Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
10-02-2006, 01:58 PM
|
#1
|
Member
Registered: Jan 2004
Distribution: Suse, Red Hat
Posts: 129
Rep:
|
Cable company - wifi unused crack?
Hello I just got cable internet and the cable company put in a wireless cable modem in my house. I do not have any wireless devices nor have any plans to have them.
My question is whether any one can break in to use my internet if I do not use the wireless functionality. (Apparently it must stay on with a wep key) They wouldn't let me turn the wireless off even though I am not going to use it!
I have heard to crack a network you need packets ie data transferred from the access point to a client to do this. Is it possible to crack if no one has the wep key and no one ever connects to this device.
I had a friend do a scan of my network and when he tries to connect to my ap (with a false wep key) it does send one or two packets of data.
So is it possible to crack this ap?
|
|
|
10-02-2006, 02:30 PM
|
#2
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
as i understand it nothign is impossible, but it's amazingly unlikely if you have a 128bit key on there. as you mention, you conventionally crack a wep key by sucking out of the air enough encrypted data to be able to guarentee that use can find a commonality in it and gain access. obviously a 64bit key works the same but is massively more susceptible. But without that data, they're onto a dictionary attack pretty much, and i really wouldn't worry about the changes of them managing that.
|
|
|
10-02-2006, 04:22 PM
|
#3
|
Member
Registered: Mar 2006
Distribution: RHEL, Fedora, Ubuntu
Posts: 32
Rep:
|
Quote:
Originally Posted by Xerop
Hello I just got cable internet and the cable company put in a wireless cable modem in my house. I do not have any wireless devices nor have any plans to have them.
My question is whether any one can break in to use my internet if I do not use the wireless functionality. (Apparently it must stay on with a wep key) They wouldn't let me turn the wireless off even though I am not going to use it!
I have heard to crack a network you need packets ie data transferred from the access point to a client to do this. Is it possible to crack if no one has the wep key and no one ever connects to this device.
I had a friend do a scan of my network and when he tries to connect to my ap (with a false wep key) it does send one or two packets of data.
So is it possible to crack this ap?
|
While several gigabytes of data is needed to crack WEP (regardless of key length, so don't feel that you are more secure by using a 128 bit WEP key), this is easily accomplished by generating WEP IV's using tools readily available on the web, most notably aireplay ( http://aircrack-ng.org/doku.php). Using this technique it is possible to crack a WEP key in under ten minutes (and that's generous). If the cable company will not disable wireless access or turn on WPA2, there are very few options available to protect yourself from intrusion.
Last edited by abegetchell; 10-02-2006 at 04:26 PM.
|
|
|
10-02-2006, 04:44 PM
|
#4
|
Member
Registered: Jan 2004
Distribution: Suse, Red Hat
Posts: 129
Original Poster
Rep:
|
to my knowledge though aireplay can't really help because it needs an ARP packet. The correct ARP packet can only come from a client that successfully connects... taken from http://www.aircrack-ng.org/doku.php?...8b1428813f48d3
no one will be using this ap except for potential intruders.
quote:
Quote:
ARP works (simplified) by broadcasting a query for an IP and the device that has this IP sends back an answer. Because WEP does not protect against replay, you can sniff a packet, send it out again and again and it is still valid. So you just have to capture and replay an ARP-request targeted at the AP to create lots of traffic (and sniff IVs).
|
unless the offender can think of a way to make the ap talk I dont think much but bruteforcing can help. Although as I mentioned earlier the ap does talk (send a few data packets with IVs) if someone is connecting to it with a false key..
Last edited by Xerop; 10-02-2006 at 04:48 PM.
|
|
|
10-02-2006, 04:46 PM
|
#5
|
Member
Registered: Jul 2006
Location: Runcorn, England
Distribution: Ubuntu 6.06 & 6.1, Mandriva 2007, Knoppix
Posts: 72
Rep:
|
Just as a suggestion, does your wireless cable modem have an option to limit access to specific the specific mac addresses of the computers connected via cable?
I'm sure if that would make the overall system more secure, but it may just add a minor extra bit of security.
|
|
|
10-02-2006, 05:00 PM
|
#6
|
HCL Maintainer
Registered: Jan 2006
Distribution: (H)LFS, Gentoo
Posts: 2,450
Rep:
|
Just as another suggestion: if push comes to shove, just wrap your modem/ap in tin foil . Seriously. Think about it.
|
|
|
10-02-2006, 09:47 PM
|
#7
|
Member
Registered: Jan 2004
Distribution: Suse, Red Hat
Posts: 129
Original Poster
Rep:
|
Good idea a metalic net would do the trick... the broadcast wouldn't even get 10 feet away from it... sweet problem solved! ^_^
Thanks for your help!
|
|
|
10-02-2006, 11:15 PM
|
#8
|
Member
Registered: Nov 2005
Location: New Jersey, USA
Distribution: SuSE
Posts: 492
Rep:
|
Just for the same of discussion...
1) If you can adjust the router's settings, set a 128-bit key, or use a randomly-generated alphanumeric password. That'll help any brute-force attempts.
2) Disconnect the antenna.
3) As to the metal shield - it's going a bit overboard, and the wires in and out would defeat some of the usefulness, but you want a Faraday cage
|
|
|
All times are GMT -5. The time now is 04:28 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|