Slashdot Mirror
The Wi-Fi Hacking Neighbor From Hell
Hugh Pickens writes "Barry Ardolf, a Minnesota hacker prosecutors described as a 'depraved criminal,' has been handed an 18-year prison term for unleashing a vendetta of cyberterror that turned his neighbors' lives into a living nightmare. Ardolf hacked into his next-door neighbors' Wi-Fi network and used it to try and frame them for child pornography, sexual harassment, various kinds of professional misconduct, and to send threatening e-mail to politicians, including Vice President Joe Biden. The bizarre tale began in 2009 when Matt and Bethany Kostolnik moved into the house next door to Ardolf. On their first day at their new home, the Kostolnik's then-4-year-old son wandered near Ardolf's house. While carrying him back next door, Ardolf allegedly kissed the boy on the lips. 'We've just moved next door to a pedophile,' Mrs. Kostolnik told her husband. The couple reported Ardolf to the police, angering their creepy new neighbor (PDF). 'I decided to "get even" by launching computer attacks against him,' said Ardolf, who downloaded Wi-Fi hacking software and spent two weeks cracking the Kostolnik's WEP encryption. Then he used their own Wi-Fi network to create a fake MySpace page for the husband, where he posted a picture of a pubescent girl having sex with two young boys. Ardolf turned down a 2-year plea agreement last year to charges related to the Biden e-mail. After that, the authorities piled on more charges, including identity theft and two kiddie-porn accusations carrying lifetime sex-offender registration requirements."
Noob! :)
I'm not sure if I'd prefer the above, or this:
http://www.youtube.com/watch?v=sZqPQPhsuX4
They had nothing to hide anyway...
What additional security measures can be taken to thwart script kiddies like this guy? Is MAC address filtering + WEP/WPA encryption (or one of those) sufficient security. At this point I want to shut the fucking WiFi off, but there are others in the household who wouldn't go for that.
I often balk at the sentences our judicial system hands down (too much punishment for minor offenses, too little for major offenses), but in this case I think the punishment fits the crime.
i mean it could have been anyone else in the city?
What additional security measures can be taken to thwart script kiddies like this guy?
Well, there's always physical security. You catch someone doing something like this, and you put them under arrest yourself and then hope they resist, at which point you may use necessary force to subdue them. In California, anyway. Bring a witness with a camera.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
turned into byzantine obsession is a sign of a person who will do nothing but bring grief to anyone who ever touches his or her life
if you ever meet this type, back off slowly smiling, then run like hell
their feeling of disempowerment and helplessness (self-learned) and the eternal fight against that (fruitlessly projected outwards) is all they know, it defines their entire existence
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
What additional security measures can be taken to thwart script kiddies like this guy? Is MAC address filtering + WEP/WPA encryption (or one of those) sufficient security. At this point I want to shut the fucking WiFi off, but there are others in the household who wouldn't go for that.
Well, if he was an uber skilled script kiddie, he could just spoof one of the allowed IP's which isn't hard to do at all considering 'script-kiddies' have been hacking into government affiliates as of late... :) got something to hide?
Yes, MAC address filtering would help. For him to then connect to your Wi-Fi he would need to sniff your MAC address then spoof his to match yours. Being that it took him 2 weeks to crack a WEP encryption, I'm sure he wouldnt be able to do this.
Some nodes can change their MAC address, so you just need to monitor the network for a while and spoof a good MAC address which is not in use.
http://michaelsmith.id.au
Mac filtering + WEP is useless.
Go for WPA2, and you are not 100% safe anyway. But better than WEP for sure...
use WPA2. trivial to crack WEP and then spoof the MAC
The guy didn't download the CP for sexual purposes. He's not a paedophile, just a warped anti-social individual.
That register is for people who have a proven (and acted upon) attraction to minors; Those who are a danger to children. Adding him to the list dilutes it and mitigates its usefulness. What he did should be covered by libel / defamation laws. He deserves to be taken out of society for what he did to that family, but there's nothing in there which supports the idea that he's dangerous sexual offender.
Finally had enough. Come see us over at https://soylentnews.org/
No. Mac filtering is useless once you start spoofing traffic.
WPA-PSK, long non-dictionary PSK, non-standard SSID. Done.
There are options which are more secure, but for a home user, that's your best bet.
Actually, you can see MAC addresses without even cracking WEP/WPA...
This seems totally bogus to me. How could someone possibly crack WEP in two weeks? I suppose if you didn't read the instructions you might be able to stretch it to a few hours, but two weeks? What was he doing all that time?
Consider the Wifi network as "open" and use it only to connect VPN nodes (such as OpenVPN, for example.) This does require that you use a PC as the Internet gateway/NAT/VPN server.
The guy took two weeks to crack WEP? He must have been doing something wrong then.
WEP is known to be insecure - So use WPA2 with a decent passphrase and you're OK!
Mac filtering is not foolproof but may help.
Keep calm and carry on.
Use wpa2 with a strong password that won't get hit by a dictionary attack and you're pretty much set. It's not that wpa2 is completely invulnerable, but as far as I know there aren't any one click solutions for breaking it.
MAC address filtering is very loose security. MAC addresses arent private things, and aren't hidden when a computer is communicating. To build a list of MAC addresses that are allowed on the network (by simply seeing the machines that are on the network), and then change your machine's MAC to match is fairly trivial.
So how would you monitor your network to see if someone is brute forcing their way in? The options on a lot of these consumer grade wireless base stations are fairly limited, but there must be some reasonable way to monitor for brute force attacks.
Kiteboarding Gear Mention slashdot and get 10% off!
I shut it off anyway. If you don't have a wire, you don't connect to my network.
Most NICs support either intentional or "back-door" MAC address cloning. Cloud-computing resources can crack your WEP (trivial), WPA (harder/slower), and WPA2 (much harder and slower, but still doable, unless you rotate them daily).
Then, if you have implemented some reasonable level of security, when the jackboots kick in your door, you'll have a much harder time defending yourself during the pre-trial investigation, and, then, assuming you live long enough, in court, due to the security you put into place, obviously trying to hide your evil actions.
At best, you can discourage casual (mis-)use of your WiFi, but that wouldn't help against a long-term attack like this one.
If you're worried about it, shut it off, and run the cable, as I have.
Just make them work for it.
WPA2
Don't broadcast SSID
MAC filtering
Put your router in an interior room of your house/apartment (not a shelf by a window!)
Log activity
Rotate passphrases
Hard to guess passphrases
None of this is insurmountable (according to what I read, I doubt I could penetrate the above but I am not a cracker in any sense of the word). At the very least make the intruder know what they are doing.
The moral of this story? DON'T USE WEP! It has been broken for years. It can be cracked in seconds.
WPA2-PSK is a secure algorithm, and will keep your network safe as long as you use a decent key (as in 32 characters long, alpha numeric, symbols, upper case, lower case, just general good password security).
If you do not use a decent key then it can be brute forced due to an insecure key.
Key rotation is a good idea if you are REALLY paranoid.
1. spoofing an IP will not get you past MAC address filtering
2. i'm not sure what script kiddies hacking into government affiliates has anything to do with a Wi-Fi
3. you can always backtrace the internets. consequences will never be the same!!
Well, if you only need to use the WiFi indoors, you could build a Faraday cage into the external walls of your house. That's a little extreme, though.
It sounds like he "cracked" the WEP encryption with brute force. Surely there should be a way to tell that someone is attempting to log into your wireless router hundreds of times a minute? Ideally the router would send an email or otherwise issue an alert to a known address. Are there any routers that support this kind of thing out of the box? If not, any easy to use software? (On Windows in my case, but feel free to name software of any variety, in the aid of spreading knowledge...)
Wpa2 encryption is still considered secure If you use a strong enough password. Wep and Mac address filtering are worthless. Wep was compromised almost immediatly upon release and Mac address filtering can easily be circumvented by spoofing one of the mac addresses of a computer already on the network which is easy to do.
http://www.random.org/passwords/ has a fairly good pw generator. Make a bunch and pick 2 strung together.
"Well, good luck finding a judge that doesn't run a bestiality site."
It must have taken them a long time to figure out what happened unless he wasn't spoofing MAC addresses. It wouldn't occur to most people that their wifi was hacked. Most would assume someone had hacked their individual machines. Wonder if the target was technical, in which case the hacker would have been stupid to do what he did (not to mention evil).
Do what you can, with what you have, where you are.
Or it could be the author of the article has his head up his ass and just calls all wireless security WEP.
"Well, good luck finding a judge that doesn't run a bestiality site."
Is that prosecutors are allowed to offer plea deals.
If the prosecutor believes crimes were committed, then file charges. If not, don't.
If people are cowed into pleaing guilty (or no contest) to charges to which they believe they're innocent due to legal costs or fears of false conviction, the solution is radical reform of the legal system. NOT to create a gray area of semi-crime, semi-guilt, and semi-punishement. That is *not* innocence until proven guilty.
no wonder he was a bit of a Narzi...
WPA2 + MAC filtering + Don't broadcast your SSID
Yeah, Mac filtering is pretty useless. I mean, what's the chances of a leet hacker using a Mac?
Steven Seagal's Apple Newton notwithstanding.
Brute forcing WEP is done by saving a dump of the encrypted data you receive, then brute forcing that until you have the correct key, so there's no connection to the router made until you know what the key is
When I was four, my mom caught a teen neighbor doing something innapropriate with me. She ordered him out of our backyard where he had no business being. That night, she told my dad about it.
Dad paid a visit that night to the family of the 17-year old in question and spoke for a while with his parents.
That family moved out of the neighborhood the next weekend.
Things were simpler then.
Why? It does not actually matter if the mac address is in use or not.
1. spoofing an IP will not get you past MAC address filtering
So you just spoof your MAC address as well. It's not as if this was rocket science (... as anybody would know who ever sat in a boring airport lounge..)
The obvious solution is to not piss off the creepy neighbor.
And if some stranger I just met kissed my kid on the lips I'd be doing a little hacking of my own, involving a Extra Heavy Duty Glad Bag and a large surgical skiving knife.
See, the trick is to cut the bags open so you can cover the furniture. It makes cleanup a snap.
You are welcome on my lawn.
He went from a 2-year plea bargain to an 18-year sentence? They raked him over the coals for not cooperating with the prosecution.
I went to eat some animal crackers and the box said, "Do not eat if seal is broken." I opened the box and sure enough..
WPA2 is probably adequate, MAC address filtering would probably stop only very incompetent hackers, it's pretty useless in my understanding (correct me if I'm wrong)
"It is our choices, Harry, that show what we truly are, far more than our abilities." -- Prof. Dumbledore
What additional security measures can be taken to thwart script kiddies like this guy?.
This security device works every time, particularly with pedophiles.
If you use WPA2 and a strong WPA password that is 18+ characters long you don't have much to worry about. MAC filtering is easy to bypass and WEP is a joke.
And that would have protected against what happened here how?
WPA2 with a strong password (20 random characters or 7 diceware words) should stop such attacks.
Use WPA2 instead of WEP, because WEP is known to be totally open to begin with. Choose a very long password, such as "Apparently, my router has a long WPA2-password now." That's enough.
Although it can have security issues itself HomePlug is a good option. I live in an old granite 3 storey house so I can't get a decent wireless signal throughout my house so HomePlug works great for me. I doubt many hackers check to see if they can access homeplug in their neighbours house via the electrical sockets in their own house.
This does require that you use a PC as the Internet gateway/NAT/VPN server.
Not necessarily. If your router is supported by OpenWRT you can install OpenVPN on it.
Indeed it is. All you need to do to bypass it is to capture packets from someone using the network to get their MAC and then set your own MAC to match. You then have a valid MAC that lets you onto the network.
The neighbor would have been able to use him as a source address for traffic -- but *not* to steal his usernames and passwords out of the air.
*Some* nodes? Try most wifi cards.
MAC address filtering is useless against a determined attacker. Your best bet is a WPA2 PSK with a long key, unless you fancy setting up WPA2 Enterprise.
There are plenty of WPA and WPA2 cracking services online, pretty much just a click away. These services rely on their "rainbow tables" for WPA/WPA2, which if you use a non-standard SSID and a long (18+ character), strong password are pretty much useless. Once the WPA password passes about 14 characters the table generation time starts running into years.
Not broadcasting the SSID is a pretty worthless security measure. If you have a wireless client connected I can see your SSID.
Or you can install dd-wrt/openwrt/tomato on your router and let the proper device do the job of gateway/NAT/VPN server.
Um, no. MAC address filtering does almost nothing other than making it clear to whoever is trying to connect that they are not welcome. It's kind of like sticking a post-it note on your front door saying "Only Joe User and Jane User can unlock and enter this door" and expecting robbers to respect it. Instead they will laugh. MAC address filtering is useful only to make it obvious you aren't running a public access point.
Use WPA2 if you can and use a long passphrase. I also put my router low in the basement and turned down the signal strength so that the signal is fine in the house, but is quite poor outside because the ground is blocking a lot of the signal. From the street someone would have to have a pretty good antenna to pick it up. Although I suppose anyone targeting me would go to the trouble, ordinary passers-by would find a lot of wide-open "linksys" access points before bothering with mine.
but seriously, who hasn't enjoyed some Gedankenexperiment and run through all the neat little things one could do to really make someone's life a living hell? The fail here was the evidence trail he left :)
The only passwords I'm seeing that this guy stole in TFA was the WEP key. Apart from that it looks like he just used the persons connection to create new accounts to frame him for anything and everything he could get away with.
MAC filtering + "something better than WEP" (e.g. WPA2) + don't broadcast your network's SSID. Of course that makes it sort of annoying when you have guests over to your house who want to connect to your network.
Hmm -- I didn't catch that it was new accounts. Depending on how his corporate email system was secured, it may or may not have been necessary to steal username/password credentials to send messages appearing to be from the intended target.
It says this occurred in Blaine, MN; which is in Minnesota's 6th congressional district. Anyone from Minneapolis can tell you that district represents the bulk of MN's redneck population. Frankly I'm surprised he didn't try to run them over with his monster truck instead.
And yes, that is Michele Bachmann's district.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
"Searching through the activity surrounding the day the threat email was sent to the Vice President, Ardolf’s name and Comcast account were
visible on the data pulled from the Kostolniks’ router" link
No, MAC addresses can be spoofed as well.
They are just part of the data sent over the air.
1. spoofing an IP will not get you past MAC address filtering
So you just spoof your MAC address as well. It's not as if this was rocket science (... as anybody would know who ever sat in a boring airport lounge..)
You don't have to spoof your IP address at all. Just spoof the MAC address and let DHCP take care of the IP address.
Wow, fixing the symptoms, not the underlying problem, are we?
Because instead of upgrading from our WEP encryption that is so outdated, I wonder where they found a router that still doesnâ(TM)t warn them to use something better, to WPA2 or even *gasp* proper *cables*, you'd rather install MAC address filtering??
My WiFi (WPA2 with public key cryptography, which my phone supports) leads to my server. which treats it as a separate DMZ. To get into my LAN, one has to connect to a VPN (for which my phone also has a client) through the single open port in it. Which is, again, strongly encrypted. And only then, from that LAN, does anything get even limited Internet access. (I have something like a rule-based smart UPnP there, which has a desktop-firewall-like client. So if somebody tries to connect to the net or something that there isn't a rule for, I get a dialog, letting me decide how to handle it. Including a timeout to deny it automatically for now. [=game/full-screen mode])
True, but make them go through the effort.
It is one more step, which when revealed in court, will help hang them.
I am very small, utmostly microscopic.
Indeed, in most cases this works... unless the DHCP server is smart enough to know that the re-request came way too early (the Mac still has a lease, and it's still valid several hours...)
Working with what you got, here's off the top of my head: -Adjust the transmit power setting. Unless you need wireless coverage outside your residence, then I would turn down the power to where the signal is just barely getting outside your walls. For example, can you stand outside your apartment door and see your wireless network? If so, others can. AFAIK, only the custom firmwares support adjusting the power aka tomato and DD-WRT. Look at them if you haven't. -MAC address filtering + WPA 2 is good. Others will point out the MAC addresses can be spoofed. WEP is pathetic at the time of this writing. -Turn off support for unneeded services and protocols on your router. For example, if there's no 802.11b network cards, turn this off.
"It's one thing to talk about the poetry of machines. Quite another to listen to it for yourself."
Where can I buy the "go out of jail" card that I'll probably need when I start calling random people "pedophile" and shooting em with your security device?
Every device that has access to the internet in my house is listed in the mac address filter on the router. I use a wpa-tkip-aes key as well as stateful packet inspection. The reality of it is any asshole (like the one mentioned above) who is motivated enough will eventually break my security key. I just do the best I can to make it a pain in the ass to all that are not truly motivated. As a parent I would have had something to say about a stranger kissing my child but to call the police and report him as a sex offender without even checking the listing is irresponsible. At the very least she should have checked her states' website that lists sex offenders before she made an accusation.
"We are just a war away from Amerikastan. When god vs god the undoing of man." Dave Mustaine
WPA2 is probably adequate, MAC address filtering would probably stop only very incompetent hackers, it's pretty useless in my understanding (correct me if I'm wrong)
You may be right about that. Can you find the MAC addresses of systems connected to a network you are passively sniffing? Then it is a matter of waiting for that system to go offline (such as the case for a laptop or phone), then steal its MAC. In this case the hard part is getting past the WPA2.
I'm a good cook. I'm a fantastic eater. - Steven Brust
MAC spoofing is trivial. I'm not an expert on WPA2, but can an attacker actually see MAC addresses connecting to the network? If not, it would take a long time to make connection attempts using all possible MAC addresses.
Still, there are probably ways to quickly narrow the list of possible addresses. I was thinking that a MAC whitelist might be fairly effective, but seems I was wrong.
MAC filtering + "something better than WEP" (e.g. WPA2) + don't broadcast your network's SSID. Of course that makes it sort of annoying when you have guests over to your house who want to connect to your network.
So you think that MAC filtering and a non-broadcast SSID are going to stop someone that can break WPA2? Seriously, just use WPA2 and be done with it.
MAC filtering is, in my opinion, a pain in the ass for little gain. Every time you want to add a new device you gotta add the device's MAC to your filter list.Yes it's usually trivial to do, but it's a pain when family or friends come to visit. If it added a significant amount of security I'd consider it worth the annoyance, but it's trivial for anyone who even vaguely knows what they're doing to bypass. I use WPA2 with a long non-trivial password. If someone gets past that I think I can legally argue that did due diligence in keeping my network safe.
I don't need a million points of light, just two points of multi-mode fiber and a 10 Gig-E router.
Let's remember that this started because the creepy guy gave the new neighbor's kid a peck on the lips. There are people for whom that's not automatically sexual thing, as in they kiss their parents on the lips. Mind you, it was more common a hundred years ago as I understand it, but there it is. So, weirdo kisses junior, in a presumably nonsexual way, the mother gets freaked, and she calls the police to report that the neighbor is a pedophile. That's a damn sight more than a perceived slight, don't you think? I wasn't there, of course, and I certainly don't condone what the dude did to get his, but it seems to me the mother sparked this whole thing by throwing around pedophilia accusations.
In a serious type of criminal activity of this nature, trying to falsely incriminate the other person technically means YOU were the one obtaining the child p0rn, so YOU should face those charges you are trying to bring unto them....glad the courts saw this and acted accordingly....
If he really has no time other then to get back at someone...then he faces the consequences of getting caught....and that is what he got,
i feel no pity for him, and if what he did was true(kissing the little boy on the lips, when he did not even know the boy), means to me he definitely is a weirdo...
and belongs where he is...
Physical security like control your Wireless signal. place the AP in a location where it does not spill outside. I.E. actually understand RF energy and how to control it.
I have an Open AP that unless you are in the house or up against my glass you are NOT getting in. and no you posers claiming you can do it with a cantenna cant. I have a 27db gain 2 foot dish and I cant get into it until I am 4 feet from the house. There are advantages to having aluminum siding and aluminum window screens plus the AP residing in the basement on the floor.
Do not look at laser with remaining good eye.
People using WPA type encryption think they are way safer than WEP, but that is not the case. I'm currently posting this from a wifi i'm leeching off of at home and torrent movies off of it during the night.
The owner has changed the passkey before, but that was cracked eventually.
Unless his corporate network was pathetically set up (a possibility, I'll grant you), even with access to the guy's wireless network corporate network should have been safe without a lot more effort. Ideally connections to work should have been VPNed, but at the very least they should have been HTTPS, or an encrypted e-mail protocol.
I don't need a million points of light, just two points of multi-mode fiber and a 10 Gig-E router.
Aye, but passwords are transmitted in the clear.
I like this one:
http://www.thebitmill.com/tools/password.html
Can set length, include different sets of character classes (helpful sometimes to turn off punctuation for the idiotic apps/sites that block punctuation in passwords)
Well, if he was an uber skilled script kiddie, he could just spoof one of the allowed IP's which isn't hard to do at all considering 'script-kiddies' have been hacking into government affiliates as of late... :) got something to hide?
Does anyone know if stateful packet inspection will catch ip or mac spoofing?
"We are just a war away from Amerikastan. When god vs god the undoing of man." Dave Mustaine
There was another case of Wifi hacking a while back - the victim of the hacking was able to get the charges dismissed largely because they were running an unsecured WiFi. The implication was clear: if they had secured their WiFi, they probably would have been convicted. The authorities probably not have accepted their claim to have been hacked.
Enjoy life! This is not a dress rehearsal.
I don't know if I should mark you as stupid or smart/funny... STOP CONFUSING ME...
http://www.chillispot.info/
It does. If it's in use at the same time as the hacker connects with the MAC spoofed, you have two machines on the network with the same MAC. That causes enough problems that the victim will notice something is going on.
Heh, my previous house was just like that. I called it my "Faraday home". It was nice knowing that nobody could get into my Wifi network because they simply couldn't reach it. I didn't run security on mine either. Although not being able to get online with my laptop while sitting in my back yard was, admittedly, annoying.
My new place is not so lucky, so I have to keep the Wifi power turned down quite a bit and use WPA2 security with a stupidly long and complex key. But I wasn't as bad as my neighbors, almost none of which had security turned on at all, or used the broadcast name as the security key. At least until I went in and changed all the names of the base stations to rude phrases, then they all got locked down in a weekend. :)
Official Heretic from the "Church of Global Warming". Proven right thanks to whistle blowers. AGW = Flat Earth Theory
I agree that the mother over reacted by calling the police. Marching up to the guy and giving a major scolding is more likely effective.
Oh, come on, now, you're being completely unreasonable. We're trying to build a society here where one can completely abdicate personal responsibility and avoid personal confrontations at all costs.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
Is to have your wireless access point only connect to a firewall that you have to VPN through in order to connect to the Internet. When someone breaks your WPA2 all they get is an IP address to a tiny little network with no internet routing.
So typing in a "long non-trivial password" every time a guest or new device needs to be added to the network is less of a "pain" than adding MAC filtering which, according to you, is "trivial to do, but it's a pain"?
"A person is smart. People are dumb, panicky dangerous animals and you know it." - K
"perceived sleights turned into byzantine obsession is a sign of a person who will do nothing but bring grief to anyone who ever touches his or her life"
Have you never see the Cable Guy or One Hour Photo. I guess the lesson to be learned here is don't piss off technical support .. :)
"Up until his termination in June of 2010, Ardolf worked at Medtronic as a neuromodulation device repair technician" link
Cloud-computing resources can crack your WEP (trivial), WPA (harder/slower), and WPA2 (much harder and slower, but still doable, unless you rotate them daily).
Baloney. If you pick a long password (say 15 upper/lower/numbers), "cloud computing" can't break a WPA2 AES password. If you know otherwise, please post a reference of how you can possibly accomplish this.
If someone can hack WPA2 then MAC filtering isn't going to do jack, the ultimate answer here is to use WPA2 (if you must use wifi).
WPA2-PSK-AES with a 64-character passphrase that looks like line noise. Save it to a text file stored on a USB key, so you can just move around to various devices and cut-n-paste it in to set them up. Change it if you ever give it to a guest -- once they leave, or sooner if you want to *prod* them to leave.
Change your SSID to something like "invite_only" or "private_keep_out". This is more for legal support than any actual physical defence.
Turn on and periodically check the logs on your WAP. Become familiar with what normal entries look like and keep an eye out for anomalies. Specifically, look for any duplicate MAC alerts, which is a sign someone is trying to spoof one of your MAC addresses.
Noob tricks like MAC filtering, DHCP client limits, etc. are trivially bypassed by a knowledgeable attacker. Please note, anyone with a few minutes access to Google is now a knowledgeable attacker.
Make sure all your devices support WPA2-PSK-AES. Any that don't, upgrade or replace.
Learning HOW to think is more important than learning WHAT to think.
WPA2 (much harder and slower, but still doable, unless you rotate them daily).
If it's so slow, why would you change they keys daily? If your key has sufficient entropy, you are set for years.
Give me Classic Slashdot or give me death!
The neighbor would have been able to use him as a source address for traffic -- but *not* to steal his usernames and passwords out of the air.
If one were to go to the trouble of using an internal VPN rather than standard wireless encryption, it would really make sense to go the one extra step and ensure that only traffic from the VPN tun device on the endpoint gets routed to the internet...
That would leave anybody who gets onto the wireless harmlessly twiddling their thumbs in some 192.186.1.* backwater until they figured out what VPN client to fire up and somehow obtained the credentials for it.
I don't know if I should mark you as stupid or smart/funny... STOP CONFUSING ME...
They've finally added the "-1, Stupid" mod?
My sister opened a computer store in Hawaii. She sells C shells by the seashore.
Indeed, in most cases this works... unless the DHCP server is smart enough to know that the re-request came way too early (the Mac still has a lease, and it's still valid several hours...)
What DHCP server behaves in that way? It sounds likely to go wrong.
Then I suggest you try it. Spoof a mac from a machine which is on another machine and make sure one of the machines is allocated a different ip address. You will be surprised by the events when they unfold. It may not work with wpa / wpa2 (never tried) but it will work with wep (tried). Both machine will just see each other's ip traffic and drop them at the ip stack. The following can also work. It is possible to shadow a wireless user using wep / the same mac and the same ip address. So long as both machines have a stateless firewall which drops everything by default. It will prevent the hosts from interfering with each other :)
It doesn't matter how trivial it is since MAC filtering adds no security at all and is a waste of time. A "long non-trivial password" is the only security measure you can take (or need to take) with WPA2.
As a parent I would have had something to say about a stranger kissing my child but to call the police and report him as a sex offender without even checking the listing is irresponsible. At the very least she should have checked her states' website that lists sex offenders before she made an accusation.
Huh? So if you steal my wallet, I should check to see if you have any priors for theft before reporting it to the police?
I know what happens when you have a duplicate MAC on a wired network... confuses the routing. Is there a similar collision on a broadcast/wifi system? If so, even if he spoofs a MAC he has to wait until yours is offline, otherwise it's just a DOS. In my house all the networked devices are on 24/7 except my cell phone which obviously travels with me.
Check out my lame java blog at www.javachopshop.com
Almost. You beat his ass first and then figure out how to blame it on him. In Texas, anyway. Bring a shotgun.
In Soviet Russia, Chuck Norris will still kick your ass.
It's surprising how many companies have open relays.
Check out my lame java blog at www.javachopshop.com
I used to connect to open wifis in my neighborhood, login to the routers using the default admin passwords, block google.com, then change the router's hostname or something to "secureyourwifi". They're all using encryption (of some kind) now.
http://alternatives.rzero.com/
But if Rupert Murdoch's people had ordered this done to someone, and the orders came right from the top, and it was done to sell lots of newspapers, nobody would go to jail, and all that would happen is the parent company's stock would dip for a few days.
It's amazing that we are more than happy to see this sociopath get 18 years, but when big business gets away with ruining the lives of hundreds, or millions (as is the case with banks), and nobody does anything, and we're not out there with torches and pitchforks.
What a world.
If telephones are outlawed, then only outlaws will have telephones.
I understand the risks, but I personally find this level of security a pita for a home network. I use WPA2 and my password is non-trivial but still probably dictionary-able (words with character substitutions such as a $ for an s in the word...) Anyways, I do this specifically because I got tired of everybody and their brother with an iphone wanting to get on my network and having to add their MAC and provide them with a card with the complex key written on it. I realize that some people run businesses at their homes so it makes sense in that case to be a little extra paranoid, but I think many people around here are overly paranoid. I don't mean that part to be specifically about you, I'm sure many people have good reasons to want their home networks secure. In my case, I treat it like locking the door... it's just enough to keep the honest people out.
Check out my lame java blog at www.javachopshop.com
I hesitate between damn funny, dripping sarcasm, and informative.
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
MAC filtering is only a pain if you routinely have company. For someone who only occasionally has guests, it's not a problem - and when I do, it takes all of 2 minutes to get them set up on my network. What I do...
1. Disable DHCP, assign each device on my network its own static IP address.
2. Enable MAC address filtering for each device.
3. Enable WPA2+PSK, using a long, seemingly random string of letters and numbers that only I know the proper means to mentally 'generate' on the fly (as opposed to having to memorize the whole damned thing).
Granted none of these are impenetrable, but put 'em together and I feel reasonably secure, especially against your average script kiddie.
(Now let's watch as some random "wardriver" drives past my apartment and proves me wrong. -.- )
There was a book written called "3 Felonies a Day" which details how the legal code is so complex, everyone is a felon. What you are describing is a symptom of that.
Except for ending slavery, the Nazis, communism, & securing American independence, war has never solved anything.
I don't know about Homeplug specifically. But most network over powerline inhome systems network signals will not go through the transformer on the pole. He would have to have access to power after the pole.
As has been well known for years, there is no real security possible with wi-fi. Nothing new to see here, move along!
When you kiss your child are you sexually exploiting them?
The missus here over-reacted quite a bit by saying "We've moved next to a paedophile".
Granted, the neighbor over-reacted hugely.
But this isn't paedophilia. Because not everyone who kisses a child means to have sex with them.
which make me feel ashamed to be human! A coffin sounds like a better place for such human debris.
www.Migrainesoft.com - Computer giving you a headache? We can fix that!
This is why you don't use wep!!!! Anyone stupid enough to enable wep is just as at fault as the hacker.
I'm glad someone called him out on it. The only practical WPA2 attacks are dictionary attacks. Don't pick passphrases that include dictionary words.
WPA with a good password is enough, at least for now. "Good password" means exactly that, though. MAC filtering is trivial to bypass. I love the ISP-set default WEP access points. They go down in 1-5 minutes of active probing. 64bit WEP is worse than 128bit WEP is worse than WPA is worse than WPA2.
Verizon customers hardly ever change the default password and SSID, and the one time it was changed, they used their family name as the SSID and phone number as the key (lost three points of data to one attack there).
I have fond memories of the time many years ago, when I was able to wipe the puzzled expression off my boss' face by whispering to him during a meeting that the tech consultant who was chattering about "mac addresses" was talking about "media access control", thereby showing him that I knew my stuff and saving him from the stupid question he was about to ask about whether this applied to IBM PCs too.
What scares me about this is the fact that he was only arrested after a packet logger was installed.
I would bet that most residential wifi routers could be hacked by your average slashdot reader in a couple of weeks, even those with WPA(2). How many victims of a reputation destroying hack like this would have enough clue to get professionals involved or to install a packet logger by themselves? Less than 5%? I think the vast majority would just go down with a kiddie pr0n conviction not knowing how to defend themselves.
Just use WPA2, take off your tinfoil hat, and stop fucking worrying about it.
I have an Open AP that unless you are in the house or up against my glass you are NOT getting in. and no you posers claiming you can do it with a cantenna cant. I have a 27db gain 2 foot dish and I cant get into it until I am 4 feet from the house. There are advantages to having aluminum siding and aluminum window screens plus the AP residing in the basement on the floor.
Do not underestimate the power of 60 years of lead based paints.
Good point. Though, I think in general MAC filtering and non-broadcast SSID will deter many amateurs. I mean, look at the guy in this article. It took him 2 weeks to crack WEP. If they had not been broadcasting the SSID, are we certain he'd have even figured out they have a network? Neither of those methods (MAC filtering and non-broadcast SSID) are going to defeat someone who knows what he's doing. The corollary is that many people don't know what they're doing.
Erm, I don't know what you mean by 'smart enough'. If a computer rerequests a IP, DHCP is supposed to respond to it and give them their IP.
Anyone trying to 'secure' something by making a DHCP server not do that until that IP's lease 'expired' would pretty much break everything. 'Oh, look, that dastardly computer crashed without turning in their lease, no IP for them when they reboot! And that one went to sleep mode and, upon waking, checked to make sure it still on the network by updating its leash, no IP for them either!'
If corporations are people, aren't stockholders guilty of slavery?
I do something similar.
SSID: askbillforkey
key: dontdoshitth@twillgetmeintrouble
wish I could give you points for the QUALITY Newton reference. made my morning.
having dupe mac addresses causes ARP cache conflicks.
arp -an (to view)
arp -d (to delete the entry)
until the entry is gone or aged out, the router who has that arp cache will send packets for that mac addr out the 'port' its 'attached' to (in cache).
all made worse by multiple bridges having forwarding databases (your switches are really bridges, just wire speed) having mac_addr to port tables and this can point in 'all different directions' for data flow.
the thing is, users are so used to wifi being 'messed up' or having hangs and pauses, they won't NOTICE a mac addr poisoning, necessarily. heck, they'll just reboot something until the data flows again.
--
"It is now safe to switch off your computer."
It's not much less of a pain, but unlike MAC filtering it's actually reasonably secure. I don't mind something being an annoyance if it works, but it seems stupid to add yet more effort on top of the existing effort while adding no real value. Besides with a bit of effort a password (really a passphrase) can be long and non-trivial, but still be memorable. I can type my WPA key from memory, I don't make a habit of memorizing MAC addresses.
I don't need a million points of light, just two points of multi-mode fiber and a 10 Gig-E router.
Yes, because you can keep the password on a flash drive, and when guests come over, you can hand it to them and they can get online with almost no delay added. It's a copy and paste.
Meanwhile, if you filter MAC addresses, you have to have another computer already on the network handy, and log into the admin pages and add them.
If corporations are people, aren't stockholders guilty of slavery?
The guy took two weeks to crack WEP? He must have been doing something wrong then.
... or, maybe he initially knew nothing of wireless hacking, and had to spend 13 days learning about it and downloading stuff ... and the actual hack took five minutes.
Really, this is what people are harping on?
Texas?
There are two types of people in the world: Those who crave closure
Disabling DHCP does nothing for your security at all. Anyone who break WPA2-PSK is going to have enough skill to be able to set their own fricking IP in your network.
And the same with MAC filtering, although that might actually help if every single device in your house is on. (Or, rather, every single device that is often on, is on. Obviously, they can't guess the MACs of devices that are never on in the first place.) Generally, no, that's equally pointless.
There are sometimes reasons to have multiple levels of security, but they have to go from least to most to make any sense at discouraging and stopping people. To break into your network, people have to first break WPA2, and at that point, anyone who manages that can certainly figure out the rest of the thing. (Not that I think anyone could manage that.)
You have put a dollar store padlock on a box that you're storing inside a safe. All you've done is make it more work for you.
If corporations are people, aren't stockholders guilty of slavery?
Over months and months, he inflicted unfathomable psychic damage
Wow, he really WAS from Hell. Did they need a priest to do the exorcism?
I miss the 1990s.
MAC filtering would have done, quite literally, nothing to stop this guy, and I will explain why.
To crack WEP, you generally fire up a scanner like kismet to locate your target. This will locate any SSID where there is either a broadcast, or traffic. This is why non-broadcast isnt much security-- its possible that the scanner will miss your network, but given enough time it will eventually respond to a packet and show up in the scanner.
Once you have located your network, you check its details, which shows authenticated MACs, encryption type, etc. At this point, you start collecting IVs through aircrack or whatever else you use. One of the ways to generate traffic is to spoof de-auth packets to auth'd laptops, forcing them to reauthenticate, generating additional traffic. This whole way through, you have a list of valid MAC addresses-- so when you finally crack the password, you can simply spoof your mac as one of theirs (Wifi macs are easily changed in software), issue a deauth command to their connection, and authenticate as them. If it is at night, they probably wouldnt even notice, and their router would show you as being them.
If you want additional security, you use an encryption type that wasnt broken in 2001, horribly broken in 2004, and left in shambles a few years later as the cracks got progressively better. It is now possible to crack a WEP network on bog-standard Ubuntu with unpatched drivers with bog standard hardware in about 5 minutes (the span of 2 youtube videos) if you have the right software.
In other words, use WPA or WPA2-- preferably with AES. The vulnerabilities for those consist of pounding the routers in a brute force attempt to get the password. For a password, use a sentence-- it can be anything, like "My dog's name is Rover.". Good luck to the would-be hacker guessing which of the billions of permutations of sentences you used.
Have we learned nothing from Independence Day?
All nodes can change their mac. Under windows it can be done from device manager, under linux I think iwconfig and macchanger can do it.
WEP / WPA? I wouldn't lump those two together. WEP is garbage. These people were running WEP. WEP should be unincluded for all modern routers (you should have to go out of your way to get a special purpose WEP router if you really need it). That's an ideal world. So, what can you do? Use WPA2-AES with a 40 character passphrase if you're paranoid. Problem solved (for all practical purposes).
That would not prevent someone authenticating to your wifi AP and doing what this guy did, namely take incriminating actions from your connection.
That is what outdoor outlets are for. I know there are a couple on my house. They also do have loops to put a padlock over the covers of the outlets, but who locks up their outlets?
"But this one goes to 11!"
Why not use WPA2-AES, rather than WPA-TKIP/AES? The latter has only the minimum strength of WPA-TKIP (which isn't terribly strong).
No sense in exposing your network needlessly.
The way I would do it is have strongest security enabled in primary Wi-Fi point.
Everyone can either use this one, or...
Secondary Wi-Fi point with less security, more restrictive, more forceful access.
Limit what it can do too, have everything it does logged.
This also doubles as an AP for old crap with fixed security in hardware. (such as every handheld ever, it seems)
CHANGE PASSWORDS CONSTANTLY.
Don't make it public.
MAC filtering. Change Macs frequently if you have to.
Another solution is short-distance APs in each room using wires.
There are some that even have infrared access points you can put up on the ceiling for ultimate security. (at the sake of speed, of course)
But a wireless AP in all rooms and metal frame, ultimate tinfoillery to the max.
In all honesty, it'd be easier to just install spying software on your network to see exactly everything that every computer is doing every second of the day.
Doesn't take much to do, requires bare minimal setup, then you leave it there, recording, ever get a knock at the door, give them the hard drive, still probably get accused of being a criminal, but actually have a decent defense in court.
Gotta love the law.
So do you change your long passphrase every time someone comes over who wants to use your Wifi and you have to provide the password, or do you go through the hassle of actually typing it in on their machine yourself, and then making sure it is not saved and such? Or do you just pull the dick move and tell everyone that comes over with a laptop that they can't use your WiFi?
"But this one goes to 11!"
MAC filtering is 99% worthless. It takes one command in terminal to change your ethernet or wifi MAC to anything want, good till reboot.
And afaik MAC addresses are sent in the clear so a packet sniffer would instantly have a valid usable MAC when someone logged in legitimately. Just a matter of waiting for them to put their computer to sleep, as more than one computer with the same MAC tends to make the router go skitzo.
I work for the Department of Redundancy Department.
This man is truly a depraved and evil person. Not only did he try to frame his current neighbors, he harassed and stole from his previous neighbors. When the Feds attempted to go easy on him, he fired the lawyer that scored this sweetheart deal and withdrew his plea. He then proceeded to blatantly violate the terms of his release from prison. Well after the trial had begun, he pled guilty a second time. Because this wasn't nearly enough fun, he tried to withdraw his plea AGAIN (that failed.) He also added attempted witness tampering to his list of crimes, because apparently he wasn't going to be locked away for enough time yet. (But he did it via mail sent from prison! I guess he didn't get the memo that except for mail to your lawyer, all letters to/from prison can be read. Whoops!)
He shows absolutely no remorse for his actions; to this day thinking this "revenge" was justified. (He even tried to get the victim's testimony disqualified because they failed to obtain a construction permit for work done on their basement and therefore they could not be trusted. Talk about the (cast iron) pot calling the stainless-steel kettle black.)
Was he TRYING to dig his hole as deep as possible? About the only thing that could have made him worse off would have been a pro se defense, followed by trying to attack the judge during the trial.
Locking guys like this away is what we have a justice system for. Good riddance.
No, he would not have been able to use the victim's internet as source address. The internet gateway/NAT should not forward to/from Interent anythign that is not on the VPN 'network'.
FUD. WPA2 can't be cracked unless you use a weak password.
I've seen parents kissing their kids on the lips. I wouldn't do it but i also would not have reported my neighbor for it either. different cultures are all around. People need to understand 2 wrongs will never be a right. in the end it just becomes more wrong. Forgive your stupid neighbors and move on don't hack their wifi and do illegal things!
And if some stranger I just met kissed my kid on the lips
That was the original complaint from the neighbor. If we take this on its own, and presume nothing before or after, I think it warrants a little more examination of what happened. We are, after all, talking about a small child. Sure, based on what we know about this nutjob it is certainly possible he intended to plant a kiss on the lips of a kid, in which case he is a dirty pedophile who should be taken out of society.
On the other hand, we should consider the behavior of a lot of typical 4 year old kids - rather unpredictable. If your neighbor kissed your kid on the cheek or forehead you might not be offended, right? What if that is what the guy was going for and the kid moved his own head at the last second? Now the stranger's lips are on the kid's lips unintentionally.
Of course, I would generally think it unwise to kiss a kid you have never met before. and based on what he did afterwards the guy is psychotic and should be put away.
But there is a chance, particularly given how little information we have, that the first encounter was innocent in intent, and ended up blown out of proportion. There is, of course, an equal chance that it was just as bad as it looked.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
I could have sworn that WPA attacks were still confined to dictionary and brute-force methods, instead of the much faster methods available for WEP.
Most NICs support either intentional or "back-door" MAC address cloning. Cloud-computing resources can crack your WEP (trivial), WPA (harder/slower), and WPA2 (much harder and slower, but still doable, unless you rotate them daily).
Your comment about MAC address cloning is correct.
However, it would be nice with some citations to back up your claims about WPA2. If what you are saying is true, then I would have expected to see publications that describe such a revolutionary attack against WPA2.
First of all, a WEP attack does not require any cloud computing. The bottleneck is capturing enough traffic (802.11 frames). The attack itself can be run on any ordinary computer and will find the key quickly. With an active attack (e.g. aircrack-ng in PTW mode), WEP can be broken in 1-2 minutes. A passive attack takes far more time, and depends on the amount of traffic on the network. Since the attacker spent 2 weeks cracking the WEP encryption, I assume that he was using a passive attack. Note that the WEP attacks are exploiting protocol vulnerabilities, they do not assume anything about the passphrase.
Now, for WPA and WPA2. There are some published vulnerabilities in TKIP, which is used in WPA and (optionally) in WPA2. Exploiting these vulnerabilities lets an attacker inject traffic on the network, but only from the access point to the client. AES-CCMP, which is supported by WPA2, does not have these vulnerabilities.
Your reference to cloud computing is probably based on dictionary attacks against the passphrase used in WPA-PSK and WPA2-PSK. This kind of attack can only succeed if the entropy of the passphrase is low. If you have a long enough and random enough passphrase, then this kind of attack will not work. Example: 'pwgen -s 32' will give you approximately 190 bits of entropy (pwgen -s uses [a-zA-Z0-9], which is 62 different characters, so a random passphrase of 32 characters gives log_2(62^(32)) bits of entropy). Have a look at the theoretical limits of brute-force attacks to put that into perspective.
To summarize: You are wrong, possibly suffering from False Authority Syndrome, and spreading FUD. The fact that you comment is modded +5 Insightful says quite a lot about the knowledge of slashdot moderators. The proper advice would be to tell people to use WPA2 with AES-CCMP only, and to use a long, random passphrase. 'pwgen -s 32' has more than enough entropy to prevent dictionary attacks with cloud computing.
oh, if we're adding more mods, how about a "-1 typing while intoxicated"? :)
"This message was brought to you by Sarcasm and Troll Feeders United (or STFU, for you un-hip people)."
Boy I believe this. My signal gets knocked down to below 50% just by moving downstairs and over one room.
On top of that I can hardly watch broadcast TV from towers that are less than 10 miles from my home. I get the station, but the UPS truck driving by causes it to go out.
This guy reminds me a lot of Hans Reiser. Absolutely no remorse, and obsessed with how "fairly" he was being treated and wanting everyone to know how mean his victims were, vs. at least pretending he was sorry and getting out of prison prior to collecting Medicare.
Sorry but you misunderstand this concept about wireless. It send it out its port "aerial" which is then broadcast to "all" clients. So both machines can see this. The clients on the lan can only see a single mac for all nodes on an access point. Which is the mac of an access point connected to the wan. This is how a bridge works. The same attack works on a hub. But nothing in this situation is actually being "switched" while you are spoofing the mac ....
That wouldn't be a problem on wireless like it is on wire...on the wire, the switch switches packets based on MAC addresses, so it would not be able to reliably switch traffic to the correct host. Wireless just shoots the traffic out more like a hub...the wireless card picks it up, seeing that it is destined for its MAC address, then the network stack discards it seeing that it doesn't match the interface's IP address. While this might cause a slight performance issue, I doubt it would be noticeable.
RTFA is Known to the State of California to cause cancer.
I'm not that paranoid. I just give them the passphrase. I rotate it every 6 months or so so to prevent it being guessed by an outsider, but I don't assume that everybody who comes to my house is trying to steal mah wirelsses.
I don't need a million points of light, just two points of multi-mode fiber and a 10 Gig-E router.
Do any wireless routers have the option to set a more permanent passphrase for longtime use, and also provide a short term temporary password for guests? That would be ideal.
"But this one goes to 11!"
If it is at night, they probably wouldn't even notice
So the MAC filtering would either make the hacking noticeable (interfering with legit users traffic) or force the attacker to wait. That's not much, but it's inconvenient for the attacker and it costs close to nothing to implement. So why not turn it on?
you have to have another computer already on the network handy
That's a fair point, but for some of us not having a computer on the network would be a rather unusual event.
I'm sorry, WEP can be cracked by a $150 netbook in a short amount of time (no cloud required).
WPA and WPA2 rely on exactly the same security handshake (CCMP) and don't differ in attack complexity in most circumstances. An attacker generally must resort to a dictionary attack against the CCMP handshake as the most reliable way of decryption. There are some attacks against TKIP that may provide limited visibility within previously captured streams, but do not provide the network key or access to the network.
But, please, feel free to continue to talk about it like you know how it works...
Use openvpn, and lock down access to only those on the vpn network. If you don't mind spending $200, you can get a 3 port netgate loaded with pfsense. Put your wireless AP on the third interface.
http://store.netgate.com/Desktop-Systems-C83.aspx
Newer models of the Apple AirPort Extreme have an option for a guest login, with reduced access, etc.
Cool. But what if I don't want to shell out $180 for a router? Anybody know if this feature exists on cheaper non-Apple routers?
"But this one goes to 11!"
When the Supreme Court upheld sex-offender registration laws it was because of the presumed high recidivism (a presumption which has not stood the test of time, I might add).
If you have someone you KNOW is not likely to commit a new sex-related crime you are cluttering up the list and arguably violating the constitution.
Now, if there were a list for amorally dangerous felons, then this guy might qualify for civil commitment, assuming he still has his "I can do anything I want to anyone I want" attitude in 18 years when his time is up.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
I run an open wifi network in addition to my private net (forced through transparent proxy that limits what kinds of sites you can get to, and speed limited to 25kbyte/s)... I named the SSID "I promise you won't get any viruses, wink wink". Strangely, nobody has even attempted to log into it. :)
Most people who "hack" a wifi connection are just looking for a free Internet hookup. Give them access to e-mail and web, maybe IM, but make it too slow and too limited for them to do anything illegal, and they usually won't bother trying to go after your private network unless they have a reason to go after you. So name your private network something that has nothing to do with you, and could not be guessed as yours (open a dictionary to a random page and pick the longest word on the page), and you're pretty much safe. Still use WPA2, but you don't need a stupidly long passkey to protect it, just one that's long enough to make it not worth hacking (which is why you provide an open network for them to go after instead).
In other words, get your network security through social engineering. If you're going at it from a lock-everything-down perspective you'll be stuck in an endless cycle of upgrades, and you will ultimately lose. You still need to keep your tech current, but the need is nowhere near as pressing when you take a few steps to make your network unattractive to a potential hacker.
Most homes share a transformer with a few of their neighbors. There are 46 homes on my street, but only 4 transformers (if I'm interpreting the aerial photo in Google Maps correctly). Odds are fairly good that you and your next-door neighbors are on the same transformer.
20 January 2017: the End of an Error.
"WPA2 (much harder and slower...)"
Unlike data being measured in Libraries of Congress, WPA2-PSK cracking is measured in universe ages. I would definitely say "slower"
I hate to break it to you, but you misunderstand the difference between layer 2 vs. 3, bridging vs. routing and how ARP works.
In your scenario where LAN clients only see the MAC of the Access Point, the AP is acting a a Router (Layer 3). A bridge works at layer 2, all MACs are passed unchanged. A bridge is nothing more than a two port switch (or hub, depending on how/if it manages unicast/broadcast/multicast). This has nothing to do with the nature of wireless.
Even if the AP is acting as a router as most home APs do, having identical MAC addresses on the wirless side will still mess with ARP and cause all kinds of weird connectivity issues. Even in the best case where you've spoofed your target's MAC address *and* IP address, there will be no way to differentiate which packets from each machine go where. In an unswitched network, you'll get massive collision errors and TCP will be quite upset with incomplete conversations flying around and in a switched environment, the switch's MAC table will be FUBARed.
~Any apparent grammatical or typographic errors are caused by defects in your display device.
Dont need lead based paint. go and buy " magnetic paint" it has a TON of iron in it so that magents will stick to kids walls. well 3 coats of this and painting in a copper strip to ground = a significant attenuation of RF. so much that a cellphone will NOT work in my daughters room.
Do not look at laser with remaining good eye.
.....
Also neighbors with unsecured WiFi acting as lightning rods would help.
Justice is the sheep getting arrested while an impartial judge declares the vote void.
Talk about the (cast iron) pot calling the stainless-steel kettle black.)
Cast iron cookware, the world over, takes great offense at your comparing this psycho dirtbag to them.
Serious charges indeed. But 18 years?
It occurs to me more and more that these boards are overpopulated with forum trolls nowadays.
I'm starting to think that a home auth server for wireless connections is a must. Hmm...I have been looking for a reason to learn Diameter. :)
In California you may execute a citizen's arrest if you witness a misdemeanor or have reason to believe someone has committed a felony. Don't fuck up, though. Cops don't like competition.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
It doesn't hurt to turn it on. Think of it as closing the screen door to keep the insects out. I think the reason why people say "leave it off" is because there some out there that would put MAC filtering in place and think they are completely secure. So they so to leave it off to avoid confusion.
Sounds like Asperger's Syndrome gone bad.
Nope. It sounds like he is just an asshole criminal who finally got nailed by the law.
Except if the gateway PC only lets through traffic comming via the VPN, which it probably would be setup to do.
Don't call the police and accuse people of being pedophiles unless they actually are pedophiles !
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
If it's so slow, why would you change they keys daily? If your key has sufficient entropy, you are set for years.
Because apparently, judging from the responses I've seen, there are some people on here who are unbelievably paranoid.
no wonder he was a bit of a Narzi...
Way to Gordwin the thread.
I see what you did there... ...and I raffed.
Then I rost.
Actually, you might not but someone who is on the list for a crime committed before the SO registry came into being might.
The Supreme Court upheld ex-post-facto sex-offender registry on the grounds that it was protective, not punitive.
Anyone who can demonstrate that his placement on the SO list is both ex-post-facto and not protective has a good case.
It's largely moot as most people who have only "old" crimes were able to take advantage of ways to get off the list that used to be in place before the Adam Walsh act, or their crimes did not require lifetime registration and the registration has since expired.
However, a guy who is just now getting out of prison on a 15+ year rape conviction AND who is demonstrably not a risk to anyone (e.g. physically incapacitated or many years of proven pro-social attitude) has a good shot at a court-ordered removal from the list once his parole is up.
As for those who committed their crimes after the law was changed: For them, the registration can be considered "part of their punishment" from a constitutional perspective, making their current danger-level irrelevant.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Or keep your wifi network on a segmented VLAN and keep thorough logs. What's that? None of my devices have a matching MAC address? What about that creepy guy we already filed a complaint against next door?
Yes, but they're often in another room or turned off or whatever.
It takes less time for a cracker to fake their way past than it takes to add a legitimate user to the network.
That is not a reasonable security measure.
If corporations are people, aren't stockholders guilty of slavery?
If he's like me, then because his older devices don't support it.
~S
I refuse to run an open wifi network. I prefer to encourage the use of proper encryption.
If you want to run a publicly available wifi network, just use WPA2-PSK and put the short key in the SSID. For example, an SSID of "free_wifi_password_is_SECRET2".
Unlike WEP, which uses the PSK for everything, WPA just uses it for associating. Connection keys are generated and rotated frequently during actual data transmission.
Learning HOW to think is more important than learning WHAT to think.
It seems that, according to the justice system, the errant hacker would have been better to have acted on his revenge anger immediately,
rushing over and killing the accusing father in a pique of rage.
Then he would have received 10 years for manslaughter instead of 18 years for various cybercrime offenses.
Where are we going and why are we in a handbasket?
bah , just wrap your house in aluminum
Where do you live?
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
TFA says the kid was 4 yrs old. Big diff from 10 yrs old.
doesn't seem right to destroy someone's life over that. Also doesn't seem to qualify him as a sex offender.
might qualify him as weird and inappropriate, and might make you wonder if he could be a sex offender, maybe enough to get a restraining order or to report him to the police.
He's obviously passive-aggressive and has serious problems but the mom was out of line to make the critical "pedophile" allegation to police based upon the single isolated incident. She inadvertently set in motion what Steven Pinker calls a "doomsday machine" mechanism in the brain of the accused, whereupon he tossed caution to the winds and became hell-bent upon destroying his neighbors.
This "amok" behavior is a common behavior found in all societies where a man feels he has lost status, has no power and seeks revenge for his mistreatment.
I think the mother got what she deserved and the convicted got worse than he deserved. But neither party is innocent here.
You catch someone doing something like this, and you put them under arrest yourself
A citizens arrest requires clear evidence of a felony. I doubt anyone had a legal opportunity to make an arrest. Sure they knew their neighbor was crazy and the likely culprit, but it doesn't look like they had evidence at that time to prove who had commuted a felony.
and then hope they resist, at which point you may use necessary force to subdue them.
Use of (legal) force during a citizens arrest requires an immediate threat of bodily harm. There was no such threat here so this would not end well in court. It is likely that someone posting child pornography will not have the best access to legal council or support from the police and prosecutor, however I wouldn't bet my freedom on it.
In California, anyway.
California is fairly strict about personal freedom and safety. You'd have a much better chance of pulling off such a stunt in Florida, or Texas.
You should learn more about citizens arrests. They can be a powerful tool. Just don't implement them without knowing the rules or you're likely to end up overshadowing the arrestee with your own kidnapping and assault charges.
That's why cable sales went up in your area :)
Doesn't seem anybody's posted anything useful, so here goes... 1. Hide your SSID (this in itself requires crazy measures to get around, far beyond a script kiddie) --makes your network not user friendly 2. Use WPA2 encryption, don't have it? Time to upgrade --the difference is night and day in cracking speeds, but now with gpu cracking... 3. as stated filter MAC --really not user friendly, I don't use this 4. Disable legacy frequencies (B/G networks) --never know, good practice at the least. That's all I can think of for now, the above just about everyone can do, there's things like setting up Snort that are harder or a fake AP. Easiest simplest advice I can give though is watch the network light on your router, is it going too much when your not online? Turn off ALL your wireless / wired devices, is it still firing like mad? That's not you using it then, simple. Call a tech savvy friend before the cops.
Note that while I think that the court documents of the prosecution read like a really badly written TV soap, I am in no way supporting this "hacker" (not a term I would even think of attributing to him).
In the court document (second link in this post), there is crap like:
Details of the Offense
A. Ardolf Kisses the Kostolniks’ Four-Year-Old Son Shortly
after the Kostolniks Move to the Neighborhood
Matt and Bethany Kostolnik moved into their dream home in
August 2008. Located on a cul-de-sac in Blaine, the home provided
room for their growing family; they had two children under five
years old, and were expecting another child soon. On August 2,
2008, one day after moving into their new home, the dream became a
nightmare. The Kostolniks’ four-year-old son, W.K., wandered into
a neighbor’s yard to climb on an inviting play-set. A pregnant
Bethany saw W.K. in the neighbor’s yard and, while standing in the
driveway of her home, called for him to come back while
simultaneously trying to keep her 18-month-old son, J.K., from
walking out the open doorway of their home. Finally, Bethany
chased after W.K.
.
Its not a statement of facts, its a horror story told in the voice of Morgan Freeman at the beginning of a B movie.
Sham(e)
The thing is the chance of something like this happening is so low it isn't worth worrying about. Leave it open or don't. It doesn't matter. If someone is going to use your wifi it probably isn't going to be for anything like this. That isn't to say it is unbelievable when someone suggests it happened to them or they think someone broke into the computer or wifi and did something illegal. That does happen. Enough that it warrants the assumption that the person did the act who owns or controls the wifi access point or Internet connection. Half the reason this stuff happens is because security really sucks and there are a ton of people who could do it. It does not take significant intelligence to do so. Someone with intelligence is not going to do something so stupid. There is risk here. YOU are simply too close to the victim and the victim is likely going to point you out as a suspect cause you wouldn't be doing it if it wasn't for the fact you dislike them. Anybody with the time just about and who is on the younger side especially is going to be capable of it (short of being of maybe a lower IQ).
The U.S. Attorney gave Mr. Ardolf a choice. Sell your house and put the proceeds in a trust for your three children or we will use the Civil Forfeiture law to take the house and the proceeds will go to the U.S. Treasury. The goal is to remove him from the neighborhood. It appears that Mr. Ardolf has chosen to forfeit the house and shaft his three children. So sad...
The ones who go for 20 years in jail are the DA, the police force who in their incompetence to properly investigate Kostolniks' "crimes" and determine that it is not them doing whatever they appear to be doing.
This guy should go to jail for far less than two years and probably Kostolniks should go to jail too for making such big deal out of a simple act of kissing and terrorizing this guy to begin with.
[...] stupidly long and complex key.
Stupidly long and complex keys are the only keys that aren't stupid.
Thank you, Edward Snowden.
"Arguments from authority are worthless." —Carl Sagan
i don't think anything can crack a nice password with wpa2+aes. not in a reasonable amount of time, anyway. it'd take years!
Wealth is the gift that keeps on giving.
dont broadcast your ssid, set up a mac filter, use WPA2, change the password every week, use a password that ppl in your house can remember so that they dont type it down where every one can see (or yell it when everyone can hear)
also you can add extra filters that could be invisible to your family but troublesome to an attacker like:
block the ports no one uses
set the firewall to block services and pages you know no one uses or... if you dont want them to use them (but this last has nothing to do with the attackers)
lower the signal: check how far you realy need the signal to reach and set it so that anyone trying to grab it has to at least stand by your house and they cant do it in the comfort of theirs.
and.. a personal favorite set a decoy: use a second router conected to your first one, in that second one use a bandwidth limit (256k? 128?) set up a stupid password and no big security. This would be the password you give to visitors and the one you expect any onlookers to easily crack and the other one would most likely remain unknown to everyone outside your trust
of course... this is the product of paranoia and would best suit enterprise usage, but if you're paranoid about your neighbors there you go
In California you may execute a citizen's arrest if you witness a misdemeanor or have reason to believe someone has committed a felony.
I assume this is sarcasm...however just in case...
No state allows citizen's arrest for misdemeanors or the "belief" of a felony. Citizens arrests can be tricky. If you want to be able to perform one without being arrested yourself I suggest you learn more. Classes are available in many areas from various organizations.
Consider using WPA-enterprise requires a extra PC running a free program called freeradius.net for windows.
This is what I am using on my wireless network. also using 802.11A 5 Ghz band. and using MAC filtering.
I switched to WPA/AES - enterprise and 802.11A due to my neighbors trying to get access to my internet connection.
The RADIUS server was set up in Febuary 2010, several months after that I switched to 802.11A. this setup is working verry good so far
Are you talking about me?
Do not meddle in the affairs of geeks for they are subtle and quick to anger
1. Hide your SSID (this in itself requires crazy measures to get around, far beyond a script kiddie)
Utterly wrong.
Most skiddies will be using Linux (backtrack) with Aircrack-ng. Unknown SSIDs show their MACs up immediately. You don't need the network name to crack WiFi, just the MAC.
Do not meddle in the affairs of geeks for they are subtle and quick to anger
The problem with this entire answer is it's basically:
Hire an enterprise network admin or become a wifi hobbyist.
Neither is ever going to happen for the vast majority of users.
Opera, Proxomitron-Grypen,GPG 0x0A1C6EE3
1. spoofing an IP will not get you past MAC address filtering
You don't have to spoof your IP address at all. Just spoof the MAC address and let DHCP take care of the IP address.
This, sorry, that is what I originally meant.. thanks for correcting me
Then forget the logging part and just do the SSID and password bits. Those only have to be done on setup and can pretty much be forgotten about. The only other time you'd touch it would be adding a new device to the network, which isn't an everyday occurrence.
Learning HOW to think is more important than learning WHAT to think.
Maybe. My phone supports OpenVPN or IPsec, but I don't know about the PS3 or the Wii... and not having a "guest network" for visitors would be more than a little inhospitable. I've certainly had situations where I had a wireless home network with lighter security and a VPN running over it 24/7 (typically with that VPN's local endpoints being dedicated, work-only, company-owned machines).
If I knew I had the kind of situation discussed in TFA, I'd certainly go the extra mile... but absent that kind of urgency, I don't think that "VPN over wireless == VPN traffic *only*" necessarily follows.
A citizens arrest requires clear evidence of a felony.
That's what I said, reason to believe. If someone reports it to you, and they don't normally lie to you, then that's evidence.
Use of (legal) force during a citizens arrest requires an immediate threat of bodily harm.
That's true. But there are numerous ways to set up a situation to create that threat. Cops do it every day in order to excuse brutality.
You should learn more about citizens arrests.
I already had to learn about them, and read the relevant text, when I became a security officer. That was a long time ago, though. I'm not proud of it or anything, it is only the basis of my interest.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
If you need WiFi, and want security too, stop trying to implement layer 2 security and move on to layer 3. It is much more practical to set up your WiFi network so that it has no route to your network, the Internet, or anything else, and then use VPN software to establish a secure tunnel, which in turns gets you access to these things. IPSec VPN with AES-256 encryption has been around for quite some time, is freely available, and isn't in the news for being cracked on a weekly basis like WiFi was/is.
Toms Hardware had an article a few weeks ago about cracking encryption using GPUs. They concluded that as long as you're using a secure password, AES-256 encryption will keep your data safe well beyond the time you die, even against big multi-GPU clusters purpose built for password cracking. Of course, Moore's law has implications here, but as of *right now*, you would be hard pressed to find a method providing better wireless security.