?
Solved

Wireless Hackers - What CAN they do?

Posted on 2004-09-30
7
Medium Priority
?
561 Views
Last Modified: 2013-12-04
I was discussing the advantages/disadvatages of the different levels of wirelss security for 802.11 wirless networks. Someone said they leave theirs wide open because they dont feel anyone can do anything if they do pickup the signal outside his house. "What CAN they do?". I know you can port scan and look for vulnerabilites, but are there more serious and direct hacks where you can gain access?

What is possible once you are on the same router and subnet by picking up a stray signal?

mike
0
Comment
Question by:MikeMiller
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 11

Expert Comment

by:ghana
ID: 12193145
If security is based on WEP then hackers can sniff packets. WEP keys are static and not dynamic. Because of that it depends on the traffic on the WLAN how long it takes to find out the keys and to hack the net.

I know people who don't care about WLAN security because they won't see any problems if others using their network infrastructure. It doesn't disturb if others are able to use the WLAN to get internet access. From my point of view this can cause problems too: If hackers use the cracked WLAN access to start DoS attacks against remote servers then this will be done with the IP address(es) of the WLAN owner. If the attacked site goes down and they were able to find out the attacking IP the WLAN owner will be responsible for possible loss of money and so on.
0
 
LVL 3

Expert Comment

by:zamoti
ID: 12195424
As Ghana said, most people don't really care because they believe that there is nothing terribly important on the network.  One of the most useful things for someone to exploit is the antonymity of somebody else's Internet connection.  As said, they could launch bot attacks using your IP (the attack would be likely traced back to you because if they're using your connection, they're not terribly interested in using a bunch of proxies to cover their tracks.)  They might not be the script-kiddy type, but a real criminal might use the connection to send messages to cohorts.  Not to get too far flung with this, but if a terrorist wanted a means of hard-to-trace communication, they could easily get a laptop with a parabolic antenna, go driving and find a nice suburban neighborhood with lots of insecure WAPs.  I know, getting a little Tom Clancy here...

All of the above stuff would assume that the attacker is in proximity of your WLAN.  If somebody is standing on the sidewalk in front of your home with a laptop, you might be able to figure out what he/she is up to.  However, since most people don't change the default password on their router/AP, they can easily access the configuration and open ports to your network.  Then they could go home and take their time figuring out a way to get into your computer, install some sort of BS server (kazaa, gaming, DDoS bot, etc.)

Basically with enough time and resources, they could basically do whatever they want.  Sniff packets, send you to fake web sites steal passwords, steal credit card numbers, make you cry.  You get the picture.  

Would you want complete strangers to have access to your telephone?  Not much different really.

Cheers,

Z

0
 
LVL 3

Author Comment

by:MikeMiller
ID: 12195458
Since they are on the same router as your PC, is it easy for them to gain access to the PC?

With wireless aside, if someone is on the same router and subnet as you, is it easy to Hack their Windows PC?

mike
0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 
LVL 3

Accepted Solution

by:
zamoti earned 500 total points
ID: 12195516
The average idiot isn't going to stumble upon anything by accident, but if a little snooping is done, much can be found.

Since they are technically "inside" of your network, most firewalls aren't going to stop them.  Even if you use a software firewall like ZoneAlarm, you will likely be unprotected (most people put their internal network into the "safe zone" in order to share files and such).  Once they're inside of your network they only thing stopping them is Windows itself.  While people like to take potshots at Windows for being insecure it's not exactly easy to break in without a little work.  If the computer in question hasn't had any sort of updates AND file and print sharing is turned on, you're quite vulnerable.  Using a common port scanner like nmap (www.insecure.org) one could figure out if there are any open ports (of which there should be plenty) and then devise a scheme to exploit them.  Administrative/hidden shares (like C$ which is simply the root of your drive) is typically available and easy to get into if the user has a weak password.  Certain programs can do brute-force password guessing attacks for weak passwords in just a few minutes.

To actually answer the quesion, it's not a walk in the park to break in, but it's not that hard if an experienced hacker sets to it.

To answer the greater question, a WLAN should always be secured as much as possible.  Enable MAC filtering (though not tough to defeat), turn on WEP to the highest encryption available, disable SSID broadcasts and don't use channel 6 'cause everybody else uses it and it's the first place someone will look for a stray wireless connection.

0
 
LVL 3

Expert Comment

by:zamoti
ID: 12195587
Cool.  Thanks.
0
 
LVL 11

Expert Comment

by:ghana
ID: 12197207
To make a WLAN secure I would recommend to use WPA instead of WEP. Because WPA is using dynamic created keys it's impossible to get the key with sniffing. Of course you should choose a strong password with WPA.
0
 
LVL 2

Expert Comment

by:studlyed
ID: 12203179
if the wireless is unsecured thenanyone can connect to the network as if it were wired. have full access, use the internet print tons of pages on the printer look at documents on the computer, its as if it were art of the internal network. now if every pc on the internal network was so locked down that you cant do anything and dhcp was disabled then they cant do muchother than getting a link light unless they want to spend a LONG time port sniffing all the known ip's untill they fin the network.
0

Featured Post

Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month12 days, 3 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question