Intrusion possible?

I have d-link wireless router DI614+. Its always on. Is it possible that
somebody with a wireless enabled PC uses my internet connection even when
my PC is switched off? I use 64 bit WEP encryption on the router. Tardus

On Wed, 28 Sep 2005 21:59:13 +0200, "Tardus_merula"
<(E-Mail Removed)> wrote:

>I have d-link wireless router DI614+. Its always on. Is it possible that
>somebody with a wireless enabled PC uses my internet connection even when
>my PC is switched off?

Yes. The PC probably is not necessary to connect the DI-614+ to the
internet. There are some SBC PPPoE clients that a controlled by the
PC which do require that the PC first login, but those are few.

> I use 64 bit WEP encryption on the router. Tardus

Useless. WEP64 can be cracked in about 15 minutes of sniffing.


--
# Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
# 831.336.2558 voice Skype: JeffLiebermann
# http://www.LearnByDestroying.com AE6KS
# http://802.11junk.com
# (E-Mail Removed)
# (E-Mail Removed)

On Wed, 28 Sep 2005 21:59:13 +0200, Tardus_merula wrote:

> I have d-link wireless router DI614+. Its always on. Is it possible that
> somebody with a wireless enabled PC uses my internet connection even when
> my PC is switched off? I use 64 bit WEP encryption on the router. Tardus

Yes - if your cable modem or dsl modem is turned on it is possible for
someone to use your internet connection even with WEP.

Tardus_merula wrote:
> I have d-link wireless router DI614+. Its always on. Is it possible that
> somebody with a wireless enabled PC uses my internet connection even when
> my PC is switched off? I use 64 bit WEP encryption on the router. Tardus
>
>

First off - Linksys is the way to go - its cisco's version of products
for the home. I havn't used D-Link with wireless however I know with
the Linksys routers you can setup a list to restrict which MAC addresses
can access your Wireless Internet. I have it setup to accept 3 MAC
addresses, two are used and the other is sitting next to my linux box.
There are 3 people who are trying to connect but can't because of that.

If you can do that in D-Link, provided its fesable, which unless your
running it as a wireless access point it is (and i doubt sence you care
who is connecting.) definatly do it. It will keep everyone out except
those who you want in.

--
Meph

On Thu, 29 Sep 2005 01:19:45 GMT, teh Mephisto <(E-Mail Removed)>
wrote:

>First off - Linksys is the way to go - its cisco's version of products
>for the home.

I can see where you got that impression but reality is quite
different. Cisco has adopted an "hands off" policy toward running
Linksys since they bought it in Mar 2003. Most of the original
Linksys management are still in place. Absolutely none of Cisco's IOS
operating system has appeared in Linksys products. Most are just
commodity products, made in China, and similar to other major players
in the market (Netgear and DLink). Cisco may be on the front panel,
but not inside.

>I havn't used D-Link with wireless however I know with
>the Linksys routers you can setup a list to restrict which MAC addresses
>can access your Wireless Internet. I have it setup to accept 3 MAC
>addresses, two are used and the other is sitting next to my linux box.
>There are 3 people who are trying to connect but can't because of that.

MAC address filtering is nice but offers little in the way of
security. It's incredibly easy to sniff of an authorized MAC address,
and then change your clients MAC address to the same as theirs. See:
http://www.klcconsulting.net/smac/

>If you can do that in D-Link, provided its fesable, which unless your
>running it as a wireless access point it is (and i doubt sence you care
>who is connecting.) definatly do it. It will keep everyone out except
>those who you want in.

It won't keep anyone out that knows how MAC addresses operate.
However, it might slow them down until they figure it out.



--
# Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
# 831.336.2558 voice Skype: JeffLiebermann
# http://www.LearnByDestroying.com AE6KS
# http://802.11junk.com
# (E-Mail Removed)
# (E-Mail Removed)

On Thu, 29 Sep 2005 01:19:45 GMT, teh Mephisto <(E-Mail Removed)>
wrote:

>First off - Linksys is the way to go - its cisco's version of products
>for the home. I havn't used D-Link with wireless however I know with
>the Linksys routers you can setup a list to restrict which MAC addresses
>can access your Wireless Internet. I have it setup to accept 3 MAC
>addresses, two are used and the other is sitting next to my linux box.
>There are 3 people who are trying to connect but can't because of that.
>
>If you can do that in D-Link, provided its fesable, which unless your
>running it as a wireless access point it is (and i doubt sence you care
>who is connecting.) definatly do it. It will keep everyone out except
>those who you want in.

Meph, I can hardly believe you wrote this stuff after your post
"Public Access WIFI Security". And with an email like
"(E-Mail Removed)" you have got to be joking. Unfortunately the OP
might take you seriously and we don't want that, do we?

Tardus_merula, MAC filtering is not a security measure.

Think of it like this. There are baggage locks that shy away the
occasional temptation and there are kryptonite locks that resist New
York mobsters. WEP is so fragile today that it hardly offers
resistance against tampering. It is very easy to find tools that crack
WEP, they are publicly available on the internet. All that is needed
to break in is the will.

MAC filtering is even less than WEP. Even if you never turned on your
computer (which transmits your MAC) it is easy to silently try all the
possibilities until a match is found.

Don't listen to Meph. And from this point on, neither will I.

speeder wrote:
> Meph, I can hardly believe you wrote this stuff after your post
> "Public Access WIFI Security". And with an email like
> "(E-Mail Removed)" you have got to be joking. Unfortunately the OP
> might take you seriously and we don't want that, do we?
>
> Tardus_merula, MAC filtering is not a security measure.
>
> Think of it like this. There are baggage locks that shy away the
> occasional temptation and there are kryptonite locks that resist New
> York mobsters. WEP is so fragile today that it hardly offers
> resistance against tampering. It is very easy to find tools that crack
> WEP, they are publicly available on the internet. All that is needed
> to break in is the will.
>
> MAC filtering is even less than WEP. Even if you never turned on your
> computer (which transmits your MAC) it is easy to silently try all the
> possibilities until a match is found.
>
> Don't listen to Meph. And from this point on, neither will I.

There is no way anything can be totally secure, the only thing security
mesaures do is prolong the time until you have been compromised. If you
have more than one security measure (ex. WPA2 and MAC address filtering)
it will take longer to crack than if you only had one of them.

BTW i'm still new at wireless security, and even the entire security
field in general, so you will have to cut me a little slack.
--
Meph

> There is no way anything can be totally secure, the only thing security
> mesaures do is prolong the time until you have been compromised. If you
> have more than one security measure (ex. WPA2 and MAC address filtering)
> it will take longer to crack than if you only had one of them.

True but MAC address filtering will add all of about 3 seconds. Not
worth the hassle IMO.
The only useful purpose of a MAC access control list is to log MAC
adresses that are not allowed and to warn an administrator that
unauthorized acces has been attempted. You might find the attacker
before he/she succeeds in breaking tho other security measures. Not a
likely scenario for a home network.

Sander

Jeff Liebermann wrote:

> Useless. WEP64 can be cracked in about 15 minutes of sniffing.

Before you can sniff traffic there has to _be_ traffic.
Beacon frames are not very useful.
If a network is not in active use you'll have to wait until a client
associates before you can actively attack that network. If you can
capture the date of a client associating you have the tools to do the
rest quickly and no other traffic is neccesary. You can generate it
yourself. But you do need that traffic first so you can replay it.

Sander

Jeff Liebermann wrote:
....
>>I use 64 bit WEP encryption on the router. Tardus
>
>
> Useless. WEP64 can be cracked in about 15 minutes of sniffing.
>
>
And 128-bit wep? How secure's that?

--
Please use the corrected version of the address below for replies.
Replies to the header address will be junked, as will mail from
various domains listed at www.scottsonline.org.uk
Mike Scott Harlow Essex England.(unet -a-t- scottsonline.org.uk)