Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
My problem is a neighbour who keeps running the same destructive scripts, although they add countermeasures to my efforts as well. The problem seems to be they attack wirelessly by both wireless and bluetooth during my first boot from a live DVD. So I''m lucky if I turn off radio beforehand. I'd like to add more security measures but am impeded from the 'get-go'.
I feel the only option is to use a desktop without radio hardware or move to the chilly garage, which may not stop them anyway.
They are connecting to my laptop faster than I can block network connections!
You can do two approaches:
- Invite your neighbor to some beers and discuss about his super hacking powers.
- Drop all your incoming connections on your firewall before you connect to your network and continue the fight with him.
You can learn to use Kismet; it's an IDS (intrusion detection system) for wireless, and take a look at Lynis which is a tool to audit your system. Then possibly you can make something kind of Wi-Fi kill script based on what Kismet finds (i.e. shut off your wireless if an intrusion is detected)..
Last edited by justmy2cents; 07-05-2017 at 10:17 AM.
If you have good cause to believe that your neighbor – or, his children – are maliciously interfering with your wireless network, then I would suggest several options:
(1) Change your wireless WPA2 password frequently!
(2) Use OpenVPN on your router to secure your internal network. Make sure that none of your computers will accept a connection.
(3) Contact your local police department on their non-emergency contact number to discuss the situation. Unless you know your neighbor well, the police can act as a well-known community authority who can contact your neighbor officially and mediate as necessary between the two of you to help resolve your problem.
It is against the law to use radio for "malicious interference" of any type.
My problem is a neighbour who keeps running the same destructive scripts, although they add countermeasures to my efforts as well. The problem seems to be they attack wirelessly by both wireless and bluetooth during my first boot from a live DVD. So I''m lucky if I turn off radio beforehand. I'd like to add more security measures but am impeded from the 'get-go'.
I feel the only option is to use a desktop without radio hardware or move to the chilly garage, which may not stop them anyway. They are connecting to my laptop faster than I can block network connections! I can't disable wifi or bluetooth in the BIOS.
Sorry, but this not only seems unlikely, but plain wrong based on what you posted. First, bluetooth has about a 30-60 foot range, if it has clear line of sight. Walls/etc., drop that off a HUGE amount, so your 'hacker' would have to be within probably 20 feet of your system to start with...and could only connect via bluetooth if you:
Put your system in pairing mode
Gave your 'hacker' the pairing code and/or clicked "ok" when it asked you if you wanted to accept/trust a new device
...and configured services to listen/work over bluetooth. Which isn't an easy thing.
Things like SSH, http, ftp, etc., typically don't work with bluetooth at all, and if they do, there are several configuration steps to go through first. Bluetooth supports basic file transfer and other 'easy' things, but scripts and interactive logins?? Nope.
And the whole "connecting faster than I can block network connections!" is even MORE unlikely. Even if you were using very weak encryption, getting a decent packet sniff using your run-of-the-mill tools, decrypting it, etc., would take a good amount of time...certainly hours, if not longer. There's not much you're saying here that seems plausible.
What is more likely is what others have pointed out: you're mistaking device configuration for "there's a hacker!" And if you truly believe this is the case, then contact the police and let them deal with the perpetrator.
Since Bluetooth devices operate in the 2.4 GHz spectrum, they use the same commodity antennas designed for WLAN devices. While vendors don't design Bluetooth dongles with external antenna connectors, some Bluetooth dongles such as the Linksys USBBT100 can be modified to accommodate an external antenna connector. By soldering on an external antenna cable, the range of a Bluetooth Class 1 dongle can be extended, allowing an attacker to connect to class 2 devices (intended for a range of 10 meters) from a range of over a mile.
Of course, this is only transmission. But DOS attacks need not wait for replies.
There are DOS tools contained in many of the Pentesting suites that seem to be able to make bluetooth useless in an area.
I agree that there is a strong possibility that the OP is mistaken. I am healthily skeptical that any neighbor would actually do that, even if they could.
Another possibility is – write a letter, and mail it. Be sure to sign it, and to include your return address and phone number, and say that you're the next door neighbor. Describe what you are seeing and invite the neighbor to respond to you however s/he sees fit. Be sure not to be accusatory in any way, just factual (as you see it), and knowing in advance that you could be utterly mistaken. For instance, describe what you are seeing and ask what your neighbor thinks might be the problem. (Who knows, your neighbor might be a brilliant network engineer!)
The problem seems to be they attack wirelessly by both wireless and bluetooth during my first boot from a live DVD.
Right when you boot? And this neighbor is already on your WLAN?
Or, is it not your WLAN to begin with? Is it his?
Granted, scripts could be running constantly. But it seems to me more likely that we're not getting the whole story here.
Why would a user knowledgeable enough to run a live DVD not think of changing his WLAN passphrase? Likely: He can't. Because it's not his WLAN to manage.
Why would a neighbor run such a selective script? Likely: Because he's trying to keep an intruder (perceived or real) off his WLAN.
I don't know either the OP or his neighbor. But this situation doesn't feel real as posted. We don't know something. That something may change what I see. But right now, this is what I see.
And if I see correctly, then the solution is for the OP to get his own Internet connection. The situation that I see qualifies as theft of service, which is a crime in many jurisdictions.
Basically I suspect it is a former work colleague who gets his kicks this way. I know this sounds a bit crazy, but if it is him, well let's just say he has seen a lot of psychiatrists. They are not helping him. Alternatively it is a long time resident in the suburb. Cheap fast internet. I don't know who is doing it.
There is also an interesting paper on this sort of hacking included. It has been estimated that bluetooth can reach 300 feet when an antennae is used.
"There are DOS tools contained in many of the Pentesting suites that seem to be able to make bluetooth useless in an area."
Thanks, I will look into it.
Just a few points. I no longer use wireless or bluetooth. Is there a way of booting without it being turned on? Also installing without it being turned on. I'm currently using Linux Mint 18.2 MATE version and opt to not turn on wireless. "rfkill block all" is run immediately on booting. Then I disconnect and delete their connection. They then DOS me, and / or delete drivers so I cannot use keyboard, touchpad, etc.
At the moment I'm actually getting good speeds using a 16Gb USB boot stick and running "dd if=/dev/zero of=/dev/sda.and firewall and rfkill. Of course they can't write a rootkit to unpartitioned hard drive.
They are using bluetooth and sniffers to connect to me - posing as an ethernet connection. I have reported it to ACORN - a govt body here in Australia, and Telstra and they have actually acted on it but this only bought me a respite for a few days. The hacker changed or were forced to change their SSID / provider and kept downing me several times one morning. They are simply a t..d who thinks they have some divine right to my computer and internet and to make it generally impossible for me to use the internet productively, and it is damn hard to get on with your life these days without using the internet. As a person with a multisystem disorder of connective tissue, I don't want to be traipsing here and there to do things, I should be able to do online. Also use my bluetoothed hearing aids with TV. They hacked the connection between my remote control unit and the bluetoothed transmitter on the TV and changed dates and times of preset recordings.
You have no argument with me that they are crazy psychopathic dicks. Unfortunately, unless you have encountered such people in your life, they do seem unbelievable. They have no reason to do what they do, they just get their kicks out of damaging other people out of contempt and envy. As I said, I don't know who personally, in a possible 300' radius is doing it. If you don't believe people like this exist, do a reality check and visit the criminally insane ward of a psychiatric hospital some time.
But back to why I came here. Any technical advice? I will check out those programs. Also,if they are hacking on booting a live DVD or shortly thereafter, would a DOS VPN actually stop this part? Although very useful if I can get to that stage and install stuff.
Thank you Habitual, exactly. Sundialscvs, thanks again, I have actually done a lot of this already. At this stage, short of banning him from all internet access, or jail, or psych ward admission, I don't believe they will stop. I think Telstra and the AFP have been able to identify them. Though you could be right,a couple of burly Qld police officers paying this gutless coward a visit, may however do the trick. I don't know who they are for sure. But they may know this.
SzBoardStretcher. Thank you for supporting me on this. I'll try to read those articles.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
A few things:
One, Bluetooth often doesn't even work under Linux and most certainly could be switched off before any issues occurred.
Two, if you change the password and SSID on your wireless router to something fairly strong it will take at least a few GB of traffic for your neighbour to find the password if at all. So, change it then install nd update the installed system immediately and you can install and use WiFi without fear of being intercepted, then you can change the password.
Three, if you have any actual evidence of this do as above and contact the police with the evidence.
I tend to think you're mistaken here and you've either some interference issues with WiFi and Bluetooth (such as a leaky microwave), you're not installing the chosen version of Linux correctly or you're mistaking a feature of your chosen distribution for an attack of some kind because you're not familiar with it.
1 I said I don't use wireless or bluetooth. They make a bluetooth to ethernet connection to me as shown in the above image and others I uploaded. Note also how quick the connection was made, even if on this occasion it had not been used yet.
I use ethernet over power line or ethernet including on my tablet. Besides what you say about wireless security reveals a distinct lack of knowledge on how it can be hacked by tools available in many distros of linux.
Bluetooth is most definitely available and usable in linux. If you can't use it, it doesn't mean other linux users can't. It is started by default in LM 18.1 and 18.2 at least.
It is far safer usually to not use wireless connection to change password on the router when ethernet is available. Sniffers.
As I said I have contacted the police, and together with other info they did act. I gave them the location in the street that my tablet would experience repeated DOS attacks and the SSID that showed the connection. One page on the router also showed the SSID of the neighbours connection, and with the tablet I was able to approximate their location.
What makes you such an authority on my experience and knowledge of linux. A microwave would not cause someone’s tablet to make a bluetooth to ethernet connection with my laptop. If anything it would cause disruptive interference.
Quite frankly, your lack of knowledge of linux and wireless technology hacking is astounding. Especially after you have been provided with articles about it. Either that or you are a troll.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.