Being hacked... How can I get him back?

Status
Not open for further replies.
zen62619 said:
go around his and give him a good hiding, smack him all over till he bleeds :) he wont do that again haha.

No , seriously just hide SSID, and use mac filtering.
Click to expand...

It really worries me the number of people that think this will help :/
 
norm said:
Yes it will if you are far enough away.

Always so quick to contradict people Toilen.
Click to expand...

I think that's the whole point! And by the way, I've never known toilen to be wrong :p
 
Turn off DHCP; give all your machines static IP's.
Change the network address to something like 172.18.168.0/24.
You can even change the subnet mask to something like 255.255.255.192.
In this case then you can give the router an address of 172.18.168.65 with your hosts from 66 -126.

Then even if he can spoof the MAC address and crack the wireless key he won't be able to do much without guessing the right address to use.

Hiding the SSID does absolutely nothing to stop somebody who knows what they're doing.
Every time a client authenticates on your wireless network the SSID is sent as clear text. If you're sniffing with kismet it's quite easy to find.
 
Pint said:
Turn off DHCP; give all your machines static IP's.
Change the network address to something like 172.18.168.0/24.
You can even change the subnet mask to something like 255.255.255.192.
In this case then you can give the router an address of 172.18.168.65 with your hosts from 66 -126.

Then even if he can spoof the MAC address and crack the wireless key he won't be able to do much without guessing the right address to use.

Hiding the SSID does absolutely nothing to stop somebody who knows what they're doing.
Every time a client authenticates on your wireless network the SSID is sent as clear text. If you're sniffing with kismet it's quite easy to find.
Click to expand...

Once he's connected to the network you can sniff packets, establish what IPs everything is connected to and go.

I tried it just now, set my network card to an invalid IP outside the router's subnet then captured packets for 5 seconds using etheral. The 22nd packet captured was a tcpip packet with a valid IP.

Really, WPA/WPA2 is all you need.
 
WPA or WPA2 will do the job. Mac filtering and hidden SSID broadcast will slow someone down by maybe a minute each, not worth bothering with.
norm said:
Always so quick to contradict people Toilen.
Click to expand...
99.9% of the time he's spot on. Although tbh, with WPA2 you wouldn't need to turn the power down.
 
The dude (the hacker) is clearly an idiot

Too early to say, but me dumping a load of stuff onto his SHARED folder last night has probably shown him that I have at least soem access to his PC.
Click to expand...

Best wireless security = WPA2 and hidden SSID (better then exposed I guess) and mac filtering (doesnt really do much) and RADIUS/TACAS+ (dot1x).
 
fumbles said:
Best wireless security = WPA2 and hidden SSID (better then exposed I guess) and mac filtering (doesnt really do much) and RADIUS/TACAS+ (dot1x).
Click to expand...
That's overboard tbh. If he can get past WPA2 then Radius doesn't stand a chance ;).
 
Revenge? A simple way.. autorun.inf in the Shared Docs folder. :D

Copy one from a bootable CD. Or enter the following in a text file:

[autorun]
open=runsomething.exe


This allows you to start a batch file, or run a program when he ties to look into his shared folder. This needs Autorun to still be enabled, but a nice simple way of hitting someone who leaves shares open. :)

Rig it to delete a few important system files.... :D


BTW - WEP is trivially easy to hack due to an error in the encryption algorithm. Only takes a few minutes as you have seen. Whereas WPA will take a LOT longer. Especially if you change the key once a month. (And keep it nice and long and messy.....) :D
 
Well, I can get access to his Shared folder...

Last night, from about 1:30am until about 2:30am ( roughly one hour ) I had access to his Shared folder again.

To be fair though, I did rename my router back to linksys ( The default of course ) and turned everything back to stock, and removed the WPA and only a short while later. I saw him there...

This guy MUST be an idiot, cos the files I dumped there the other day, are still there????!!!! - Ok, I have hidden them, apart from one... a Simple text file saying that "I am watching you", but if he knew they were there, then he surely must have deleted them or at the very least, left me a message on there, but no! - So, he is a dick, thats a given.


Ok, WPA, has proven to me that he cannot get in... Messing about proves that I cannot get into my own LAN without it too, so thats ok for now.

Right, so given that I know I can access his Shared folder, how can I get to his root?

His PC is named Sorfleets Football Frenzy, or at least his Shared folder is showing as

SharedDocs on Sorfleet's football frenzy

and the network location is coming up as

\\NOME-X9LE8QAMH1\SharedDocs
 
Status
Not open for further replies.
Back
Top Bottom