This guy who hacked his neighbor's wifi tells you how to avoid getting hacked yourself

Originally published at: This guy who hacked his neighbor's wifi tells you how to avoid getting hacked yourself | Boing Boing

…

This feels pretty creepy to me. It’s like saying “I secretly picked the lock to my neighbor’s back door (for educational purposes only), here’s how you can avoid making your home vulnerable to similar break-ins.”

Less than 30 seconds before he’d be logged and alerted by my monitor program.

Ooh, that’s interesting… What are you using to help monitor this kind of potential intrusion?

I have a monitor program running on a Pi that checks my Internet connection, DDNS, and LAN connections.

It currently uses nmap to scan the LAN, which can be defeated, but it’ll get it direct from the router once I swap out my ancient DLink. Any new device is logged and a sound effect played. (Megabyte: “What have we here?”)

Yeah, yeah, that’s all great, but what’s your password?

He could do what I do: live so far out from a municipal area — no sidewalks, nothing within walking distance — that one would have to loiter within about 5 feet outside the house to even pick up the signal.

I guess he’d have to … strain … for it.

IMG_20190528_143946183sml400×627 71 KB

Back in a previous life I would park and scan for open Wi-Fi so I could upload footage faster than driving home. When the file was done, I would send a page to their printer saying “I’ve printed this page to inform you that your Wi-Fi is not secured.”
Next time I was in the area, the SSID it would show up as secured.

I never looked for shared drives or that kind of hacking.

I have a vlan hosting an ssid with no password that only routes to my isp. The ssid that gets you to the internal stuff too has a moderately secure password.

It would probably be prudent to take the advice of throwing a tilde or something in there but I don’t worry about it too much, figuring there’s little motivation to go down that road when something open is available. I have plenty of bandwidth and no cap so I’m not bothered at all to share it.

now, i don’t know most of the words you said but i gather you’re referring to sharing your connection safely?

id love to know how to do that. it’s not in the isp’s interest and most contracts specifically disallow it - but id love to do that as a low bar, and also see some sort of neighborhood co-ops for this stuff rather than have each neighbor paying sky high internet bills for what already is a shared pipe

of course, i also think public wifi should be available to all paid for by taxes so…

Thou shalt not covet thy neighbor’s Wi-Fi.

Because of the key exchange method, having a password at all (instead of radius auth) with WPA2, anyone with modest hardware can crack most passwords in seconds (not 63 thousand years) after scooping up the right traffic from passively listening. The process can be hurried up by slightly less passive activity. Doing math on radio broadcasts isn’t illegal (mostly).
Using a cracked password to gain access is illegal though, to be clear.
If you are using a password and WPA2 because you have to, you want one that is really long and unfriendly (caps, numbers, special chars) to achieve any decent security, but the real solution is to use more secure methods like WPA3 or radius auth.

He’s referring to a guest account. Many routers have such a thing as an option; you can set it to have its own login id, its own password (or none), and while anyone who attaches to it can see the ISP (and each other), it normally cannot see devices connected through the usual login. Useful for houseguests who you don’t trust with your password.

I have an old router not connected to the internet broadcasting several political SSIDs that amuses the crap out of me because there are several last guy flags flying with range.

I should open them up and point them somewhere or set up a landing page to screw with them.

It probably doesn’t matter for MAGA neighbors, but for other uses, it’s worth looking into how to spoof Android and iPhone checks for a connection to the Internet.

I should spend some time on that before the next time I go down to Queen’s Park to paint the place with a SSID and site.

i’ll look into that, thanks! that definitely sounds like what im looking for.

( i did already look up this word “guest”, and apparently it comes from pre-pandemic times… people actually visited inside each other’s homes! ancient social customs are fascinating )

My router is homebrew but ya same general idea.

WPA3 is absolutely the best suggestion but I still need to allow for several devices that don’t support it.