Soldato
- Joined
- 4 May 2004
- Posts
- 3,270
There's still a lot of plaintext information being broadcast for anyone to sniff. Not all sites use SSL for logins (ocuk forum being one). Some pop3/FTP take plaintext passwords.
people with unsecured internet networks?
- Thread starter beachBOYken
- Start date
There's still a lot of plaintext information being broadcast for anyone to sniff. Not all sites use SSL for logins (ocuk forum being one). Some pop3/FTP take plaintext passwords.
How can someone "snoop" for your MAC and spoof it?
My understanding (as basic as it is) is that the MAC address filtering only allows hardware with the MAC address input into the router to access the network!?!?! - Is this not the case?
StevieP
Soldato
- Joined
- 28 Nov 2004
- Posts
- 16,024
- Location
- 9th Inner Circle
Your computer has to send its MAC address out. How else would the router know it is on the "approved" list?
Sniff that and then spoof it (with software) and jobs a good one...
My neighbour who I, and the whole street wish would die of a coronary or something has an unsecured wifi network, I was almost tempted to connect up and download all the usual suspect software that has Davenport Lyons et al sending out letters.
OCUK login is still safe, sniffing won't get you login details. But yer even after login you can steal the session, same with a fair few SSL sites as well that only use SSL for initial login authentication.
Anyway it's not a difficult call. If you have the knowledge on how to secure it you will do it, there's no reason not to (benefits > risks etc)... And if you come across a neighbour or similar that doesn't have the knowhow you should point them in the right direction rather than screwing them over and using services you haven't paid for.
Soldato
- Joined
- 3 Oct 2009
- Posts
- 19,893
- Location
- Wales
At home i could connect to about 3 unsecured networks, quite foolish of people.
Your computer has to send its MAC address out. How else would the router know it is on the "approved" list?
Sniff that and then spoof it (with software) and jobs a good one...
I always thought MAC address filtering was quite secure!
So really, unless there just happens to be someone "in the know" sat within a reasonable distance, with an evil glint in their eye, wont they just try to connect to my seemingle unsecured network, fail, and move on??
StevieP
I always thought MAC address filtering was quite secure!
So really, unless there just happens to be someone "in the know" sat within a reasonable distance, with an evil glint in their eye, wont they just try to connect to my seemingle unsecured network, fail, and move on??
StevieP
Basically yes, unless you've either got something worth the time and effort to snoop on or they are really hell bent on getting into your network.
If you put enough of these simple things in the way generally people will just move on to another network where it doesn't require as much effort to get onto.
Why bother with all the hassle to connect to your network when next doors is wide open.
If someone really wants to get on your network and they have the know how then there's a good chance they probably will anyway somehow
Associate
- Joined
- 19 Jul 2010
- Posts
- 1,154
I broadcast mine as "Virus Loader" for your general neighbour type person i reckon just the word Virus is enough to make them think twice about clicking on it 
If you have purchased your own internet connection including associated equipment, it is your responsibility to secure it (or not) to how you see fit. Having a insecure wireless network normally falls into two groups:
Lack of effort/Cant be bothered: If you feel you have nothing to lose from having anyone connect to your network/too lazy to configure it.
Lack of education : This is a very overlooked aspect in my opinion. Some people simply don't know how to secure their network, and some routers will broadcast a insecure wireless signal out of the box *cough* crappy o2 Thompson router *cough*.
I think it's important to make this distinction. For me, I just use WPA2 and SSID on, my brother does the same but with added MAC address filtering.
At my previous place my neigbour had their wireless without encryption and with a default router password and shared folders on their machines.
Lack of effort/Cant be bothered: If you feel you have nothing to lose from having anyone connect to your network/too lazy to configure it.
Lack of education : This is a very overlooked aspect in my opinion. Some people simply don't know how to secure their network, and some routers will broadcast a insecure wireless signal out of the box *cough* crappy o2 Thompson router *cough*.
I think it's important to make this distinction. For me, I just use WPA2 and SSID on, my brother does the same but with added MAC address filtering.
At my previous place my neigbour had their wireless without encryption and with a default router password and shared folders on their machines.
Soldato
- Joined
- 28 Nov 2004
- Posts
- 16,024
- Location
- 9th Inner Circle
I always thought MAC address filtering was quite secure!
StevieP
Nope but it is more than enough to put Mr Average off. Somebody who wanted to get it would do this easily (I've done this as a proof of concept
). Add a long WPA2 passkey and they won't. Firesheep is just a fancy GUI for what's been done for years, it's nothing new what so ever. Just an attempt for media attention for old tricks.
Soldato
- Joined
- 28 Nov 2004
- Posts
- 16,024
- Location
- 9th Inner Circle
I hope that it helps force sites to use full security as now the everyman can 'hack'.