David Fairbrother <(E-Mail Removed)> hath wroth:
>Look in the DHCP Active Clients/Active IP table of your router. If there
>are any entries there that don't appear to be on your network, do a
>release on them and change your WEP/WPA keys immediately.
If he had an evil hacker (like me) on his wireless network, that knew
what he was doing, the evil hacker would assign the necessary static
IP to his wireless client (along with the gateway, netmask, and DNS
servers). The evil hacker would never appear in the DHCP lease table.
However, the evil hacker will appear in the ARP table (list of MAC
addresses and corresponding IP addresses), which unfortunately most
cheap routers do not display.
>I'm assuming that you are using WPA and have set a password other than
>the defaults, in which case there's a reasonable chance you're secure.
Agreed. WPA or WPA2 is one's primary security mechanism. WEP is next
to useless.
However, WPA-PSK has a problem (other than it can be cracked by brute
force interation if too short a key is used). The problem is the
security of the shared key. If the evil hacker has access to one of
the owners wireless computers, a somewhat usable form of the WPA-PSK
key can be extracted from the Windoze registry as in:
<http://www.wirelessdefence.org/Contents/Aircrack-ng_WinWzcook.htm>
<http://www.aircrack-ng.org/doku.php?id=tools&DokuWiki=155e3c0ce52dd0d9b291a27 bab8d7847#wzcook>
--
Jeff Liebermann
(E-Mail Removed)
150 Felker St #D
http://www.LearnByDestroying.com
Santa Cruz CA 95060
http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
Similar Threads
Linear Mode
