What network information can a hacker find

armatage · 17 Feb 2007 at 10:52

I have just replaced my wireless card so that I can use WPA encryption again. The aerial on my old one broke and I've had to use an old USB adapter that doesn't support WPA encryption.

I have changed my internal IP range to 192.168.55.x and I'm thinking of changing my sebnet from 255.255.255.0 to 255.255.255.247(29 bit)so that it will only support 6 items on the network.

What I want to know is can a hacker find out what IP and subnet ranges I'm using just from sniffing my network? what other info like MAC address can they find? and will changing my IP address and subnet make a difference?

I still using DHCP but have restricted the IP address it dishes out to 2 addresses.

DON'T want to know how hacking is done but I have a pretty good idea and read that FBI display a few months ago where they broke 128bit WEP in 3 mins :O

csmager · 17 Feb 2007 at 11:05

You're right - even someone with no experience can break 128-bit WEP in 3 minutes. It's just insecure by design.

WPA with a long enough, random enough key would take many, many years to crack - as the only option is brute force. So i really wouldn't worry about it.

Even with the best encryption, it's still possible to find out the MAC addresses of your clients without decryption, it's possible to find out the SSID in seconds even if it's hidden, and if encryption gets broken it's then easy to find out what IPs you're using. So all of that isn't much use - just stick to WPA and leave everything behind it as normal.

armatage · 17 Feb 2007 at 11:11

csmager said:
You're right - even someone with no experience can break 128-bit WEP in 3 minutes. It's just insecure by design.

WPA with a long enough, random enough key would take many, many years to crack - as the only option is brute force. So i really wouldn't worry about it.

Even with the best encryption, it's still possible to find out the MAC addresses of your clients without decryption, it's possible to find out the SSID in seconds even if it's hidden, and if encryption gets broken it's then easy to find out what IPs you're using. So all of that isn't much use - just stick to WPA and leave everything behind it as normal.

cool cheers. so if they can't break the encryption theres no way of finding out the ip/subnet ranges? But I suppose if they can't crack it then theres no point in knowing them anyway

csmager · 17 Feb 2007 at 11:23

armatage said:
cool cheers. so if they can't break the encryption theres no way of finding out the ip/subnet ranges? But I suppose if they can't crack it then theres no point in knowing them anyway

Nope - but even if they'd managed to find your IP range, does it really matter if they can't decrypt anything?