Do you have a laptop or a smartphone with a wireless network (wifi)? Do you have neighbors? Turn on the wireless network function and search for access points. Chances are good that you will find at least a couple or three with different signal strength depending on how far away they are. Your own access point, and that of your nearest neighbors.
Most of these access points are a door into someone’s private local home network, where connected computers share an Internet connection and perhaps a printer or home server, as well as share various libraries on the local hard drives. Like all doors, they can be locked or unlocked, and the quality of the locks varies widely.
– The first thing you have to remember is that it is not enough to just password protect your wifi. So-called wep protections are very easy to crack. The login password is sent in clear text between computers and the router at regular intervals. If you only have the right tool to “listen” to the data traffic on a wireless network, you will find this information, even if the rest of the traffic is encrypted, says Marco Stenvall, product manager at D-Link.
Passwords are cracked
The right tool is not advanced, no special antennas or complicated hardware is required. The Wifi receiver in a regular computer is just such a piece of hardware. You don’t have to be a skilled hacker either. On the internet there are programs to download that do the job. What is needed is a good grasp of concepts such as IP numbers, mac addresses, routing and the various wireless security methods.
Even more advanced wireless security such as wpa and some networks with wpa2 can be outsmarted, although it may require more advanced software, more knowledge on the part of the hacker, and more time. If it is not possible to find out the network’s encryption key by eavesdropping on the traffic to and from a router, there are other ways to hack in. A common way is with a so-called brute force attack. In short, this means that you try to log in again and again with different passwords until you find the right one.
– Brute force programs use dictionaries of the most likely words and character strings for a password, and have different methods for combining them. The more common the password, the greater the risk that the attack will guess correctly, says David Jacoby, security expert at Kaspersky.
For example, dkvE58_ht1 is a many times more secure password than oskarshamn or gunnar123, even if the thing that tries to guess the password is an automatic script program.
– Therefore, we recommend that you use the most strict security method that the router and the computers you want to connect to it can handle, mostly wpa2 with aes encryption. As a password, you should choose one that is sufficiently long, that does not contain any recognizable words and combines upper and lower case letters, numbers and special characters, says Marco Stenvall.
Basically, you should manage and think of your wireless network like your house. You can lock the door, but that doesn’t stop someone from breaking a window and getting in anyway. What you can do is cause as much trouble as possible for someone else to get in. Your best defense is to make it so time-consuming to break into your place that it’s not worth the trouble.
Secure with mac address
There are several methods to secure the network. Many better routers allow you to filter access to the network using so-called mac addresses. A mac address is a code that is unique to each network card that connectsr to the router. If you have a list of approved mac addresses, it is not enough just to trick your password to get in. There are indeed ways to fake even mac addresses, but it requires more knowledge and advanced tools for the hacker.
– Then it is of course important that you have good security on your computers. Attacking the wireless network is just one of many ways in, there are more ways to get into your network. Client security is extremely important, many spyware and other malicious code can enter the computer via vulnerabilities in, for example, your browser, PDF reader, plug-ins, e-mail and chat programs. These attacks can be exploited regardless of how secure the router is set up, says David Jacoby.
So what could happen if your Wi-Fi were to get uninvited guests? Yes, an unauthorized user on a network is just as “in” as anyone else and can do the same things as anyone else who is connected, regardless of whether it is via Wi-Fi or with a fixed cable in the router.
You are being used for crimes
The easiest – and perhaps also the most dangerous – thing someone can do with your wireless network is to exploit your Internet connection. It may sound innocent – an uninvited guest surfing the parasite instead of paying himself is possibly unfair, but hardly dangerous?
In most cases yes, but a connection can be used for many things that are illegal. Hacker attacks, spam, espionage, threats and harassment, copyright infringement, distribution of child pornography and much more. In serious cases, the police may trace the activity to the original IP number and to you who owns the subscription. Then the real villain has long since logged out and cannot be traced.
Anyone on your network can also access any folders, network drives, printers, and other things that you or other users have shared. If the hacker is inside a network, he is, in short, an equivalent user and can see exactly everything that its regular users can. If you have not controlled access to folders and servers with accounts and passwords in turn, the uninvited guest is free to snoop.
Protect distributed directories
– It is also possible to access password-protected directories, there are several simple tools you can use. It is actually quite difficult to protect yourself against this, but an easy way is to use strong passwords here as well, and to set that only certain computers can access the distributed folders, says David Jacoby.
However, these settings depend on what kind of operating system you have, so if you mix Mac, Windows and Linux at home, it can cause some problems. It is also possible to block access to computers with their IP numbers. Even that is, however, rather impractical in a home network where these are mostly distributed dynamically.
With the right skills, there is a risk that a sufficiently skilled hacker can get even further into the computer.
– A Windows PC has a number of services running by default, and vulnerabilities in them can be exploited by a sufficiently skilled hacker
to access your computer. That’s why you should always install the latest updates to Windows and your computer’s security software, says David Jacoby.
Interception in the air
Additionally, in a Wi-Fi network, there is another way a hacker can access private information, namely by directly monitoring others connecting to the wireless access point. In theory, you can listen to everything that is sent back and forth between the router and the computers.
In practice, it takes place via a so-called man in the middle attack. This means that the hacker’s computer goes between your computer and the router. First, it figures out how you and the router look to each other, and then it creates a fake user that looks like you, and a fake router.
By disrupting the traffic between you and the router, the hacker causes your computer to temporarily lose contact, and can quickly wedge itself between the user and the router. You think you’re talking to the router and the router thinks it’s talking to you. You continue to surf, read emails, use the printer and so on, but in fact all traffic now goes through the hacker’s computer.
The hacker can now see everything you do on the network in real time. What web pages you visit, emails sent, Windows Live Messenger traffic, files read from or sent to shared folders, and so on.
Another risk with this is that the hacker’s computer might not just send the traffic from the router to you, but modify it. If you go to a certain web page, you may be redirected to one written by the hacker. It still says “facebook” in your browser window, but in fact the page is on the hacker’s computer.
The best protection here is to do nothing on a wireless network that is worth “eavesdropping”. If you are going to use sites with password logins or enter sensitive information such as credit card numbers, double check that they use the https protocol and not just http. Then usernames, codes and more are sent encrypted between you and the web server. A good and well-updated virus protection also helps, as it can help detect known malicious URLs and other attack methods.l
That’s how easily we broke into a protected network
Is it really that easy to get into a wireless network? Can anyone with a laptop and the right software hack a wifi and then spy on their neighbors? To find out, we took a laptop under our arm and sat down within good signal distance of a completely normal home network with wifi and wep security.
We of course had permission from the owners of the network and the individual computers to try, and they knew when we were doing this. But we knew nothing about the network, neither the password, the name of the access point, nor the names of computers and other devices on the network.
Our computer was prepared with programs that we had received tips from our security experts, and which were very easy to find on the internet, as well as very helpful instructions on exactly how to do to proceed.
Identify the network
The only problem was tricking out which of the access points we found when we did a search was the right one. But after changing position a couple of times it was obvious which ssid (network name) consistently had the strongest signal.
Then it was just a matter of getting started. We started the first program, which started monitoring the traffic on the access point, and after a couple of minutes it had found the correct wep key. This happens at different speeds depending on how much the network is being used at the time. The more people who are connected and the more traffic, the faster it goes. Then it was just a matter of connecting as usual, keying in the code and logging in.
Once inside we didn’t find much. Our network had several computers, but only one with a shared folder, and it was empty. There was also an openly distributed network printer that we had fun installing and printing on.
So on to the spying. Could I, as an ignorant amateur hacker, really carry out such a man in the middle trick and see everything that was surfed, emailed and so on? It turned out to be frighteningly simple. With step-by-step instructions we found online, we were up and running quickly. Here we needed two programs, one that carried out the hack itself, and one that analyzed the traffic that then passed through my computer.
Here too, finding the right device to hack was the hardest part. The computers were identified by IP numbers and by cryptic designations that told me nothing. So it was to take a chance, pick an ip number from a list at random and see what happened.
After a couple of attempts (I think the first “computer” I tried with was the printer) my computer had become a “router” for one of the computers
in the home.
In the packet analysis program, I could now see a lot of network traffic of various types. For example, browser calls to facebook.com, dn.se and gmail.com. I could also read, character by character what was sent and received. There was nothing interesting to see on Gmail, because the traffic goes over https and is encrypted.
In the web traffic to other domains, I could actually read the occasional line of text. The program we used didn’t allow us to piece together downloaded web pages or images, read entire emails, etc., but all the information is there, and there are programs that do.