How can I spy on 2 gits who are on my net?
- Thread starter FatRakoon
- Start date
is this april 1st? some sort of windup?
i just can't believe what i'm reading here.
ok accessing your network via unecrypted wireless is one thing. but your machines are in such a state, they're actually letting people delete files over the network? the mind boggles, it really does....
No, its not.
Well firstly, I have been running the network pretty securely ( I thought ) I had WPA and a thick name, and yet these guys kept getting into my network... No matter what I did, they could by-pass the key in minutes.
This really got to me.
So, for the last few days, I decided that I would leave it open in the hope that maybe I could get at them.
Then, I find out that I missed out on the most basic thing of all... My router password was the default one.
I assumed that because I had set everything to NOT be alterable via wireless, I didnt realise that the info could still be seen... I assumed that it could not via wireless as that what I had set, but it was still visible and therefore, all they had to do, was enter the WPA key as it showed...
I dont think taht was me being silly but rather missing out on something that everyone might have done at some time.
As for the police, we are talking North Wales police here. I could go on for hours and hours about stabbings, shootings, kidnappings etc, where no one has even been questioned, but you do 1mph over the limit they throw the book at you!!!!
Anyway, I have killed off the Wireless for now... I will enable it as and when I need it.
Thanks for the help guys.
They can't connect to the router until they connect to the wireless network, meaning they need to have the WPA key before they can log in. Having the router as default password is not nearly as insecure as you seem to think.
Well thats just it.
Some time ago I was told to use a stupidly massive PassPhrase and so I did.
Its now gone of course, but the one I used was
"everytimeidropmycecksthewifehasagoodlaughatmeforsomereason"
Pretty secure Id have thought, but as I have only just found out by having a play on my LapTop, that a simple 192.168.1.1 and entering admin/admin got me in... It also got anyone else in who wanted to see my PassPhrases / keys / etc etc etc.
I assumed that since I had selected the options to disable wireless management, that they could not see this...
I was wrong.
Its all gone now though.
How did they get in then?
I tried a number of things, Im not totaly thick when it comes to security, but each and every time I tried something, they were back in... In minutes too, not days, not weeks, but minutes..
Everything I did, they got in.
Everyone keeps sayign try WEP, try WPA, try WPA2, try sticking the router up my arse, I did all of this, but every single time I did something.... They got back in, is minutes.
The only thing I can think of, is that on one of my LAN PCS, there is soemthign sending my info out to them? - somethign that they were able to plant some time ago perhaps?
The next option I have, is to go round each of the LAN PCS one by one and go through them with a fine tooth comb and see if I can see somethign abnormal?
Other than that, I plain simply dont know.
Im only hearing stuff that I already know about, and its driving me up the wall!!!!!
Pretty vunerable to a dictionary attack I'd have thought.
I suppose though, it doesn't matter how secure the passphrase is if they are intercepting all the traffic between you and the router.
Best to have something with numbers and letters, and possibly other symbols too.
http://www.kurtm.net/wpa-pskgen/
Try that for something truely unbreakable(!)
Don't think theres anyway to crack a WPA key in minutes unless you set it to something really silly, like password.
What's more likely is that when they have been on your network, something has been installed on a PC which is giving them remote access over the net. I think your left with checking all your LAN pcs and seeing what's on them.
Also, just another thought but check that your router isn't configured to allow remote configuration. Previous router's that I have used have allowed me to set them up to be accessible from outside, so changing the WEP/WPA key would be a bit useless.
What's more likely is that when they have been on your network, something has been installed on a PC which is giving them remote access over the net. I think your left with checking all your LAN pcs and seeing what's on them.
Also, just another thought but check that your router isn't configured to allow remote configuration. Previous router's that I have used have allowed me to set them up to be accessible from outside, so changing the WEP/WPA key would be a bit useless.
Soldato
- Joined
- 18 Oct 2002
- Posts
- 8,282
- Location
- The Land of Roundabouts
Chances are there accessing your router via your external IP (I.E. if i put my IP into a web browser from anywhere in the world im prompted with my routers log in screen - Try it http://86.154.69.147). Then logging into your router using the factory defaults to see your wireless settings.
Might be worth asking your ISP for a new IP address, that should screw em over.
If your router is allowing anyone to see your settings without even logging into it then thats pretty shocking. What make and model is it?
Might be worth asking your ISP for a new IP address, that should screw em over.
If your router is allowing anyone to see your settings without even logging into it then thats pretty shocking. What make and model is it?
You should be able to stop them from being able to access you're router settings by not allowing users on the wireless network to manage settings.
In my Linksys router settings, I go to "Administration > Managment" then I disable "Remote Managment", so only PC's connected via ethernet can access the router settings.
If I were in you're situation, I would completely reinstall Windows (If you haven't done so already), change the default router password and enable WPA-PSK with a VERY strong password (I recommend using the following website to generate a strong pass: http://www.kurtm.net/wpa-pskgen/ I suggest you use the 63 characters pass generator).
I don't think it is possible to access you're router by external IP. I know it works if you try you're own external IP, but to others it wouldn't work unless they are connected to the router. I tried the IP given above and it just timed out.
Make sure you use a very good password and username for you're router login, and maybe change you're router name and SSID, not sure if that would help much though.
In my Linksys router settings, I go to "Administration > Managment" then I disable "Remote Managment", so only PC's connected via ethernet can access the router settings.
If I were in you're situation, I would completely reinstall Windows (If you haven't done so already), change the default router password and enable WPA-PSK with a VERY strong password (I recommend using the following website to generate a strong pass: http://www.kurtm.net/wpa-pskgen/ I suggest you use the 63 characters pass generator).
I don't think it is possible to access you're router by external IP. I know it works if you try you're own external IP, but to others it wouldn't work unless they are connected to the router. I tried the IP given above and it just timed out.
Make sure you use a very good password and username for you're router login, and maybe change you're router name and SSID, not sure if that would help much though.
Thanks again all.
What I am doing, is going through the entire LAN and re-formatting and reinstalling the PCs O/Ses.
I have also swapped over my routers, and at this time I have only my main AMD and this Conroe on the network... The others have all been unplugged for a bit.
I have only just reinstalled both these 2 PCs in the last 2 days and I will reinstall them both later on... So that even though I am probably wasting my time in doing so, I know I will be 100% happy and for a time, NONE of my PCs will be connected to the LAN and when they do, it will be with fresh installs and they will be network virgins as it were.
This will effectively kill off any chances of there being some rogue app running about my LAN.
Although I recon MS will wonder why all of a sudden a dozen PCs from the very same I.P will all be grabbing updates all at the same time... LOL
Im simply going to avoid wireless - I cant put it any simpler than that really.
What I am doing, is going through the entire LAN and re-formatting and reinstalling the PCs O/Ses.
I have also swapped over my routers, and at this time I have only my main AMD and this Conroe on the network... The others have all been unplugged for a bit.
I have only just reinstalled both these 2 PCs in the last 2 days and I will reinstall them both later on... So that even though I am probably wasting my time in doing so, I know I will be 100% happy and for a time, NONE of my PCs will be connected to the LAN and when they do, it will be with fresh installs and they will be network virgins as it were.
This will effectively kill off any chances of there being some rogue app running about my LAN.
Although I recon MS will wonder why all of a sudden a dozen PCs from the very same I.P will all be grabbing updates all at the same time... LOL
Im simply going to avoid wireless - I cant put it any simpler than that really.
Soldato
- Joined
- 17 Aug 2003
- Posts
- 20,160
- Location
- Woburn Sand Dunes
wireless is secure enough if you secure it lol. firewalls on the pcs on, firewall on the router on, wpa2 encoded wireless and your own login+password for the router. it'll make your netowrd secure enough for most people not to even bother with it. there's really no need to avoid it just because you didnt look it down last time
there's really no need to avoid it just because you didnt look it down last time
True, but the amount that I do use Wireless is very little... Losing Wireless isnt really going to kill me as its deathly poor against Ethernet anyway.