Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Dealing With an Advanced Wi-Fi Leech?

Posted by Soulskill on from the call-the-internet-police dept.

An anonymous reader writes "Recently, I had found out (through my log files) that my wireless router was subject to a Wi-Fi Protected Setup (WPS) brute force PIN attack. After looking on the Internet and discovering that there are indeed many vulnerabilities to WPS, I disabled it. After a few days, I noticed that I kept intermittently getting disconnected at around the same time every day (indicative of a WPA deauthentication handshake capture attempt). I also noticed that an evil twin has been set up in an effort to get me to connect to it. Through Wi-Fi monitoring software, I have noticed that certain MAC addresses are connected to multiple WEP and WPA2 access points in my neighborhood. I believe that I (and my neighbors) may be dealing with an advanced Wi-Fi leech. What can I do in this situation? Should I bother purchasing a directional antenna, figuring out exactly where the clients are situated, and knocking on their door? Is this something the local police can help me with?"

6 of 884 comments (clear)

  1. Change Password by pellik · · Score: 5, Interesting

    Brute force attacks take time, lots of time. Just start changing your key every week and he will probably go away. Having your computer run 96 hours to get a password that then changes 72 hours later just isn't worth it, even for a criminal. If he keeps at it then someone just enjoys the challenge, and you should hunt them down just for the mystery.

  2. Tinfoil hat cure by Nefarious+Wheel · · Score: 5, Interesting

    Make a little shield with a bit of foil and a coathanger. While tracking the incoming attempts, shield your WAP from various directions until it stops. Gives you a direction, and you can bend the coathanger into a little stand to hold the shield in place next to your WAP. It's likely to be in the direction of a near wall, isn't it?

    Amazing stuff, tinfoil.

    --
    Do not mock my vision of impractical footwear
  3. Re:Some ideas by Anonymous Coward · · Score: 5, Interesting

    Knock up a cron job to change your WPA2 key every 24 hours. Use a QR code generator to print out the code on paper for your new key every morning, so you can just snap it with your phone and you're on. He'll get bored of trying to break something that changes faster than he can break it, and he'll move onto someone else.

    Agree also with disabling wireless at the times he uses it, and when you're not, if this is feasible for your lifestyle.

    And 5GHz also sounds sensible.

    If you do find out who he is, change your SSID to *his* name and address. That should freak him a bit.

  4. Re:Does your router support captive portal? by demonlapin · · Score: 5, Interesting

    Calling local ham radio enthusiasts would probably lead to some very entertaining results.

    The most memorable story I've ever heard along those lines was that a couple of hams had access to a fairly large dish antenna and were setting up some sort of satellite communications (for work, not play). A guy nearby was running a horribly unshielded CB amplifier that was crapping all over their signal. They told him to knock it off. He refused. They pointed out that he was blowing way past FCC limits on transmission power. He ignored them. They pointed the dish straight at his shack and transmitted maximum power at it. Within a few minutes smoke was pouring out of it... bet you could fry a router pretty easily.

  5. Re:Figure out where he is located by Anonymous Coward · · Score: 5, Interesting

    Yes, the nerdy solution is to pull the cavity magnetron out of your microwave oven, add a highly directional antenna to the waveguide output, fire that baby up, and blow out the RF stage of his router. Extra nerdy points for plating/honing the cavities to re-tune the cavity magnetron tube to the correct wi-fi frequency (the diameter of the cavity is determined by c=f/lambda where c is the speed of light, f is the wi-fi center frequency, and lambda is the wavelength. Remember, electrons circulate (because of spin=1/2) around the hot cathode, and the basic operation is like that of a whistle or pop bottle (small amount of air moving across opening resonates according to the size of the bottle / small amount of electrons moving across the opening resonate according to the size of the cavity, remember that air is a pressure wave and travels slow, electrons and em radiation travel at the speed of light). Its been too long since I studied radar/electronics engineering.

  6. Nah, teach the little hacker about malice. by xQx · · Score: 5, Interesting

    Do a quick search online to get hold of some identity theft / credit card harvesting malware and modify it so it sends the capture to you.

    Then, setup a transparent linux proxy server that replaces any executable file downloaded with your malware, and put it between your internet connection and an open wireless network.

    Let the little turd use your free wifi internet to his heart's content, and wait for him to install the malware when he's trying to install something legitimate. Then, wait for your malware to send you the details of who he is, what his credit card numbers are etc.

    Finally, go to the local coffee shop that gives out free wifi with every coffee purchased, and drop all those details you collected on pastebin.

    Problem solved.