Hacked in under 5 minutes: How to protect your wireless LAN

I went to my parents house last week to investigate a problem with their internet connection running at prehistoric speeds only to find that some cheeky hacker had cracked the security code (64-bit WEP Key for the geeks) and was using Mum’s internet connection.

I will admit, as embarrassing as it is that it was me who set the wireless modem up! I guess I got a bit lazy and rushed through the configuration thinking that no one would really bother trying to hack the connection. The house is located in a sparsely populated area on a 5-acre block of land, surely they wouldn’t even be able to pick up the signal without some kind of powerful external antenna! Well, I could not have been more wrong.

If you know anything about wireless technology you will know that WEP (Wired Equivalent Privacy) is bad news. A quick Google search on ‘hacking WEP keys’ reveals a plethora of resources for hacking your way on to somebody else’s wireless network and it gets worse, most of the software used is extremely easy to operate. Anyone with a wireless equipped laptop and a bit of spare time will be able to crack your keys in no time.

The way they crack the keys is to intercept data (packets) being broadcast from your wireless modem using special software like Wireshark or CommView. The captured data is saved to a log file and then imported into another program, Aircrack-ng is one popular set of utilities for doing exactly this. Depending on the amount of packets that were intercepted the program is able to analyse them and work out the encryption key in minutes. By the way I take no responsibility for what you do with this information.

So how do you protect yourself against such attacks?

Firstly don’t use WEP. Most wireless modems and routers these days are capable of what is called WPA2 (A note for Windows users, you will need atleast Service Pack 2 installed and download the WPA update to use WPA2). You may notice that there are a few implementations of WPA2. WPA2-PSK is the preferred one for home networks as it doesn’t require any other authentication servers or anything fancy.

WPA2-PSK (Pre-Shared Key) works in much the same way as a WEP key but uses a much stronger encryption algorythm (AES) which makes it much harder to crack! I would like to explain how to configure this security but there are so many different types of modems out there it would be just impossible to please everyone. A quick read of the manual or a google search on “Configuring WPA2” should cover you, there are many good configuration articles out there.

A second step in securing your network would be to turn off your SSID (Service Set Identifier) broadcast. Broadcasting your SSID advertises to the world that you have an active wireless connection. By turning this off you obviously stop publically advertising the existence of your network so unless somebody already knows about your wireless network or uses specialised software like NetStumbler, they won’t even know your WLAN exists in the first place. This may cause would-be hackers to bypass your network in favour of an easier target elsewhere. Be careful though, doing this alone will not make your network secure! It should be a secondary step after implementing WPA2 encryption.

Once you have disabled your SSID broadcast all the computers connected to your wireless network must be manually configured to connect to your WLAN.

Thirdly you can implement MAC address filtering which is ok for smaller networks that don’t have new devices connecting to them frequently. The way this filtering works is similar to giving a security guard a list of names and when somebody tries to gain access they compare the person’s name to a name on the list. If they are not on the list they are denied access.

Every network device ever manufactured has it’s own unique ID or MAC address which is hardcoded into it. You can obtain MAC addresses off other routers and modems by looking at the label sticker on the bottom of the device or the MAC address of your network card in Windows by opening a command prompt and typing in ‘ipconfig/all’. Most wireless modems support MAC address filtering however each time a new device needs access to the network it’s MAC address needs to be added to the list. This can be a pain to administer but it does give you an extra level of security.

A sophisticated hacker may be able to watch your network for authorised MAC addresses and then essentially forge it thus gaining access.

If you have any questions please ask me in the comments.

Thanks for reading

Linksys, Belkin, Netgear

Wireless Security
In-depth look at wireless security

6 thoughts on “Hacked in under 5 minutes: How to protect your wireless LAN”

  1. Excellent! It’s good to know that it was of use to someone. Good luck with your assignment and thank you for your comment.

    – Ben

  2. i’ve had to knock a hacker off my wireless twice now. i’ve implemented all of the above except for hiding my SSID (i can still “see” it as “[hidden]” in several WiFi scanners, so i doubt the usefulness of “hiding” it … unless i change the name to something equally unique like the passphrase, but doesn’t the SSID get sent out once in a while, regardless of not being broadcast? … anyway). long, complex passphrase. he still gets in.

    isn’t there something out there to locate which of MY MAC addresses he’s spoofing? find his IP and try to hack back at them? or some other kind of DDoS flooding to knock him off the air?

    i realise that attempting to notify any kind of law enforcement is worthless, as they probably wouldn’t do anything unless i can establish some actual damage in the range of $6k or more.

    but there ought to be some kind of way to either hack back … or locate which apartment neighbour is the culprit and send them C&D letters.

  3. thank you very much for the great info
    a noob question; I was wondering if hackers could change their device MAC address to 00:00:…, won’t that add them to the list?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.