View Full Version : Im frought. (Open wireless networks)
tigga
10-07-2004, 01:29 PM
Yesterday I took delivery of a CF WIFI card for my 2210 (a "make do" solution until i decide on an integrated unit).
I set it up with my network no worries at all after entering the security codes etc.
I decided to drive around my town (about 2 miles in perimeter) just out of pure curiosity to see if there were any other networks around. I was amazed, 14 in total - which for a remote rural town supprised me.
What troubled me the most was of the 14 networks, 11 were not protected and 8 of the 11 had not even changed their default settings within their router. 8O
Luckly for them, im not a melicious guy, im sure with 10 seconds playing i could have caused major problems with their respective systems...
Someone could easily upload "questionalble" content to their network and phone the police with a "kiddy fiddler" type tip off. The owner would be totally unaware of the actions of others and be liable for any crime's consiquences.
This is incredible, is my home town backwards - or is this common throughout the Uk and/or world ?
don't be shocked. It's exceedingly common.
in the 3km from my home to work and back again, I can sniff anywhere between 150 and 200 APs and usually I've found the world over that 60% or more are insecure.
The only supplied units I know of that have encryption on are from 2WIRE in the US.
Brad Adrian
10-07-2004, 02:48 PM
This kind of thing in incredibly common. People (and especially businesses) get concerned about the security of wireless computing, but the only cases I've seen in which a WLAN has been successfully hacked it's been due to either a) insider information, or b) a lack of even basic precautions.
Stephen Beesley
10-08-2004, 12:00 PM
This kind of thing in incredibly common. People (and especially businesses) get concerned about the security of wireless computing, but the only cases I've seen in which a WLAN has been successfully hacked it's been due to either a) insider information, or b) a lack of even basic precautions.
I am suprised how many businesses in particular do not have even WEP security on their wifi network access. While waiting for a DART (Dublin's Suburban rail system) yesterday I detected two un-protected networks from the nearby office block - home mainly to a couple of big communications companies. What suprised me almost as much as the lack of protection was that I could pick up a signal at all being about 200 metres from the nearest building and the signal was registering at about 60%. If you are going to broadcast such a strong Wifi signal you would want to take some precautions!
Steven Cedrone
10-08-2004, 12:42 PM
I am suprised how many businesses in particular do not have even WEP security on their wifi network access. While waiting for a DART (Dublin's Suburban rail system) yesterday I detected two un-protected networks from the nearby office block - home mainly to a couple of big communications companies. What suprised me almost as much as the lack of protection was that I could pick up a signal at all being about 200 metres from the nearest building and the signal was registering at about 60%. If you are going to broadcast such a strong Wifi signal you would want to take some precautions!
I have been to a few large businesses in the US where I found open networks. After telling the network guys about it, I was told that they offered that as a "service" to their visitors. The open networks were completely seperate from the company network (like bringing in a DSL and just hanging a WAP on it for anyone to use)...
Steve
JTWise
10-08-2004, 06:18 PM
I too have seen this in my neighborhood - there are two unsecured networks that I can receive in my house. I am not sure what neighbors have them. I am pretty sure that these folks don't realize the danger in what they are doing.
Being a good neighbor, I would like to warn these folks that their network is unsecured and help them secure them (if they would like). However, being wireless, I don't know who they are. Any tips on methods to find them (trying to warwalk to find house, sending message over network, etc)?
All in all, it is rather scary how open these people are. One of the APs was using the channel I needed for my 108 Speedbooster, and i was able to log on to their router and change it to a different channel to eliminate the interference because they were using standard IP, username, and password. I felt guilty about doing this :oops: , thus being why I would like to find them and educate them. What's your thoughts?
buckyg
10-08-2004, 09:03 PM
I'm wondering the same thing. I just did a hard reset to clean things up and in setting up wifi, found 2 open APs. Previously, there was only one. I'm thinking I know who the new one is, some recent new neighbors.
Part of me says to be a good neighbor. Part of me's nervous that they'll get all paranoid about what *I* might have done and why *WAS* I snooping around? If I do find them and it gets to that, will show them how easy I used PocketWinC to connect to their network.
Zoot mentioned 2WIRE having WEP turned on. The 2 open APs in my neighborhood are 2WIRE. WEP is turned on. If there's any folks here who have a 2WIRE with wifi running that have not setup their security: Out of curiousity, all I did was selected the AP and clicked "Get WEP Key and Connect". Ta-da! Now, I got right out, but I'm a relative wifi newbie using a helper program. If I were a hacker type, well, you see the problem...
JTWise
10-09-2004, 03:32 AM
Zoot mentioned 2WIRE having WEP turned on. The 2 open APs in my neighborhood are 2WIRE. WEP is turned on. If there's any folks here who have a 2WIRE with wifi running that have not setup their security: Out of curiosity, all I did was selected the AP and clicked "Get WEP Key and Connect". Ta-da!
If that is true 2WIRE is doing both a favor and a dis-service to their customers. It is nice in that anyone using a sniffing program will most likely see that little WEP symbol and move on. It is also a dis-service since their customers think that they are protected because WEP is enabled but don't realize that they are handing the key out to anyone that requests it.
In these days of $20 802.11b routers, I only see unsecured APs becoming even more common than they already are. It is sad that these folks are unprotected without even knowing it. I guess it is caveat emptor, and it is to the our advantage. Who is going to hack my network with 128bit WEP, no SSID broadcasting, DNS turned of, and MAC address filtering when they can simply log on to the two insecure networks!!!
Ultima
10-09-2004, 05:42 PM
I was setting up a wireless bridge in my house, and my neighbor's access point must have been closer, because the bridge decided to automatically hop onto that network instead of the one I set up.
He was even sharing his printer and files, I didn't bother looking at the files (that would be naughty) but I did print a message to his printer. It said "YOUR WIRELESS NETWORK IS WIDE OPEN, ANYBODY CAN GRAB FILES OFF YOUR COMPUTER OR PRINT TO YOUR PRINTER" in nice, 70 pt font. :)
OSUKid7
10-09-2004, 06:55 PM
...I did print a message to his printer. It said "YOUR WIRELESS NETWORK IS WIDE OPEN, ANYBODY CAN GRAB FILES OFF YOUR COMPUTER OR PRINT TO YOUR PRINTER" in nice, 70 pt font. :)I've wanted to do that to my neighbors so many times.
Open wireless networks are a pain. Ignorant people are the problem though. A few weeks ago, I was fixing one of my neighbor's wireless networks. The problem was he could no longer print to a shared printer. After changing the network name (from linksys) and turning on WEP, I noticed that Windows still found a "linksys" network in addition to the one I had just renamed. I wasn't too alarmed, but I wanted to make sure I had renamed the right network. Good thing I checked! I had actually renamed someone else's network! Apparently this other AP was closer to the computer than their own AP. Glad I checked that. :lol:
Ultima
10-10-2004, 03:18 AM
Yes, rogue open access points are a pain, but not nearly as much of a pain as people who know "how to configure my router perfectly." One of my friends online used to be booted out of the online game we play quite frequently because his wireless network overlapped his neighbors wireless network, and although my friend tried changing his own channel, this neighbor in question kept changing his to the same channel which caused instability. The issue was this particular neighbor liked using his laptop in the back yard....and thus installed signal boosters like crazy. He knew this because he had a talk with the guy. It's a high power omni directional antenna the guy bought online somewhere, which was the source of the problem. The neighbor kept changing his network to same channel "to avoid interference"... despite my friend telling the guy it was ruining his online experience. He tried several times to convince the guy to stop, and even offered to buy the neighbor a directional antenna so the signal would not overlap his network... no go, the guy was too stubborn and stated that he "knew how this all worked."
My friend snapped, and looked in the manual online for the router of his neighbor (which was a netgear, I believe), and found the default password (user: admin, password:password), logged into his neighbors router, set it down to 0.5Mbps (from 54) and changed the default password (the new password was "moron"), effectively locking his annoying neighbor at pitiful speeds and out of the router.
After a few days, the neighbor knocked on his door, asking what had happened and if he had any clue why his router would not let him in... and that his speeds were awful, and my friend convinced him that certain shoddy antennas have a chance of frying the router, so the guy went out and bought a different router and the directional antenna, and although he keeps changing it to same channel, my friend no longer gets knocked off.
Thus, my friend and I have both concluded that the problem really isn't with routers which operate fully open by default, but rather the users that don't know how to properly configure them. If you leave them alone, the more knowledgeable people will work around the issue of them existing (such as using a different channel). Once the people that really shouldn't start touching technology like this is when the problem REALLY starts.
sh123469
10-28-2004, 11:26 PM
Ultima,
If you are in the US, a complaint to the FCC would have done the trick. I am sure you know that, by law, he is forbidden to cause any interference with anyone else's network if there is anything he can do about it or stop using his transmitting equipment.
I like your approach to the problem too. :)
You could always have just ridden hisw network.,
Steve
vBulletin® v3.8.9, Copyright ©2000-2019, vBulletin Solutions, Inc.