Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: help! Someone is hacking into my router!

  1. #1

    Angry help! Someone is hacking into my router!

    Like the title says, someone is hacking into my router. I've caught the jerk in there twice, and its bothering the heck out of me. What can i do about this? So far, I'm just changing the password when I see him in there, but its a pain because I have to change my own wireless setups every time I do. I'm also curious as to what he's doing with my connection, as I expect its nothing nice. Is there a way I can find out which house he's hacking from? Is there something I can do to mess him up? I'm not a hacker of any sorts, but I am a programmer, so I can handle some technical stuff. If its just some kid doing a little surfing and checking his email, then I don't really mind too much, but if its some jerk using my connection for illegal stuff, as I expect, then I'd like to ruin his life, or rather, his computer, or even just make it so he can't hack my wireless anymore. How the heck is doing that anyhow? I thought Wireless was supposed to be secure? Any advice or suggestions would be greatly appreciated.

  2. #2
    ab@novell.com NNTP User

    Default Re: help! Someone is hacking into my router!

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    We need a bit more information. First, to slow him down, do a few
    things. Start by setting your WAP to NOT broadcast the SSID. Once that
    is done change it to something different. When that is done enable WPA
    2 (if possible) for your encryption.... this should slow them down a
    fair bit for now. Finally, enable MAC address filtering and only allow
    machines of yours (by wireless card MAC address) on your network.

    If you want to get really clever Google for 'ettercap'. With it and a
    little practice you can do all kinds of fun things like make all their
    images appear upside down, or have all of their requests for any website
    get redirected somewhere less-than-fun. You could also just watch for
    anybody online with a new IP address and then just send a few tons of
    traffic their way (may affect your own performance) with ping if nothing
    else.

    Good luck.





    PenguinMigrations wrote:
    > Like the title says, someone is hacking into my router. I've caught the
    > jerk in there twice, and its bothering the heck out of me. What can i do
    > about this? So far, I'm just changing the password when I see him in
    > there, but its a pain because I have to change my own wireless setups
    > every time I do. I'm also curious as to what he's doing with my
    > connection, as I expect its nothing nice. Is there a way I can find out
    > which house he's hacking from? Is there something I can do to mess him
    > up? I'm not a hacker of any sorts, but I am a programmer, so I can
    > handle some technical stuff. If its just some kid doing a little surfing
    > and checking his email, then I don't really mind too much, but if its
    > some jerk using my connection for illegal stuff, as I expect, then I'd
    > like to ruin his life, or rather, his computer, or even just make it so
    > he can't hack my wireless anymore. How the heck is doing that anyhow? I
    > thought Wireless was supposed to be secure? Any advice or suggestions
    > would be greatly appreciated.
    >
    >

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v2.0.9 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iQIcBAEBAgAGBQJJpgZGAAoJEFl00+q2r0YpzVQQAJ3eGPO5cvk5cKxpGnPJZnEl
    dXeiNMLU6D6IJxQYzQSRUpDpnoJydGS7wOm6sRLFUhmo1Wft+oEncIMEDjTwfKu9
    tjZE2051/aZN+udgF4koXM2wvU/agFt+oQxWWSvVtLndSkjDojvoPOjep4EKMFNe
    rgW9+ZxGMJUDikpzFT/Wk+aO2xdJLHOQ/qM+sVi5LunevK+w4k94TfkEYPzQJrza
    0HDG5f2/Po/GcHRsLwFiTuFuBUM3afCaYeDmncDa8Re9B0j1MGAHoUhJnTvkJhXq
    1Wq7hl3Yuk8TNkVLAvu6WJDSgoMtoR7Q2Vdj2q+6zqoGAVgM8tj1FJ0JlT0Rki5X
    z2oaLzmja0KXXzBnfLiZUnfzGiDoHHN/ELnMvtc2QBwVWbJFVwvoB+VF0rZYK09i
    ovNvCcVOSwO5BQGvhddq7UuWoPTecZ4iDcaesHslDSdqWMLIcu0nqYrSJ1gccwnh
    P0+Mz9gvj6hQvv6ynRHBOS7g/f8Vun9l4LFiLTueDOnF6ktcZE3f439oNPVcUEic
    GQlhVM/1IAoO8YK4Nt/4eSsbNSKbtKmibNOJFueNORRLlrtaYbQa2S43vASB+DEh
    V6CeVrnD6ex5JQ/D2gYisibKF3RNFQkd5DCv9XSNoOvqqdYOFC6RnUIy2y544Pwx
    GqH0eQWwQF2nGihfk//V
    =+JNz
    -----END PGP SIGNATURE-----

  3. #3
    Join Date
    Oct 2008
    Location
    Birmingham. AL
    Posts
    839

    Default Re: help! Someone is hacking into my router!

    In addition to what ab@novell said (by the way, I like that "ettercap" thing -- hadn't heard of that one. ) ...

    If you're using an older wireless router that doesn't support strong encryption, buy a new one. They're not that expensive nowadays. Linksys makes some good ones for under $100. The problem with older types of encryption, such as "WEP," is that they can easily be cracked. You can download cracking software online that will typically break it in a few minutes at most.

    At our radio stations in a less-than-perfect neighborhood, we constantly have to guard against wireless thieves, while still providing reliable access for in-studio guests. In addition to the stuff that ab@novell suggested (which are all highly recommended), don't overlook the physical aspect. If you're not radiating a signal toward the thief, he can't steal bandwidth. It's really that simple.

    (To give you an idea, it'd be a drastic step, it'd look weird and people might laugh at you, but you could actually cover a wall with aluminum foil or screen wire, if you had to. That stops the signal COLD.)

    Walk around your building. Look for natural obstacles that you can exploit. A metal roof, or even a floor with steel supports, makes an excellent barrier to the signal. Try to position the router so that these barriers are between it and potential thieves.

    For example, before we moved our radio stations to the current facility, we were in the first floor of a building that was cut into a hill. I put the wireless access point at the back of the building, "inside" the hill, essentially broadcasting from inside of a "cave." Made it a LOT more difficult for anyone to steal a signal.

    Another idea, if the router supports this (another reason to get a new one if it doesn't!), is to reduce power just to the point that you can get a good signal where you need it, but not outside. If you don't have a wireless "sniffer," take (borrow, if need be) a laptop outside and walk around, checking for signal.

    If it's a wardriver, he's probably sitting in a car. Keep the access point away from the parking lot. If you're in a building with several other tenants, that complicates matters, but you can dramatically reduce the problem with the steps outlined here.

  4. #4

    Default Re: help! Someone is hacking into my router!

    Sorry for the delay. My HD crashed and I had to get a new one and reinstall my OS. Anyhow, Great advice. I especially like that bit about ettercap. That sounds very interesting. I also hadn't thought about about pinging the hell out of him. What would a bash script for that look like? I'm not sure how to go about setting up MAC filtering, but I think I can probably figure it out. I'm not going to change anything yet however. I really want to know who it is. I heard the word sniffer mentioned. Is that what I need to watch what he's doing? Like I said, I don't really mind if hes not doing anything bad, especially since I've stolen Internet access before. (I never did anything bad with it, just email, surfing, and online chess, courtesy of AOL It could just be a kid whose parents wont get him Internet. If I could see what websites he was visiting, then I could probably tell if its just a kid, or if its some prick who should get his own access point. If it is a kid whose just surfing, gaming, and emailing, then I'll just add his MAC address to the router too, once I figure that out. If its some Jerk, then I'd like to mess with his mind with pings and upside down images and redirects to Internet Siberia. I'm going to go google ettercap now. Tomorrow, I'm going to take my laptop for a walk to see how far my signal goes. Maybe I can figure out which house its coming from, or at least, limit the choices. I'm residential, so there aren't that many houses that it could be. Thanks for the info and advice. Ohh.. BTW, I'm already using WPA,(not sure if its 1 or 2) and my password has letters and numbers. I am broadcasting my SSID though. I'll change it later. I want him to hack me at least one more time. I'd really like to know who it is first, and do a little retaliating if warranted. Thanks again.

  5. #5
    Join Date
    Oct 2008
    Location
    Birmingham. AL
    Posts
    839

    Default Re: help! Someone is hacking into my router!

    Sorry to hear about your hard drive. Sounds like you've been having fun!

    If you weren't worried enough before, have a look at this video.

    YouTube - WPA cracking in ONE second!

    Interesting. There are typically links to related videos there that show other approaches. Looks like WPA ain't quite as secure as many people think ...

  6. #6

    Default Re: help! Someone is hacking into my router!

    Misleading video, imho. It shows a common dictionary bruteforce attack, which is no different than any attacking any other password system that you can get a hash for. They did a packet capture to see the transaction, then ran a bruteforce attack against their dictionary. Obviously the WPA password was near the front of the dictionary they were using since it found it immediately. For all we know, the dictionary file had only a single password in it, the correct one.

    As with any password-based method, the security is only as strong as the password. If the WPA password in had been strong and not vulnerable to a common dictionary attack it they wouldn't have found it at all, much less quickly.

    This isn't a weakness of WPA, just a weak password. Use strong passwords and you won't be vulnerable to this type of attack.

  7. #7
    Join Date
    Dec 2008
    Location
    (Canada)
    Posts
    797

    Smile Re: help! Someone is hacking into my router!

    Ooooh wireless I don`t like it at all,I`m in cable with hub and it is more secure then wireless.I will tell you about wireless to days tech. they can hack into your Laptop/desktop very easy,with cable it takes little longer for the hackers to get into your computer.There is a machine you can get to scan outside the building only park beside close by,scan there you get number and so on.
    2 years or 3 years ago in Calgary Alberta they investigate how to hack into the computer wireless,with that tech. is very easy like 1,2,3,but I have laptop with wireless or cable I use cable.
    I use the computer for over 13 years never never one hacker hack into my computer no one.
    I know how to.

    Don`t use wireless and it is up to you.

    Good luck

    mike

  8. #8
    Join Date
    Dec 2008
    Location
    Hamburg
    Posts
    458

    Default Re: help! Someone is hacking into my router!

    Hi,

    Quote Originally Posted by PenguinMigrations View Post
    Like the title says, someone is hacking into my router. I've caught the jerk in there twice, and its bothering the heck out of me. What can i do about this? So far, I'm just changing the password when I see him in there, but its a pain because I have to change my own wireless setups every time I do. I'm also curious as to what he's doing with my connection, as I expect its nothing nice. Is there a way I can find out which house he's hacking from? Is there something I can do to mess him up? I'm not a hacker of any sorts, but I am a programmer, so I can handle some technical stuff. If its just some kid doing a little surfing and checking his email, then I don't really mind too much, but if its some jerk using my connection for illegal stuff, as I expect, then I'd like to ruin his life, or rather, his computer, or even just make it so he can't hack my wireless anymore. How the heck is doing that anyhow? I thought Wireless was supposed to be secure? Any advice or suggestions would be greatly appreciated.
    First of all hiding the SSID and limit the network to known MAC-addresses doesn't really help since those informations are never encrypted. So the attacker just has to sniff the network for a while to know which SSID you are using and which MAC-addresses are valid. After that he spoofs his MAC-address and trys to connect again. That takes only some minutes.

    SSID and MAC-addresses can't be encrypted since they are needed to connect the stations to the access point. For more information go here:

    Hacking Techniques in Wireless Networks

    To detect what's going on you can do the following:

    1. Read the log files of your router. There you can normally see which stations have logged in when and how long.

    2. If you want to know what the attacker does with your connection first get a HUB (not a switch!) and connect it inbetween the access point and the router or inbetween the router and the modem. Connect a computer to that HUB and start Wireshark. Let it sniff for a while for all packages and have a look to which addresses, web pages ... the attacker connects.

    3. Ask your provider to screen the connection.

    To keep the attacker out:

    1. Use strong encryption like WPA or WPA2.

    2. Use the full length for the key (63 chars)

    3. Use a strong key. Prefered is to create the key by your computer. For example you can create a random key by typing this line in your shell:

    Code:
    dd if=/dev/random count=1 bs=256 2>/dev/null |openssl base64 |tr -d '\n' | cut -b-63
    4. Power down the output capacity of your access point to a minimum. E.g. here in my home I get a good connection everywhere with only 40% output capacity. Doing so the distance from where you can reach your WLAN is much smaller.

    5. Switch your WLAN off when you don't need it. Most simple form to do so is to power off the access point.

    6. Use cabled network.

    hth

    Bye

    Erik
    Last edited by erikro; 04-Mar-2009 at 02:18. Reason: hit submit before correcting typos

  9. #9
    Join Date
    Mar 2008
    Location
    Europe
    Posts
    25,925
    Blog Entries
    30

    Default Re: help! Someone is hacking into my router!

    This is a good thread IMHO.

    Any volunteers to take the information from this thread (and other sources) and create a new How To ?

    The how-to could be pasted here:
    Unreviewed How To and FAQ - openSUSE Forums
    ... and then updated as various users comment and provide suggestions.

  10. #10
    Join Date
    Dec 2008
    Location
    Hamburg
    Posts
    458

    Default Re: help! Someone is hacking into my router!

    Hi,

    Quote Originally Posted by oldcpu View Post
    This is a good thread IMHO.

    Any volunteers to take the information from this thread (and other sources) and create a new How To ?

    The how-to could be pasted here:
    Unreviewed How To and FAQ - openSUSE Forums
    ... and then updated as various users comment and provide suggestions.
    What kind of how-to? How to hack a WLAN? *g* How to set up a WLAN? How to detect hackers in a WLAN and what they do? All of the above?

    Bye

    Erik

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •