DSLRUsers.com

My ADSL isn't available yet but somebody has WIFI in the area and they don't have it secured. I couldn't obtain a network address so I just entered the defaults for a gateway and DNS (eg. 192.168.1.1) and I've managed to get access the net

Anyway my new PC absolutely rocks. Love the Dell 2005FPW so far, looks crystal clear.

The person with 'WIFI' will sooner or later seek you out

You'd be surprised (or actually more possibly not at all) how many people rush their brand spanking new wireless router home, set it up and never bother to set up WAP or even change the default settings.

Silly people.

Fozzie, I will just say I accidently clicked on the wrong network

Losfp, totally agree. They probably just used the out of the box settings without reading the manual. I've setup mine so that I have MAC filtering and a WPA key.

Here's an interesting article if anyone is interested:

http://www.tgdaily.com/2004/04/30/thg_t ... index.html

It's really surprising the number of units out there that aren't secured.

Oh my god. They also have their user/pass for the ADSL/Router set to the default so I could really really play havoc with their internet setup

losfp wrote:You'd be surprised (or actually more possibly not at all) how many people rush their brand spanking new wireless router home, set it up and never bother

You might be surprised at the number of people who deliberately don't secure their networks. I don't see how it hurts me if someone in the orange zone of my firewall can use my cable modem. It's not as though I'm short of bandwidth or anything, and they get traffic shaped just like my flatmates do (coz my watching funny vids off google video is much more important than whatever it is they do The flatmates live in orange too, and since I cut off my flatmate's bear-share access it's all worked like a charm.

Moz, well I'm guessing you might be unrestricted usage or have a fairly high usage but some ISPs over here have fairly small usage unless you pay for it. I'm gathering most average home users would be on the lowest plan.

moz wrote:You might be surprised at the number of people who deliberately don't secure their networks. I don't see how it hurts me if someone in the orange zone of my firewall can use my cable modem.

Then don't be at all surprised when your connection is disabled because one of your neigbours, unknown to you, started using your connection as a server for distributing copyright material illegally. Guess who's responsible for that?

If that doesn't convince, your neighbour on the other side has started to use your server to issue forth spam. Suddenly you not only cannot access the internet, but when you convince your ISP that you've cured the problem, no other server accepts email from you because your IP address has been blacklisted.

In the meantime, that cute blonde upstairs is, in fact, a natural blonde, and really shouldn't be let anywhere near a pc. her virus signatures are a year or so out of date, and she keeps on getting these popup messages telling her to buy some product or other.

And that new network virus has just spread from her pc to your's.

Good luck.

I'd steal WiFi too Kipper in your situation - but do you have any guilt?

No, none whatsoever

the only possible way I could probably remedy the situation is to contact NTL their provider and let them know so that they can pass on the info.

gstark wrote:Then don't be at all surprised when your connection is disabled because

Just because you don't understand the words doesn't mean you can ignore them. I hate to sound annoyed, but this is the third time you've skimmed one of my posts and responded inappropriately. Care to try again, this time paying particular attention to the terms "firewall" and "traffic shaped"? Look them up it you need to.

Kipper: yeah, I have ~36GB a month to play with. But upload is limited to 256kB and they don't like me using all of it. Hence the traffic shaping

http://www.caslon.com.au/warchalknote.htm

When I first got my PDA last year, I found that as I was driving I was able to detect a number of unsecured wifi networks. I pulled over and actually connected to the net, just to see if I could. However, I immediately had the feeling that I was snooping around somewhere I shouldn't, and have since regarded using someone else's connection as impolite and unethical - even though they deserve everything they get for not enabling security.
Just my 2c worth.

edit: just noticed kipper is from the UK - I think it may be an offence there
http://www.pcpro.co.uk/news/79643/wifi-to-be-secured-by-force-of-law.html

Frank

kipper wrote:Fozzie, I will just say I accidently clicked on the wrong network

Losfp, totally agree. They probably just used the out of the box settings without reading the manual. I've setup mine so that I have MAC filtering and a WPA key.

MAC filtering is the most secured, don't care about WPA if you're using MAC filter and hide your SSID.

Frankenstein wrote:
edit: just noticed kipper is from the UK - I think it may be an offence there
http://www.pcpro.co.uk/news/79643/wifi-to-be-secured-by-force-of-law.html

Frank

A felony charge maybe for you kipper!
Take it off and go back to Australia

birddog114 wrote:

kipper wrote:Fozzie, I will just say I accidently clicked on the wrong network

Losfp, totally agree. They probably just used the out of the box settings without reading the manual. I've setup mine so that I have MAC filtering and a WPA key.

MAC filtering is the most secured, don't care about WPA if you're using MAC filter and hide your SSID.

Birdog, I'm no expert but I listen to some tech podcasts on security, and apparently MAC filtering isn't foolproof if you have the right tools, whereas WPA encryption (with a strong password) is apparently unbreakable.

Frank

moz wrote:

gstark wrote:Then don't be at all surprised when your connection is disabled because

Just because you don't understand the words doesn't mean you can ignore them. I hate to sound annoyed, but this is the third time you've skimmed one of my posts and responded inappropriately. Care to try again, this time paying particular attention to the terms "firewall" and "traffic shaped"? Look them up it you need to.

Be annoyed. Be very annoyed, if you like.

But not with me!

Please take a moment or three to understand my post. And perhaps take a few moments to understand how firewalls work.

No amount of shaping can stop people, who are inside your network, breaching your firewall from within by sending out a signal on a port, and telling the firewall that it's ok to accept incoming packets on any particular port.

That's why personal firewall programs ask you whether, on your pc, it's ok to open up port X for traffic when a program asks for that. When was the last time that your hardware firewall asked you for that permission?

Shaping only slows down the amount of traffic that can get through your connection, or wherever it happens to be applied: it does nothing at all to restrict access on ports.

And none of that - not one bit of it - can stop somebody using your network from serving up content that your provider might deem to be illegal.

Which was the point of my post.

And if your connection is serving up illegal content, do you think your ISP really cares that your connection is shaped, or that you think your firewall protects you?

I doubt it.

Frank,

Frankenstein wrote:Birdog, I'm no expert but I listen to some tech podcasts on security, and apparently MAC filtering isn't foolproof if you have the right tools, whereas WPA encryption (with a strong password) is apparently unbreakable.

No it's not, but it's pretty good.

But for most purposes, even the very basic setups will work. Sure, they're nothing like industrial strength solutions, but unless your next door neighbour is an expert hacker, they're simply going to see that the connection is protected and move along.

In a business environment, where sensitive data is at stake, it's a very different ballgame, of course, and multiple layers of protection should be employed, but nothing, short of disconenction, will deter somebody intent upon beaking in to your network.

Frankenstein wrote:

birddog114 wrote:

kipper wrote:Fozzie, I will just say I accidently clicked on the wrong network

Losfp, totally agree. They probably just used the out of the box settings without reading the manual. I've setup mine so that I have MAC filtering and a WPA key.

MAC filtering is the most secured, don't care about WPA if you're using MAC filter and hide your SSID.

Birdog, I'm no expert but I listen to some tech podcasts on security, and apparently MAC filtering isn't foolproof if you have the right tools, whereas WPA encryption (with a strong password) is apparently unbreakable.

Frank

Frank,
So far for the last three years, more than 100 WIFI installed and working well with only MAC filtering, on the otherside I noticed few used WPA encryption still got hacked. I'm talking with my experiences, perhaps someone has other powerful tools, can track down all the MAC address on the network. Especially for SOHO or Home users.

gstark wrote:breaching your firewall from within by sending out a signal on a port, and telling the firewall that it's ok to accept incoming packets on any particular port.

So they allow people to send packets to their computer. Gosh.

As for illegal content, at this stage there is little to no effective monitoring of that that I know of - the legal attention has all been to stuff on hard disks, which means that at worst I'm up for the content of my firewall logs. Sure, if they really worked at it they might be able to incriminate me that way, but they'd be trying to get their signal through the huge number of illegal file-sharing PCs on the system.

When was the last time that your hardware firewall asked you for that permission?

It doesn't, but that's not what hardware firewalls are for. My machine has a software firewall for that.

Which was the point of my post.

So all the stuff about sending spam and viruses getting onto my copmuter through the firewall was just decoration? In Most ISPs (including Optus) block mail relay ports and insist that you use their mail servers. So sending spam is actually quite hard (viz, I can filter it by MAC without my flatmates noticing).

Trying to serve illegal content through my firewall would be a touch tedious, since I've responded to my flatmates running file sharing software by instigating a "download > upload" rule for everyone in orange. That plus capping their upload at ~10kBps would discourage all but the most devout.

To date, almost all the users have not even tried to do anything naughty, they just play on the web like nice children. The occasional attempt to share files has only once made me ban the MAC. Of course, if they're a Mac user they will have changed it and come straight back on, but since they're no longer file sharing I don't care.

Think of it as being like all those people who leave their outside taps unsecured - there is a risk that someone will come along and use it to fill their pool, or just leave it running, but most of the users will just fill their container, turn the tap off and leave.

A quick word about securing wireless.
The only as yet regarded secure connection for wireless is WPA2 which is quite different from WPA1. Cisco developed MIC and TKIP to mitigate the Scott Fluhrer discovered problems ( He worked for cCisco) and released the specs to industry who promptly bastardised it slightly and called it WPA.
WPA2 has 256 bit registers and most upgrades are of the forklift type. Replace your hardware..
The Initialisation vectors are not likely to be repeated until the sun burns out.

Legal factors:
In Australia, you can be done for illegally accessing computer networks if you steal wireless.
This is technically achieveable, although currently untested in law courts.
However, you are more likely to be done for telecommunications interception offences as they HAVE been tested in court.
This is the legal opinion of the senior lawyer who deals with this legislation for the Federal Attorney-General's Department. (We chatted about it during lunch at a presentation course, of all things...)

moz wrote:

gstark wrote:breaching your firewall from within by sending out a signal on a port, and telling the firewall that it's ok to accept incoming packets on any particular port.

So they allow people to send packets to their computer. Gosh.

Now you're being obtuse.

When a packet is sent from a computer through a firewall to a remote host, even though you may have closed off a port for incoming packets, the fact that an outgoing packet has used that port is enough authority for most firewalls to then begin accepting incoming packets on that port. That original outgoing packet, from a PC within the domain, starts the chain.

That's how many DDOS attacks work, using compromised PCs. Your PC may be safe, but are you sure that every other computer that you permit to use your facilities is?

As for illegal content, at this stage there is little to no effective monitoring of that that I know of

That you know of.

Interesting qualification. There have been several instances in Oz where sites have been closed, and a couple of prosecutions too.

In terms of copyright violations, they are going after those who serve data, rather than those who consume it. If that guy upstairs sets up a server issuing illegal music or movies, sy, that will be traceable back to your IP. Likewise if they're hosting something like kiddie porn.

Or even looking at it.

Whether your connection is full speed, dial-up, or anything in between is simply not relevant. Can you absolutely, unequivocably, without any shadow of a doubt tell us that there is nobody using your connection that is doing something illegal?

I certainly cannot for mine, and mine is reasonably locked down. If you think you can, then there's only one person that I think you're fooling.

- the legal attention has all been to stuff on hard disks,

When they look at your hard disk, it's already too late. They're looking at content and probable content sources in the first instance. If they see a significant body of copyright material coming from an IP address (or subnet) then they're going to be looking at that source and talking with the owner of that subnet.

If they're looking at your hard disk, then they've already taken court orders to your ISP because they've obtained your name and address from the ISP using those court orders. The fact that they have these court orders means they already have a large body of evidence that the court has accepted suggesting a problem with the IP address in question.

which means that at worst I'm up for the content of my firewall logs. Sure, if they really worked at it they might be able to incriminate me that way, but they'd be trying to get their signal through the huge number of illegal file-sharing PCs on the system.

Everything is always traceable to a pair of end-point IP addresses.

That you believe that you may be immune doesn't make it so. Sorry.

Even with the noise of file sharing PCs, they will still be able to identify servers because of the frequency with which some IP addresses will appear in various tyoes of transaction logs. Your firewall logs are irrelevant; they'll be looking at their own monitoring of the networks and perhaps your ISP logs.

When was the last time that your hardware firewall asked you for that permission?

It doesn't, but that's not what hardware firewalls are for. My machine has a software firewall for that.

Fine. But whom else uses your network? What is their security like? Are they running secure firewalls, in the same way that you are? If you don't know who those people are, how do you know what security levels they're running?

How up to date is their malware protection?

And are they only running the free version of the AV software that came with their PC? And which expired 18 months ago?

Your belief that their systems might be up to date and secure does not make that so, either.

Which was the point of my post.

So all the stuff about sending spam and viruses getting onto my copmuter through the firewall was just decoration? In Most ISPs (including Optus)

At no point did I say that you would get this stuff through the firewall. Please go back to your original point, which was you seeing no problems with permitting yourself to open up your wireless LAN to all and sundry.

That means that anything hazardous will be coming from within your subnet, not from outside.

As we have seen, if there is a stranger anywhere within your subnet who has a compromised system, depending upon the nature of compromises that are in place, there will be a risk to your system.

And no firewall will protect you against some of the issues that have been identified in Windows' vatious versions.

block mail relay ports and insist that you use their mail servers.

Yes, Optus does, and many others do.

And many others do not. None of the last four ISPs that I have used do this, and in fact I simply cannot use one that does, because I do run my own servers.

But mostly, they will only block a selective number of ports - those used by known server services: 80, 25, 21, 119, 110, etc.

Many other ports remain open. I was working at one office not so long ago that had their network locked down.

Very securely.

So they thought.

So sending spam is actually quite hard (viz, I can filter it by MAC without my flatmates noticing).

I could have from within this securely locked down site, had I so desired. I reckon I could from within an Optus site too. It's not exactly hard to breach most of these measures that are put in place.

Trying to serve illegal content through my firewall would be a touch tedious,

So yu'ree agreeing that it's not out of the question.

Then why are you arguing with me, when you accept that it's a posibility.

Being tedious is not something for you or me to judge: if somebody wants something badly enough, they will truly jump through hops to get it, and your value jusgement as to tediiousness is not relevant.

To date, almost all the users have not even tried to do anything naughty, they just play on the web like nice children. The occasional attempt to share files has only once made me ban the MAC. Of course, if they're a Mac user they will have changed it and come straight back on, but since they're no longer file sharing I don't care.

How do you know they're not filesharing?

How do you know what they're doing, without monitoring every packet they're seeing?

Birddog, first thing I did when setting up my wireless modem/router (first time WIFI installer aswell) was turn off broadcasting of network name, enable mac filtering and enable a WPA(-PSK?) key. I'll have a look into it a bit more later on once I have my own ADSL setup but it seemed fairly logical to do some sort of securing of the radio transmissions. I think WIFI products should have a big red sticker on the box that warns users of the potential security issues.

Wow, that's amazing that they fined the bloke 500gbp for using somebodies unsecure network. I mean what happens if there were like five WIFI services in the area all called linksys or linksys1, linksys2 etc and all unsecure and you just accidently clicked on the wrong one. I mean, should you get fined for it?

I think there were less fines for people who house squatted

kipper wrote:Birddog, first thing I did when setting up my wireless modem/router (first time WIFI installer aswell) was turn off broadcasting of network name, enable mac filtering and enable a WPA(-PSK?) key. I'll have a look into it a bit more later on once I have my own ADSL setup but it seemed fairly logical to do some sort of securing of the radio transmissions. I think WIFI products should have a big red sticker on the box that warns users of the potential security issues.

Do it manually, and you're correct. Hide your SSID, don't broadcast it, next one is MAC filtering, and that's, the simple way to set it up and secured, I bet you, no one around you will try to hack into your private network and simple way for home users with few PCs or gaming adapters.

Mostly the odd guys will try to get the freebies when they see there is an unsecured network existed, but one they tried it and and get a denial, they'll gone to somewhere else.

To be honest, I tried (same as my customers) to hack (many ways for our evaluation and testing) into few of my customers WIFI which I installed their WIFI, but none of succeeding.

Wow, that's amazing that they fined the bloke 500gbp for using somebodies unsecure network. I mean what happens if there were like five WIFI services in the area all called linksys or linksys1, linksys2 etc and all unsecure and you just accidently clicked on the wrong one. I mean, should you get fined for it?

Same here and in the US, I'm not encourage anyone taking this avenue instead of.

Something of interest was the guy who got caught was doing what they call here "warring" which is the act of driving around with a laptop with WIFI enabled and finding a house with an unsecure network. Police arrested the man parked outside the house. Whether it was a case of the police doing a routine check around the neighbourhood and spotted the illuminated glow of a laptop coming from the car or whether somebody in the neighbourhood reported somebody suspicious sitting in a car without getting out for 8hours who knows. I really think that finding a house that is using your broadband would be a lot harder unless you had some sort of gear that could track were the radio signals are transmitting from. The other method would be if they sniffed packets and found my name in the packets which could be trackable to this residence (if there was some indication that I lived here - which there is now).

You can buy a WIFI tracking device about 50 buck in Australia, it's small like a pack of cigarette or maybe smaller.

Does that just track access points or does it also find USB/PCI/PCMIA WIFI transmitter/recievers?

kipper wrote:Does that just track access points or does it also find USB/PCI/PCMIA WIFI transmitter/recievers?

It tracks all the present of wifi in its vicinity (All as above).

kipper wrote:Something of interest was the guy who got caught was doing what they call here "warring" which is the act of driving around with a laptop with WIFI enabled and finding a house with an unsecure network. Police arrested the man parked outside the house.

It's called "Wardriving" and it comes from the "wardialer" used by old time crackers looking for modems with automated dialling programs.
The guy that they caught was found with his pants down, jerking off to kiddie porn.
There have been only two publicised prosecutions which involved wireless network access and both did not include the unlawful access to the network in the prosecution's case.
The above gentleman was done on other charges. I can't recall what, but I do remember that when reading the write up, I noted that it wasn't mentioned he was illegally accessing the network.
The other case was in the USA where two guy got done for accessing a stores's wireless network and changing prices on items. ( I think that it was Best Buy) They got done for conspiracy and went to jail for it.
The prosecutors tactic is to pick which legislation is the most applicable and which will get the prosecution.
Conspiracy legislation in the USA gets tested all the time. It works. People go to jail for it.