wireless security ?

Discussion in 'Windows Desktop Systems' started by 350z4life, Mar 7, 2006.

  1. 350z4life

    350z4life OSNN Junior Addict

    Messages:
    11
    hi, new to the forums. Just curious about something. I read not too long ago about a guy that used someone's wirless connection outside of their homes to download illegal material (something sick like CP). What I wondered though, was would that show up on the actual owner's pc that was connected to the network. I would assume the only place it would show up was in the router's logs and their ISP. Would this be correct if they had a router/modem combo, such as 2wire or linksys and had pcs connected to that? I keep my wireless secure but just wondering if it could show up on your pc without you knowing it?
     
  2. falconguard

    falconguard Carbon based lifeform Political User Folding Team

    Messages:
    3,406
    Location:
    SoCal
    You are correct this would only show up in the routers logs and the ISP. The connected PC would not be affected becuase the traffic goes through the router.
     
  3. Shamus MacNoob

    Shamus MacNoob Moderator Political User

    Messages:
    4,199
    Location:
    L'Ile Perrot Quebec
    There are ways to check what pc's are connected to your router , I have a network scan that happens every 5 minutes and will show me the mac address of all computers connected to my home network.
     
  4. omg its nlm

    omg its nlm lvl 17 Hax Folding Team

    Messages:
    1,829
    Location:
    Minnesota
    How do you go about doing that? I recall something in my routers config page as well.
     
  5. mfarley

    mfarley OSNN Senior Addict Folding Team

    Messages:
    268
    Location:
    San Francisco Bay Area
    If you're worried about wireless security why are you running an open access point? Seal it up with WPA-AES and be done with it.
     
  6. Mainframeguy

    Mainframeguy Debiant by way of Ubuntu Folding Team

    Messages:
    3,763
    Location:
    London, UK
    Sent to me by PM....
    Thanks for thinking I know more than the others on here - but our collective KB is the one you want, so good you posted and better I found thread instead of starting another from your PM. I'm busy working right now - hope you are inside forum guidelines, know you will find the network people here (Lord is one and KCNY is another, among a cast of dozens!). GL with your assignment - or your illegal trafic!
     
  7. Son Goku

    Son Goku No lover of dogma

    As to your hard drive, no the file will not show up there... Most NICs don't run in permiscuous mode, so they'll only get the traffic that is addressed to them.

    OK, I haven't messed with wireless in the specific, but I imagine that with some of the routing, there is a bit of a commonality here. Beneath the level that IP functions at (which is where you get your logical IP address), there is a layer in the networking model refered to as the datalink layer. What's important here, is the part refered to as MAC (media access control). Each NIC has it's own MAC address, which is physically tied to the network card...

    When the router needs to access a given device, based on it's own routing table, it determines where to send it (in your case, out the wireless, or out the connection to your ISP, I'm imagining is your setup). It also grabs the physical address which associated to that IP. Because the MAC on your computer wouldn't be the same as on theirs, it would be addressed to their computer only. Nothing would show up on your hard drive, so no if the RIAA, law enforcement, or whoever came looking, there'd be nothing on your hard drive to implicate you with.

    However, you should still secure this. Because, as you have already guessed, the ISP could have a way of knowing what's going over your connection, and the ISP could hold you accountable for this. If someone breaks into your WAP, and commits a TOS violation (and illegal activities likely do fall under your terms of service agreement), it would be up to their discretion to decide how such a breach of TOS they might be engaging in, will be dealt with. Once you know this is going on, if you fail to do anything to secure your wireless, they could hold you accountable for what knew, but allowed to pass through your network circuit with them, anyhow... Afterall, the router is your own internal network (your hardware), which is under your control; just as their network is under their control. A prob with your routers or other networking hardware, that you have added to your connection (was not provided by them), would be deemed your responsibility.

    It would be adviseable to secure this, and if you need help figuring out how to secure it, to ask someone. It's also a way to cover your butt "I found out someone was doing X, and I have since secured my wireless, sorry..." vs. doing nothing at all, and allowing the activity to continue over your connection. But, your hard drive itself is safe...
     
    Last edited: Mar 8, 2006
    Brad likes this.
  8. Admiral Michael

    Admiral Michael Michaelsoft Systems CEO Folding Team

    Im interested to know what you have doing this, I use to have a program that did something similiar but A) Forgot the name and B) It was buggy and the interface left something to be desired.
     
  9. 350z4life

    350z4life OSNN Junior Addict

    Messages:
    11
    so i'm assuming even running in permiscuous mode wouldn't necesarily do anything unless you had software to analyze the packets, etc. Would you even pick up any information at all running in permiscuous and would the activity show up somewhere you could see it? I mean I would think if your computer was picking up other things you would know
     
  10. falconguard

    falconguard Carbon based lifeform Political User Folding Team

    Messages:
    3,406
    Location:
    SoCal
    There is software to set the computer to promiscuous, however it is not enabled by default, the software that will let you analyze those packets can/will set it to promiscuous. The software that will let you analyze usually lets you set the dump for packet analysis.
     
  11. 350z4life

    350z4life OSNN Junior Addict

    Messages:
    11
    thanks falconguard. I have been GOOGLEing this quite a bit but can't figure out if simply creating a bridge on a network would enable your wireless NIC to go into promiscuous mode or monitoring mode
     
  12. Admiral Michael

    Admiral Michael Michaelsoft Systems CEO Folding Team

    If you want to monitor packets then you can use Ethereal, it allows you to capture packets in promiscuous mode.
     
  13. 350z4life

    350z4life OSNN Junior Addict

    Messages:
    11
    ok, thanks Admiral, I guess what I'm getting after is your pc can't automatically analyze the packets, you have to have some kind of software running to do so
     
  14. Admiral Michael

    Admiral Michael Michaelsoft Systems CEO Folding Team

    as far as I kno, yes.
     
  15. 350z4life

    350z4life OSNN Junior Addict

    Messages:
    11
    do you know if simply bridging two connections on your pc would create a promiscuous or monitoring mode on your NIC?
     
  16. falconguard

    falconguard Carbon based lifeform Political User Folding Team

    Messages:
    3,406
    Location:
    SoCal
    nope, it does not work that way. Although, the next question would be are looking for something to analyze your network?
     
  17. 350z4life

    350z4life OSNN Junior Addict

    Messages:
    11
    uggh i'm confused, i have someone else telling me it has to or it would not make the bridge work
     
  18. LeeJend

    LeeJend Moderator

    Messages:
    5,291
    Location:
    Fort Worth, TX

    The data downloaded would not show up on your PC, BUT...

    If the person using your wireless had maliscious intent (using your IP to hack for criminal purposes, or if the hacker had a grudge against you) he could copy whatever he has done onto any unsecured machine on your network to leave a footprint incriminating you. You could not prove the files were put on your machine by someone else.

    Since the hack was done wireless directly into your LAN there is not even any chance of an external record showing someone had access.

    -Secure your wireless network with WAP and a strong key. Hide it's name.
    -Secure each PC.
    -Put a software firewall with inbound and outbound protection on every machine you own.

    The hacker could be a hardened criminal with a fraud record a mile long or the techie nerd down the block who's pissed you didn't buy his little sisters girl scout cookies.

    :nervous:

    Or as I've said before. Do you leave your car doors open and the keys on the dash? Do you leave your front door wide open all night?

    No. Then lock up your computer system too. It can cost you a lot more than a stolen car, TV or stereo. It can cost your reputation, your job, and your financial identity.
     
  19. falconguard

    falconguard Carbon based lifeform Political User Folding Team

    Messages:
    3,406
    Location:
    SoCal
    Ok, now you have me confused what are you trying to do? What do you have, as far as equipment?
     
  20. 350z4life

    350z4life OSNN Junior Addict

    Messages:
    11
    sorry not trying to be confusing, just wondering if, when using xp in windows.

    Say you have two connections listed in your My Connections folder, and you set those up as a bridge. Does that change your NIC card to permiscuous or monitor mode?