Fugger was stealing my wifi!

Computer and electronic gizmo support.
User avatar
smithcorp
Occasional Visitor
Occasional Visitor
Posts: 4978
Joined: Sun Dec 19, 2004 9:13 pm
Location: Godzone

Fugger was stealing my wifi!

Postby smithcorp » Thu Sep 15, 2016 9:55 pm

Was getting big network slowdowns on the home network, and even getting messages popping up on Fetch TV saying bandwidth was low because of multiple devices attached. Happened most evenings in the past month.

I started looking on my router's admin page and found two devices connected to wifi i didn't recognise and sucking 100 mbps. Finally tonight I got the MAC addresses of all our devices and then ticked them off. Finally turned on MAC filtering on the fuggers and got them blocked.

Funny thing is my wifi password is seriously tricky - in a foreign language, lots of characters and some numbers - can't figure out how they could have got on?

Shonky
Posts: 5230
Joined: Sun Feb 27, 2005 6:33 pm

Re: Fugger was stealing my wifi!

Postby Shonky » Thu Sep 15, 2016 10:15 pm

Using WEP or WPA2 encryption?

User avatar
smithcorp
Occasional Visitor
Occasional Visitor
Posts: 4978
Joined: Sun Dec 19, 2004 9:13 pm
Location: Godzone

Re: Fugger was stealing my wifi!

Postby smithcorp » Thu Sep 15, 2016 10:19 pm

WPA2-Personal

User avatar
Cursed
Posts: 931
Joined: Thu Feb 10, 2011 8:46 am

Re: Fugger was stealing my wifi!

Postby Cursed » Thu Sep 15, 2016 10:28 pm

ImageImage

Shonky
Posts: 5230
Joined: Sun Feb 27, 2005 6:33 pm

Re: Fugger was stealing my wifi!

Postby Shonky » Thu Sep 15, 2016 10:29 pm

Got me stumped then.

User avatar
AstrO
Help Desk Expert
Posts: 4790
Joined: Tue Jun 28, 2005 9:28 pm
Location: Adelaide
Contact:

Re: Fugger was stealing my wifi!

Postby AstrO » Thu Sep 15, 2016 10:31 pm

Do you have WPS enabled? If so make sure you turn it off!

User avatar
smithcorp
Occasional Visitor
Occasional Visitor
Posts: 4978
Joined: Sun Dec 19, 2004 9:13 pm
Location: Godzone

Re: Fugger was stealing my wifi!

Postby smithcorp » Thu Sep 15, 2016 10:33 pm

Bloody hell. But blocking the device's MAC address will help me won't it?

User avatar
smithcorp
Occasional Visitor
Occasional Visitor
Posts: 4978
Joined: Sun Dec 19, 2004 9:13 pm
Location: Godzone

Re: Fugger was stealing my wifi!

Postby smithcorp » Thu Sep 15, 2016 10:35 pm

AstrO wrote:Do you have WPS enabled? If so make sure you turn it off!


I did have!

hylas
Posts: 363
Joined: Sun Jun 29, 2014 7:24 pm

Re: Fugger was stealing my wifi!

Postby hylas » Fri Sep 16, 2016 3:14 am

WPS is insecure, having that turned off it a very good idea.

It's easy enough to grab the handshake of a WPA authentication but to crack the password you basically have to bruteforce attack it with a dictionary file or go the rainbow table option, either way it's a time consuming process. So if you have a combination of uppercase, lowercase, numbers AND special characters in the password and it's more then 10+ characters long you should be sweet. From memory, if I was to make a 8 character long dictionary file using JUST hex digits (also ONLY uppercase) it's a couple terrabyte's. To do the same but going up to 10 digits, it's something like 12 TB. You can start to imagine how big a dictionary file needs to be for say a 10 character long password, which includes uppercase, lowercase, numbers and special characters. It's really not worth the time.

Anyways, sounds like you've done good with MAC filtering anyway. As long as it doesn't bother you having to add new devices when needed, I spose that depends on how often that happens for you. I would of just gone with a password replacement and leave it at that, but I'm forever connecting different devices to my network, so filtering would irritate me.

User avatar
Cursed
Posts: 931
Joined: Thu Feb 10, 2011 8:46 am

Re: Fugger was stealing my wifi!

Postby Cursed » Fri Sep 16, 2016 6:43 am

I would be surprised if MAC addresses couldn't be spoofed, but it would mean bumping off one of your running devices to let it in which would not make for a smooth experience.

Changing the SSID or password every week or two for a couple of months will probably make your network more trouble than it's worth compared to other networks in the neighbourhood.

Depending on how much time you want to put into it and the capabilities of your router you could set up a transparent proxy that redirects all the miscreants web requests to the AFP website.
ImageImage

hylas
Posts: 363
Joined: Sun Jun 29, 2014 7:24 pm

Re: Fugger was stealing my wifi!

Postby hylas » Fri Sep 16, 2016 7:06 am

Yes that's right Cursed, you can most definitely change your MAC to one that is already connected to the wifi. And all clients that are online can easily be identified by people not connected to the network. But yes, if you were imitating a client and trying to authenticate to the wifi, you would be causing issues for that client. Quite noticeable if you were using that device and getting kicked off the wifi frequently.

A RADIUS Server is basically an internal server on the network that does the authentication instead of the wifi router. It's more of an enterprise solution but if it's something that you were keen on setting up, then why not.

I would honestly just stick with a decently longish password with what I said before (uppercase, lowercase, numbers & special characters). No home network is really that tempting to bother cracking a decent password. If someone really was nearby being a dodgy prick, they will look elsewhere quite quickly.

User avatar
smithcorp
Occasional Visitor
Occasional Visitor
Posts: 4978
Joined: Sun Dec 19, 2004 9:13 pm
Location: Godzone

Re: Fugger was stealing my wifi!

Postby smithcorp » Fri Sep 16, 2016 8:15 am

My pw is 28 characters long, with letters and numbers. I could fiddle with upper/lower case but I figured my pw would be very hard to crack. I will update the password, as full MAC filtering would be a pain with a house full of devices and little kids coming to Minecraft parties. I added the MAC addresses of the two dodgy devices to the refuse list and that solved the problem last night. I suppose they could change their device MAC addresses, so the PW change will hopefully make it harder for them.

hylas
Posts: 363
Joined: Sun Jun 29, 2014 7:24 pm

Re: Fugger was stealing my wifi!

Postby hylas » Fri Sep 16, 2016 8:47 am

This is how big the dictionary file would need to be to bruteforce every possibility on your password. This is all uppercase and numbers at ONLY 28 characters (nothing shorter then 28).

~]$ crunch 28 28 -f /usr/share/crunch/charset.lst ualpha-numeric -o wordlist.txt
Crunch will now generate the following amount of data: 18230571291595767808 bytes
17386027614208 MB
16978542592 GB
16580608 TB
16192 PB

Now here's the same, but making it so that there's no consecutive numbers or letters.

~]$ crunch 28 28 -f /usr/share/crunch/charset.lst ualpha-numeric -d 1@ -d 1% -o wordlist.txt
Crunch will now generate the following amount of data: 4071028309950031388 bytes
3882435140562 MB
3791440566 GB
3702578 TB
3615 PB

User avatar
Montey
Posts: 3453
Joined: Thu Dec 30, 2004 6:54 pm
Location: Melbourne
Contact:

Re: Fugger was stealing my wifi!

Postby Montey » Fri Sep 16, 2016 10:05 am

I would have left them connected, set up a transparent web proxy, pinched all their clear-text website passwords and anything else of interest, and then started fucking with them (e.g. when I see one of them browsing a website, start injecting animal porn; start posting things to their Facebook profile - yes a fake SSL cert would be required for this; etc.)
- When trouble arises and things look bad, there is always one individual who perceives a solution and is willing to take command. Very often, that individual is crazy.
- If youre paddling upstream in a canoe and a wheel falls off, how many pancakes fit in a doghouse? None! Icecream doesn't have bones!!!

User avatar
Cursed
Posts: 931
Joined: Thu Feb 10, 2011 8:46 am

Re: Fugger was stealing my wifi!

Postby Cursed » Fri Sep 16, 2016 10:09 am

If you're using WPS on your router to facilitate easy connection for those Minecraft parties, you might want to turn it off. Apparently that is a big doorway into your network.
ImageImage

User avatar
smithcorp
Occasional Visitor
Occasional Visitor
Posts: 4978
Joined: Sun Dec 19, 2004 9:13 pm
Location: Godzone

Re: Fugger was stealing my wifi!

Postby smithcorp » Fri Sep 16, 2016 10:36 am

Montey wrote:I would have left them connected, set up a transparent web proxy, pinched all their clear-text website passwords and anything else of interest, and then started fucking with them (e.g. when I see one of them browsing a website, start injecting animal porn; start posting things to their Facebook profile - yes a fake SSL cert would be required for this; etc.)


This would assume I am not a 55-year-old man with just enough tech ability to operate my toaster... :)

User avatar
smithcorp
Occasional Visitor
Occasional Visitor
Posts: 4978
Joined: Sun Dec 19, 2004 9:13 pm
Location: Godzone

Re: Fugger was stealing my wifi!

Postby smithcorp » Fri Sep 16, 2016 10:36 am

Cursed wrote:If you're using WPS on your router to facilitate easy connection for those Minecraft parties, you might want to turn it off. Apparently that is a big doorway into your network.


Cheers Cursed - done that now. Interested to see tonight if they come back.

User avatar
Enforcer-J
Posts: 6511
Joined: Wed Oct 12, 2005 11:16 pm
Location: right on your A.R.S.E.

Re: Fugger was stealing my wifi!

Postby Enforcer-J » Fri Sep 16, 2016 10:58 am

I'd let them keep using it and then use wireshark etc to suss them out, find out who they are, steal their bank details and go round and kneecap them.

hylas
Posts: 363
Joined: Sun Jun 29, 2014 7:24 pm

Re: Fugger was stealing my wifi!

Postby hylas » Fri Sep 16, 2016 11:27 am

Yeah I'm pretty much the same EnJ, I would love for someone to join my arp poisoned LAN :D

User avatar
norbs
fucking right wing vegan lesbian
Posts: 20849
Joined: Fri Dec 17, 2004 6:01 pm
Contact:

Re: Fugger was stealing my wifi!

Postby norbs » Fri Sep 16, 2016 3:18 pm

There comes a time in a mans life when you just want things to fucking work.

I am with smiss. but 10 years ago I would have gone hunting for sure.

Neighbours Smiss?
Image
ImageImage
Sarc ; my second favourite type of gasm.

User avatar
smithcorp
Occasional Visitor
Occasional Visitor
Posts: 4978
Joined: Sun Dec 19, 2004 9:13 pm
Location: Godzone

Re: Fugger was stealing my wifi!

Postby smithcorp » Fri Sep 16, 2016 6:14 pm

norbs wrote:Neighbours Smiss?


Our wifi is accessible from halfway along our street, so a pretty wide area. The immediate neighbours I doubt, but there's some folk down the battleaxe block down the back I'd put money on.

User avatar
markus
Posts: 912
Joined: Sat Dec 18, 2004 7:09 pm
Location: Gitmo nation reindeer

Re: Fugger was stealing my wifi!

Postby markus » Fri Sep 16, 2016 6:44 pm

Montey wrote:I would have left them connected, set up a transparent web proxy, pinched all their clear-text website passwords and anything else of interest, and then started fucking with them (e.g. when I see one of them browsing a website, start injecting animal porn; start posting things to their Facebook profile - yes a fake SSL cert would be required for this; etc.)


That's precisely what I'd have done as well :) Some easy solutions would be pineapple or the old jasager
Much cycling such kilometers.

User avatar
wobblysauce
Seen it, Done it, Invented it!
Posts: 10407
Joined: Thu Aug 25, 2005 9:53 am
Location: On an Island in the south
Contact:

Re: Fugger was stealing my wifi!

Postby wobblysauce » Sun Sep 18, 2016 1:48 am

smithcorp wrote:
norbs wrote:Neighbours Smiss?


Our wifi is accessible from halfway along our street, so a pretty wide area. The immediate neighbours I doubt, but there's some folk down the battleaxe block down the back I'd put money on.

Surprised others have not said this..

But turn down the power to the signal(normally something like, Tx Power Adjustment).. enough that it does not affect you, but gets from being 4 houses down.
Some play it safe on the merry-go-round, others go for the thrills of the roller-coaster.

ᕙ༼ຈل͜ຈ༽ᕗ vs ლ(ಠ益ಠ)ლ


Return to “Tech stuff”

Who is online

Users browsing this forum: Sarsippius and 1 guest

cron