New Posts  All Forums:Forum Nav:

net sniffers help - Page 4

post #31 of 48
Thread Starter 
well folks ive found the problem or the culprit behind my wifi troubles.

as i said in my previous post about looking through my next door neighbours router logs i found 3 macs that didnt belong to him as he only has a laptop & a xbox and ive checked them out for him.

anyway 2 of these macs are connecting to an AP called ournet69, which is a hidden ssid aswell?

so i wanted my mates kids iphone to trace the AP to an address but hes at school so instead loaded BTrack on my lappy & went walking the street to close in on the signal.

anyways found the address its coming from across the street & banged on the door. No answer? hmmm

someone is in their as my neighb said he seen someone at the upstairs window
someone is on their wifi & coincidently theres one of the two cars on the drive?

also the people who live there, moved in about 2-3 years ago. it all adds up to be honest.

speaking with my mate i asked him do you know if they have hacked your emails or anything like that.

he said i dont think so, then he said that his facebook said some stuff a while ago. but cant remember what it said.

im gonna go back over later when the other car is there and see what they have to say?

i know everyone here thinks theres more to it than wifi hacking & well so do i

but it does not mean it didnt start out that way.

i also understand that it could well not be this person & someone else using there wifi aswell?

one thing im sure about though that someone is hacking/sniffing peoples wifi round here & the evidence is mounting up.

lets see if they let me look at there equipment & see what they have to say about it. the thing thats really funny though if it wasnt them then why are they hiding?

when i get my hands on the little bugger im gonna snap his neck!!!

ill be honest at one point i knew nothing about wifi i had a router with wep only, it got hacked?

i got a new router setup wpa-tkip it got hacked. the key was korruptedkaos?

i got a new router again setup wpa2-aes setup with a 26 key password & it got deauthed constantly plus odd clients with my mac addresses connecting when i hadnt. even after restrting router.

got another router current one i have & i had to set wpa2 mixed mode in order for my android to be able to connect for some reason?

im not so stupid anymore obviously i know bruteforcing a wpa2 aes password with a dictionary file is near impossiblse. it doesnt mean its not possible.

oh im still gonna get a new router tommorrow 'just for peace of mind' looking at the linksys e2000 now as it will match my rig black & silver.
The Hot Minion
(19 items)
 
THE DON MINION
(7 items)
 
Grandpa Minion
(11 items)
 
CPUMotherboardGraphicsRAM
i7 3770k x47 1.288v e1 Asrock z77 extreme6 2x XFX 7990 Quadfire 16gb gskill 1866 
Hard DriveOptical DriveCoolingCooling
2x Corsair force 3 120GB pioneer dvdrw/bdrw XSPC Raystorm EK Coolstream 360  
CoolingCoolingCoolingOS
EK Coolstream 240 Alphacool D5 with HF Top 2x EK 7990 SE alcatel/nickel blocks Win7 ultimate 
MonitorKeyboardPowerCase
24'' AOC 1080p x3 + 42'' LG 3DTV saitek eclipse enermax revolution 1050w nzxt switch 810 
Audio
Xifi titanium 
CPUMotherboardGraphicsRAM
i7 4790k 4.7ghz MSI Z87 GD65  3x XFX R9 280x GSKILL 16GB DDR3  
Hard DrivePowerCase
2x 240GB Corsair 3 SSD EVGA 1000w P2 Corsair carbide 540 air 
CPUMotherboardGraphicsRAM
i7 920 @ 4.0ghz Asrock X58 Extreme fully WC 3x XFX R9 280X 3GB 16GB GSKILL 1600mhz 
Hard DriveOptical DriveCoolingOS
2x 120gb mushkin chronus SAMSUNG DVDRW EK SUPREME HF+ 360+240 rad win7 ultimate 
MonitorPowerCase
3x aoc's through kvm's CORSAIR TX850M RC1000 COSMOS 
  hide details  
Reply
The Hot Minion
(19 items)
 
THE DON MINION
(7 items)
 
Grandpa Minion
(11 items)
 
CPUMotherboardGraphicsRAM
i7 3770k x47 1.288v e1 Asrock z77 extreme6 2x XFX 7990 Quadfire 16gb gskill 1866 
Hard DriveOptical DriveCoolingCooling
2x Corsair force 3 120GB pioneer dvdrw/bdrw XSPC Raystorm EK Coolstream 360  
CoolingCoolingCoolingOS
EK Coolstream 240 Alphacool D5 with HF Top 2x EK 7990 SE alcatel/nickel blocks Win7 ultimate 
MonitorKeyboardPowerCase
24'' AOC 1080p x3 + 42'' LG 3DTV saitek eclipse enermax revolution 1050w nzxt switch 810 
Audio
Xifi titanium 
CPUMotherboardGraphicsRAM
i7 4790k 4.7ghz MSI Z87 GD65  3x XFX R9 280x GSKILL 16GB DDR3  
Hard DrivePowerCase
2x 240GB Corsair 3 SSD EVGA 1000w P2 Corsair carbide 540 air 
CPUMotherboardGraphicsRAM
i7 920 @ 4.0ghz Asrock X58 Extreme fully WC 3x XFX R9 280X 3GB 16GB GSKILL 1600mhz 
Hard DriveOptical DriveCoolingOS
2x 120gb mushkin chronus SAMSUNG DVDRW EK SUPREME HF+ 360+240 rad win7 ultimate 
MonitorPowerCase
3x aoc's through kvm's CORSAIR TX850M RC1000 COSMOS 
  hide details  
Reply
post #32 of 48
Quote:
Originally Posted by Coma View Post
WPA2 should be secure - if he's still getting past it, it must be something else, like a weak password. Or maybe he's not even doing anything with your wireless.

For the record, wireless encryption does encrypts the packets... if it didn't, there would be no point.

You don't really understand what you're doing, so just set up WPA2 with PSK and use a strong password. Everything else you plan on doing will just be a waste of time and money.

Also install Windows again and don't fall for social engineering.
PSK has been cracked and should be not used anymore as WPA2-CCMP is the only way for now until a newer standard comes along.

http://www.net-security.org/secworld.php?id=7962

CCMP is just AES with some minor adjustments for Wireless.

I assume you got a Home Gateway SOHO than you need to make sure your public key/passpharse is long and complex to access your network.
Edited by wolf_08 - 7/22/11 at 7:16am
post #33 of 48
If you factory reset your current router, it will be the same as getting a new one. Just factory reset and use come crazy passphrase.

Obviously that is in addtion to the other things we talked about, formatting, reinstalling, etc.

But a new wireless network on a "new" machine that is adequatley protected should solve the problem unless you are living nextdoor to Neo or you have somehow pissed off the guys at Anon or Lulz
Edited by tats - 7/22/11 at 7:26am
post #34 of 48
Thread Starter 
hey wolf had a quick scan of that doc on becks tews?

is using wpa2 mixed mode is this the vunerable part cause unless i connect with my android it uses wpa2-aes ccmp psk?

the only time it switches to tkip is if i connect with my android, which i rarely do anyway.

im still waiting for that other car to turn up ?

does that doc basicly mean replaying arp packets can falsify an authentication onto the network?
The Hot Minion
(19 items)
 
THE DON MINION
(7 items)
 
Grandpa Minion
(11 items)
 
CPUMotherboardGraphicsRAM
i7 3770k x47 1.288v e1 Asrock z77 extreme6 2x XFX 7990 Quadfire 16gb gskill 1866 
Hard DriveOptical DriveCoolingCooling
2x Corsair force 3 120GB pioneer dvdrw/bdrw XSPC Raystorm EK Coolstream 360  
CoolingCoolingCoolingOS
EK Coolstream 240 Alphacool D5 with HF Top 2x EK 7990 SE alcatel/nickel blocks Win7 ultimate 
MonitorKeyboardPowerCase
24'' AOC 1080p x3 + 42'' LG 3DTV saitek eclipse enermax revolution 1050w nzxt switch 810 
Audio
Xifi titanium 
CPUMotherboardGraphicsRAM
i7 4790k 4.7ghz MSI Z87 GD65  3x XFX R9 280x GSKILL 16GB DDR3  
Hard DrivePowerCase
2x 240GB Corsair 3 SSD EVGA 1000w P2 Corsair carbide 540 air 
CPUMotherboardGraphicsRAM
i7 920 @ 4.0ghz Asrock X58 Extreme fully WC 3x XFX R9 280X 3GB 16GB GSKILL 1600mhz 
Hard DriveOptical DriveCoolingOS
2x 120gb mushkin chronus SAMSUNG DVDRW EK SUPREME HF+ 360+240 rad win7 ultimate 
MonitorPowerCase
3x aoc's through kvm's CORSAIR TX850M RC1000 COSMOS 
  hide details  
Reply
The Hot Minion
(19 items)
 
THE DON MINION
(7 items)
 
Grandpa Minion
(11 items)
 
CPUMotherboardGraphicsRAM
i7 3770k x47 1.288v e1 Asrock z77 extreme6 2x XFX 7990 Quadfire 16gb gskill 1866 
Hard DriveOptical DriveCoolingCooling
2x Corsair force 3 120GB pioneer dvdrw/bdrw XSPC Raystorm EK Coolstream 360  
CoolingCoolingCoolingOS
EK Coolstream 240 Alphacool D5 with HF Top 2x EK 7990 SE alcatel/nickel blocks Win7 ultimate 
MonitorKeyboardPowerCase
24'' AOC 1080p x3 + 42'' LG 3DTV saitek eclipse enermax revolution 1050w nzxt switch 810 
Audio
Xifi titanium 
CPUMotherboardGraphicsRAM
i7 4790k 4.7ghz MSI Z87 GD65  3x XFX R9 280x GSKILL 16GB DDR3  
Hard DrivePowerCase
2x 240GB Corsair 3 SSD EVGA 1000w P2 Corsair carbide 540 air 
CPUMotherboardGraphicsRAM
i7 920 @ 4.0ghz Asrock X58 Extreme fully WC 3x XFX R9 280X 3GB 16GB GSKILL 1600mhz 
Hard DriveOptical DriveCoolingOS
2x 120gb mushkin chronus SAMSUNG DVDRW EK SUPREME HF+ 360+240 rad win7 ultimate 
MonitorPowerCase
3x aoc's through kvm's CORSAIR TX850M RC1000 COSMOS 
  hide details  
Reply
post #35 of 48
have you tried changing the master password to the routers admin login? or have you left it set as "password" probably not, but it helps to change that password to something only you know and can remember

I my self have had a similar problem like that and once I realized I left admin password set as default, I changed it, and regularly since and no more intrusions afterwards
post #36 of 48
Quote:
Originally Posted by DuckieHo View Post
#1 and #2 won't do that much if they already know how to break encyption.


Are you at least using WPA2?
#2 won't even help if you can spoof your MAC Address...
Naomi
(16 items)
 
  
CPUMotherboardGraphicsGraphics
Intel i5 2500k Asus Maximus IV Extreme EVGA GTX 560 TI SC EVGA GTX 560 TI SC 
RAMHard DriveOptical DriveCooling
x2 4GB DDR3 1600 OCZ Solid 3 SLD3-25SAT3-120G Optiarc BD RW BD-5300S Corsair H100 Liquid Unit 
OSMonitorPowerCase
Windows 7 64-bit Asus 24 Monitor Corsair AX 750 Gold MYOPENPC DOMA Pro PCI Black Transparent Acrylic... 
MouseAudio
Razer Imperator On-Board 
  hide details  
Reply
Naomi
(16 items)
 
  
CPUMotherboardGraphicsGraphics
Intel i5 2500k Asus Maximus IV Extreme EVGA GTX 560 TI SC EVGA GTX 560 TI SC 
RAMHard DriveOptical DriveCooling
x2 4GB DDR3 1600 OCZ Solid 3 SLD3-25SAT3-120G Optiarc BD RW BD-5300S Corsair H100 Liquid Unit 
OSMonitorPowerCase
Windows 7 64-bit Asus 24 Monitor Corsair AX 750 Gold MYOPENPC DOMA Pro PCI Black Transparent Acrylic... 
MouseAudio
Razer Imperator On-Board 
  hide details  
Reply
post #37 of 48
Thread Starter 
tats who is neo?

i feel like its anon or lulz haha!

i want the 5ghz cause even if i reset this router it doesnt stop them sniffing around again.

anyway im 99% sure its that guy across the road. ill let you guys know what happens later
The Hot Minion
(19 items)
 
THE DON MINION
(7 items)
 
Grandpa Minion
(11 items)
 
CPUMotherboardGraphicsRAM
i7 3770k x47 1.288v e1 Asrock z77 extreme6 2x XFX 7990 Quadfire 16gb gskill 1866 
Hard DriveOptical DriveCoolingCooling
2x Corsair force 3 120GB pioneer dvdrw/bdrw XSPC Raystorm EK Coolstream 360  
CoolingCoolingCoolingOS
EK Coolstream 240 Alphacool D5 with HF Top 2x EK 7990 SE alcatel/nickel blocks Win7 ultimate 
MonitorKeyboardPowerCase
24'' AOC 1080p x3 + 42'' LG 3DTV saitek eclipse enermax revolution 1050w nzxt switch 810 
Audio
Xifi titanium 
CPUMotherboardGraphicsRAM
i7 4790k 4.7ghz MSI Z87 GD65  3x XFX R9 280x GSKILL 16GB DDR3  
Hard DrivePowerCase
2x 240GB Corsair 3 SSD EVGA 1000w P2 Corsair carbide 540 air 
CPUMotherboardGraphicsRAM
i7 920 @ 4.0ghz Asrock X58 Extreme fully WC 3x XFX R9 280X 3GB 16GB GSKILL 1600mhz 
Hard DriveOptical DriveCoolingOS
2x 120gb mushkin chronus SAMSUNG DVDRW EK SUPREME HF+ 360+240 rad win7 ultimate 
MonitorPowerCase
3x aoc's through kvm's CORSAIR TX850M RC1000 COSMOS 
  hide details  
Reply
The Hot Minion
(19 items)
 
THE DON MINION
(7 items)
 
Grandpa Minion
(11 items)
 
CPUMotherboardGraphicsRAM
i7 3770k x47 1.288v e1 Asrock z77 extreme6 2x XFX 7990 Quadfire 16gb gskill 1866 
Hard DriveOptical DriveCoolingCooling
2x Corsair force 3 120GB pioneer dvdrw/bdrw XSPC Raystorm EK Coolstream 360  
CoolingCoolingCoolingOS
EK Coolstream 240 Alphacool D5 with HF Top 2x EK 7990 SE alcatel/nickel blocks Win7 ultimate 
MonitorKeyboardPowerCase
24'' AOC 1080p x3 + 42'' LG 3DTV saitek eclipse enermax revolution 1050w nzxt switch 810 
Audio
Xifi titanium 
CPUMotherboardGraphicsRAM
i7 4790k 4.7ghz MSI Z87 GD65  3x XFX R9 280x GSKILL 16GB DDR3  
Hard DrivePowerCase
2x 240GB Corsair 3 SSD EVGA 1000w P2 Corsair carbide 540 air 
CPUMotherboardGraphicsRAM
i7 920 @ 4.0ghz Asrock X58 Extreme fully WC 3x XFX R9 280X 3GB 16GB GSKILL 1600mhz 
Hard DriveOptical DriveCoolingOS
2x 120gb mushkin chronus SAMSUNG DVDRW EK SUPREME HF+ 360+240 rad win7 ultimate 
MonitorPowerCase
3x aoc's through kvm's CORSAIR TX850M RC1000 COSMOS 
  hide details  
Reply
post #38 of 48
Like others suggested, beef up the security put some massive 63 ASCII symbols for WPA2 passphrase, go crack that... there are also vpn providers which you can use to protect yourself from network sniffing > StrongVPN is good, VPNTunnel.se is swedish and has unlimited bandwidth and they dont store logs if you use their swedish servers.
the machine
(16 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 4690K @ 4.4 Asus Sabertooth Z97 Mark II MSI GTX 970 G.Skill Sniper 8GB 2133 
Hard DriveCoolingOSMonitor
Samsung 850 EVO 250GB Cryorig R1 Ultimate Windows 7 Ultimate BenQ XL2411Z v2 
KeyboardPowerCaseMouse
Corsair K70 Seasonic P-660 Define S Logitech G303 
Mouse PadAudioAudioAudio
Qpad UC-90 O2+ODAC revB Sennheiser HD 600 Samson Go Mic 
  hide details  
Reply
the machine
(16 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 4690K @ 4.4 Asus Sabertooth Z97 Mark II MSI GTX 970 G.Skill Sniper 8GB 2133 
Hard DriveCoolingOSMonitor
Samsung 850 EVO 250GB Cryorig R1 Ultimate Windows 7 Ultimate BenQ XL2411Z v2 
KeyboardPowerCaseMouse
Corsair K70 Seasonic P-660 Define S Logitech G303 
Mouse PadAudioAudioAudio
Qpad UC-90 O2+ODAC revB Sennheiser HD 600 Samson Go Mic 
  hide details  
Reply
post #39 of 48
Quote:
Originally Posted by korruptedkaos View Post
tats who is neo?

i feel like its anon or lulz haha!

i want the 5ghz cause even if i reset this router it doesnt stop them sniffing around again.

anyway im 99% sure its that guy across the road. ill let you guys know what happens later
Neo from the matrix...
post #40 of 48
Quote:
Originally Posted by korruptedkaos View Post
well folks ive found the problem or the culprit behind my wifi troubles.

as i said in my previous post about looking through my next door neighbours router logs i found 3 macs that didnt belong to him as he only has a laptop & a xbox and ive checked them out for him.

anyway 2 of these macs are connecting to an AP called ournet69, which is a hidden ssid aswell?
How do you know those MAC addresses are connected to that AP?

Quote:
Originally Posted by korruptedkaos View Post
so i wanted my mates kids iphone to trace the AP to an address but hes at school so instead loaded BTrack on my lappy & went walking the street to close in on the signal.

anyways found the address its coming from across the street & banged on the door. No answer? hmmm

someone is in their as my neighb said he seen someone at the upstairs window
someone is on their wifi & coincidently theres one of the two cars on the drive?

also the people who live there, moved in about 2-3 years ago. it all adds up to be honest.

speaking with my mate i asked him do you know if they have hacked your emails or anything like that.

he said i dont think so, then he said that his facebook said some stuff a while ago. but cant remember what it said.

im gonna go back over later when the other car is there and see what they have to say?

i know everyone here thinks theres more to it than wifi hacking & well so do i

but it does not mean it didnt start out that way.

i also understand that it could well not be this person & someone else using there wifi aswell?

one thing im sure about though that someone is hacking/sniffing peoples wifi round here & the evidence is mounting up.

lets see if they let me look at there equipment & see what they have to say about it. the thing thats really funny though if it wasnt them then why are they hiding?

when i get my hands on the little bugger im gonna snap his neck!!!
I personally wouldn't go over to a random persons residence and accuse them of a crime. Even if they are doing it, going over there solves nothing.


Quote:
Originally Posted by korruptedkaos View Post
ill be honest at one point i knew nothing about wifi i had a router with wep only, it got hacked?

i got a new router setup wpa-tkip it got hacked. the key was korruptedkaos?
Way to pick a non obvious key . . . NEVER use a name that is publicly on the internet as a password.

Quote:
Originally Posted by korruptedkaos View Post
i got a new router again setup wpa2-aes setup with a 26 key password & it got deauthed constantly plus odd clients with my mac addresses connecting when i hadnt. even after restrting router.

got another router current one i have & i had to set wpa2 mixed mode in order for my android to be able to connect for some reason?

im not so stupid anymore obviously i know bruteforcing a wpa2 aes password with a dictionary file is near impossiblse. it doesnt mean its not possible.

oh im still gonna get a new router tommorrow 'just for peace of mind' looking at the linksys e2000 now as it will match my rig black & silver.
It does sound like someone is messing with your wifi. They are causing the deauth to try to capture the authorization packets. The odd clients with your MAC address are them spoofing it in case you are filtering MAC addresses.


HOWEVER, just because they are trying to get in doesn't mean that they can get in. If they actually are, then you are either using passwords that they know or easy passwords, your computer is infected, or they are they have physical access to your LAN.

There is no point to buying a new router other then to lighten your wallet.

This is what I would do:

1. Do a full factory reset of that router. (Usually this involves holding down the recessed restart button for ~10 sec)

2. Change the admin password for the router to something hard. Ex. "ht%54Frs&UhY"

3. Change your SSID to something fun like "FBI Surveillance Van #42"

4. Enable WPA 2 encryption. Use AES/CCMP, and make the key something very random. Ex. "ch5/'$d!\\S$1rxt/G{-E`W4Y)9iT.[V`z8nX'h/;;N\\<|<IJ9lZVrTM_=F%GAPY"

5. Change all of the passwords for you verious accounts. Ex. Email, Amazon, Newegg, Steam, etc.

IMO it does sound like you may have some type of malware on one of the computers in your network.
Edited by AtomicFrost - 7/22/11 at 7:57am
ColdCut
(14 items)
 
YetiKube
(19 items)
 
 
CPUMotherboardGraphicsRAM
5960x Asus Rampage V Extreme  XFX 295x2 Core Hydro Edition CORSAIR Vengeance LPX 16GB DDR4 2800 
Hard DriveHard DriveHard DriveOptical Drive
Samsung 850 Pro  Samsung 850 EVO Western Digital Black 3TB  LG Bluray Burner 16x 
CoolingOSMonitorPower
H110i GT Windows 8.1 Pro Asus 4k Corsair AX1500i  
CaseAudio
Corsair 900D Stock 
CPUMotherboardGraphicsRAM
(1) 2500K ASRock Extreme3 Gen3 GTX 780 Classified Mushkin 996995 DDR3 1600 (2 Sticks) 
Hard DriveHard DriveHard DriveOptical Drive
Samsung 840 Pro (1) 150GB Western Digital Raptor (1) 1TB Western Digital Black Caviar (1) Samsung SATA DVD Burner 
CoolingOSMonitorKeyboard
Antec Kuhler H2O 620 Windows 8.1 LG 21:9 Ultrawide 34" 3440x1440 Filco 114 key (Blue Cherry) / HHKB Pro 2 
PowerCaseMouseMouse Pad
Corsair HX850W - 850W Mountain Mods - U2 UFO Orginal - Gloss Black Logitech G400 / Razer Deathadder BE Razer Goliathus Extended / Artisan Hien VE (Sof... 
AudioOtherOther
Creative Sounds Blaster X-FI Titanium HD Asus USB N-53 Wireless USB adapter  12 Case Fans 
  hide details  
Reply
ColdCut
(14 items)
 
YetiKube
(19 items)
 
 
CPUMotherboardGraphicsRAM
5960x Asus Rampage V Extreme  XFX 295x2 Core Hydro Edition CORSAIR Vengeance LPX 16GB DDR4 2800 
Hard DriveHard DriveHard DriveOptical Drive
Samsung 850 Pro  Samsung 850 EVO Western Digital Black 3TB  LG Bluray Burner 16x 
CoolingOSMonitorPower
H110i GT Windows 8.1 Pro Asus 4k Corsair AX1500i  
CaseAudio
Corsair 900D Stock 
CPUMotherboardGraphicsRAM
(1) 2500K ASRock Extreme3 Gen3 GTX 780 Classified Mushkin 996995 DDR3 1600 (2 Sticks) 
Hard DriveHard DriveHard DriveOptical Drive
Samsung 840 Pro (1) 150GB Western Digital Raptor (1) 1TB Western Digital Black Caviar (1) Samsung SATA DVD Burner 
CoolingOSMonitorKeyboard
Antec Kuhler H2O 620 Windows 8.1 LG 21:9 Ultrawide 34" 3440x1440 Filco 114 key (Blue Cherry) / HHKB Pro 2 
PowerCaseMouseMouse Pad
Corsair HX850W - 850W Mountain Mods - U2 UFO Orginal - Gloss Black Logitech G400 / Razer Deathadder BE Razer Goliathus Extended / Artisan Hien VE (Sof... 
AudioOtherOther
Creative Sounds Blaster X-FI Titanium HD Asus USB N-53 Wireless USB adapter  12 Case Fans 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security