti
ID: 12195587
Cool.  Thanks.
0
 
LVL 11

Expert Comment

by:ghana
ID: 12197207
To make a WLAN secure I would recommend to use WPA instead of WEP. Because WPA is using dynamic created keys it's impossible to get the key with sniffing. Of course you should choose a strong password with WPA.
0
 
LVL 2

Expert Comment

by:studlyed
ID: 12203179
if the wireless is unsecured thenanyone can connect to the network as if it were wired. have full access, use the internet print tons of pages on the printer look at documents on the computer, its as if it were art of the internal network. now if every pc on the internal network was so locked down that you cant do anything and dhcp was disabled then they cant do muchother than getting a link light unless they want to spend a LONG time port sniffing all the known ip's untill they fin the network.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Many functions in Excel can make decisions. The most simple of these is the IF function: it returns a value depending on whether a condition you describe is true or false. Once you get the hang of using the IF function, you will find it easier to us…

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now