Spyware, Viruses, & Security forum

General discussion

Was I "Hacked" (wireless network)

by DerfX / February 1, 2012 7:48 AM PST

I came home from work today and turned on my laptop only to find -No Connection-. A quick check in the [Network and Sharing Center], (Win 7HP), and I see all my neighbors, a new network called "Linksys" and MY router missing. I saw a five-bar connection to the new router called "Linksys" so I figure that may be MY router but with a new default SSID. I have been using the same unique SSID for years with a 7-digit password.

So I shut off the wireless connection on my lappy and fired up my old desktop which is hard-wired to the router. When I tried my router access password, I could not get in.

I immediately did a router power-down and reset with that little button on the back. We are talking a WRT54GL wireless router hooked to a cable modem through Brighthouse-RoadRunner that also supplies my phone and TV.

Anyway, I was able to access the router with the default password so next, I put in a new very cryptic router access password. then I went to Wireless security and chose that WPA2, (I think, I think I was originally using the regular WPA). Then I chose a new 17-digit unique and cryptic key phrase.

I have had this router for quite a while and I have never seen an SSID get changed unless Linksys sent out some kind of update that reset it to its default. But I've never heard of that either. Do you think someone figured out my 7-digit router access password and went in and changed my SSID? And what else could they do remotely if all the computers were shut off at the time?

Post a reply
Discussion is locked
You are posting a reply to: Was I "Hacked" (wireless network)
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Was I "Hacked" (wireless network)
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Sure. Why not?
by R. Proffitt Forum moderator / February 1, 2012 7:51 AM PST

It's a classic case where the defaults were used. If this was WEP the hack takes about 2 minutes.

WPA takes about 12 dollars and I think WPA2 costs 25 bucks to crack.

It's enough for me to think of turning off Wifi when I'm gone.
Bob

Collapse -
Wow, that easy?
by DerfX / February 1, 2012 8:13 AM PST
In reply to: Sure. Why not?

I had no idea it was that easy. My new router password is 16 alpha-numeric digits but does that even matter? My new WPA-2 key-phrase is 17 alpha-numeric digits so does that slow them down al all?

Collapse -
AFAIK. No. Complexity does not slow it down. Why?
by R. Proffitt Forum moderator / February 1, 2012 8:22 AM PST
In reply to: Wow, that easy?

If you research this it's cracked using "cloud computing." There are now a few services out there so if they ever crack your WPA2 the current system has them paying for the crack so change it weekly and they will give up.

WEP however is now a kid-friendly software that you find out there. It pops up with "Click here to connect to this WEP network." This one has features about MAC spoofing, finding "hidden" SSIDs and more. The old advice about MAC filters and hiding the SSID is now "old advice."
Bob

Collapse -
What about...
by DerfX / February 1, 2012 8:20 AM PST
In reply to: Sure. Why not?

... going in the router and telling it to STOP broadcasting the SSID?

I never did that before and I figure once I got the lappies connected, I shouldn't need the broadcast. It might make hooking up a new device difficult unless I turned it back on temporarily?

Collapse -
Sorry I thought we covered that?
by R. Proffitt Forum moderator / February 1, 2012 8:32 AM PST
In reply to: What about...

Since anytime you talk to the router the SSID is sent, this only creates problems for you and not the would be attacker. What problems? Usually the connection can't be made on some devices or drops when you don't want it to.

Given the current situation my prediction is we need to move to WPA3 soon.
Bob

Collapse -
Thank You So Much
by DerfX / February 1, 2012 8:42 AM PST

I really appreciate your replies. I guess I have to keep on top of it a little better. Thanks for all your help

Collapse -
True Story...
by mooman420a / February 3, 2012 10:30 AM PST

One of my clients noticed that his regular wireless connection (2WIREXXX) had recently change to EATTHIS. He didn't change it. SO I went over and reset the router and change the security settings. The next day, the clients' downstairs rental tenant came up and asked if there was any way they could share the internet connection...BINGO!

Collapse -
One of the decisions you have to make
by Zouch / February 3, 2012 9:26 PM PST

As Bob has indicated, consumer wireless networks are inherently insecure, when compared to a wired network. To hack a wired network, you need physical access to it and plug in a cable. Wireless knows no such boundaries. Don't believe the range diagrams on the router boxes, by the way, in the rural area where I live, I can "see" my neighbour's 802.11G network at 50 metres! And that through his exterior wall and mine.

There is commercial equipment which can improve the security of a wireless network but for most of us, these are unaffordable.

I think we may be waiting some time for improved encryption, such as Bob mentions, though that would be the best solution - for a while - until the ne'er do wells find a way round it!

In the meantime, I enable all the tools currently available on my router, Change the SSID, Stop broadcasting it, Enable MAC filtering and Use WPA2 with a long pass phrase.

The SSID and Passphrase can be purely random characters, the more the better. Keep a hardcopy record for when you forget them and maybe keep them on a USB key also - NOT on any of your computers! The USB key makes it very easy to set up any new device to tell it to look for the non broadcast SSID (the wireless signal is still broadcast, just the name isn't) and give it the Passphrase, always assuming the new device has a USB port!

Sure, all these can be bypassed but with the proliferation of wireless networks these days, if yours has a couple of stumbling blocks, most baddies will give up and choose an easier one.

But it won't get any easier to protect your network any time soon. But you do have one advantage with your setup, your router is separate from your modem, so you could just power off the router when you are not using it and you should be able to spot any attacks when you are logged on. The modem will continue to answer your provider's "heartbeat" messages, which isn't possible with a combined modem/router.

Good Luck!

Collapse -
About that.
by R. Proffitt Forum moderator / February 4, 2012 4:50 AM PST

" I enable all the tools currently available on my router, Change the
SSID, Stop broadcasting it, Enable MAC filtering and Use WPA2 with a
long pass phrase."

Some devices drop randomly under those settings. And there is no security gained as the tools today don't rely on a broadcasted SSID and can spoof the MAC to get around that filter.

The cloud cracking of WPA2 takes just as long with a long or short pass phrase.

Bottom lines?

1. Do what you believe works for you.
2. We need a WPA3 NOW.
Bob

Collapse -
I was going to ask just THAT...
by DerfX / February 5, 2012 4:24 AM PST
In reply to: About that.

...about whether having a 16-digit multi-case alpha-numeric pass-phrase was any more secure than just any good random 9 or 10 digit alpha-numeric code. I have been using at least 9-digit alpha-numerics for all my banking and sensitive stuff for over ten years. I still had some old 7 and 8 digit passwords for my more generic stuff like this forum and a bunch of things I never thought were very important. The 7-digit code I used on my router was probably not very secure but it was still a random alpha-numeric.

I recently saw a thread around here where the topic of password length was at issue. I think it said something about 8 digits not being very secure anymore and suggested 10 digits because that would take a computer years to "guess" the right combination. But am I correct to assume that the pass-phrase does not need to be "guessed" to break into these wireless systems?

I have my phone going through the router, albeit it is hardwired but it still seems like it would be a pain to turn the "wireless" portion of my router on and off all the time. And I'm hoping that time-stamping would be in my favor to prove it wasn't me if anything inappropriate got sent over my connection. My computers are off when we're not here and I don't think anyone is going to get away with anything while I'm sitting here using it. I'm pretty sure I would notice my connection being modified.

I have an idea who did it. There aren't that many people that smart that live close enough to me and there is in teenage kid who lives next-door who I believe is basically a really good kid. But I also know that if I was him and I had the software available, I might try it, maybe, just to see if it worked. Wink And all he did was reset it to default with zero security so at most, he got to use my Internet connection for 8 hours.

It was WPA and is now WPA2 so at least he will need an additional program or download to do it again. And I'm guessing he won't because he's not a bad kid. But I was also going to ask about that, whether there was an additional benefit to using the MAC filtering option along with the longer pass-phrase would do much good or if it was just forcing me to type more digits. I re-used my old SSID, basically, just to show him that I "saw" what he did the moment I came home from work. Since it is broadcasted publically, I didn't think there was any point in making it anything cryptic or even different than before. But the 7 digit password to get in the router is gone. I don't know if it helps but it is a 16-digit code now, along with the pass-phrase which is another 16-digit code.


I love that this has stimulated some discussion and I would like to end this post with a question. What is the general consensus on what length of password or pass-phrase is too short and at what point does the length become redundant?

Collapse -
I think you will have to make a choice here.
by R. Proffitt Forum moderator / February 5, 2012 8:41 AM PST

The current cloud crackers do not distinguish password length as being any harder to crack. And AFAIK a new cracker is due any day now to use GPU power to get more done faster.

This is why you have to weigh making life hard on you and your gear versus changing weekly until the attacker gives up as each crack appears to cost 12 to 25 bucks.

Make them pay?
Bob

Collapse -
That sounds like the "logical" approach
by DerfX / February 5, 2012 9:49 PM PST

While I want to believe that password strength will always remain somewhat of a factor in many situations, it seems like no matter what anyone does to "secure" themselves, someone else will eventually find a way around it. Constant change seems like the more logical approach if only to make it a costly venture for any repeat offender.

But, for the traditional use, such as a password for connecting to your online banking, what would you consider a secure number of digits in a multi-case, alpha-numeric password?

Collapse -
Again this depends on what you believe or will believe.
by R. Proffitt Forum moderator / February 6, 2012 12:49 AM PST

I think your NEW QUESTION is worth a NEW DISCUSSION.

But the reason password length does not matter for WiFi is discussed in other DEEP and LONG discussions where they go over the key exchange and what is revealed during the exchanges. This is why it didn't matter on the password strength.

When you change from WiFi to your banking passwords, that's another system and as such would have use starting a new discussion that has nothing to do with WiFi.
Bob

Collapse -
(NT) Thank You, I'll look for a previous discussion
by DerfX / February 6, 2012 3:37 AM PST
Collapse -
Many aspects.
by mjd420nova / February 4, 2012 12:45 AM PST
Another method added to all the others is MAC filtering and it would take a deft hacker to snoop your WIFI and spoof a MAC address to access your cable modem. I chose a router that has a light for each of its four WIFI links and the four hardwire links. This is import as it shows activity on the LAN and WAN too. Can go along way as a troubleshooting aid when dealing with issues on access points.
Popular Forums
icon
Computer Help 49,613 discussions
icon
Computer Newbies 10,349 discussions
icon
Laptops 19,436 discussions
icon
Security 30,426 discussions
icon
TVs & Home Theaters 20,308 discussions
icon
Windows 10 360 discussions
icon
Phones 15,802 discussions
icon
Windows 7 7,351 discussions
icon
Networking & Wireless 14,641 discussions

Tech Tip

Stuck without Internet and want to watch movies?

CNET shows you how to download movies and TV shows onto your device using Amazon Prime so you'll always be entertained.