I have a SECURE network, but someone is STILL able to hack in!

Discussion in 'Community Discussion' started by srg-dallen, Nov 5, 2009.

  1. srg-dallen macrumors newbie

    Nov 5, 2009
    So as the title says, I have what I consider to be a "secure" network. I use WPA - PSK security with a very jumbled password, as well as MAC address filtering. So when I got home from work and opened up a finder window, I see "DARIN-PC" in my network connections, as well as my desktop and my wife's MacBook. My neighbors name is Darin, though he is dumb as a brick (or so I thought?) and I didn't think he knew anything about computers, and thus be to dumb to hack into my network. I looked in my MAC address list and there is a NEW address, that I have not put there. So...

    1. How can I find out who this is? Or at least an his/her IP address?
    2. How was this person able to "sneak" into my network?
    3. How can I prevent this from happening again?

    Any help would be greatly appreciated.

  2. angelneo macrumors 68000

    Jun 13, 2004
    Check your own network, usually if someone wants to hack into a network, they wouldn't pick their neighbour's, with their computer name so blatantly listed. There might be a possibility your router has reset the authentication.

    IP address doesn't help as he/she is connected to your network, thereby using your network public ip address.

    Lastly, reset your router again (updating it with the latest firmware) and set new password. If it happens again, switch to another router.
  3. stridemat Moderator


    Staff Member

    Apr 2, 2008
    Best bet would be to go through the initial start up again for the router, basically starting again with your security.

    After you have reset all you security measures see if he access your network anymore.

    If he does then go round and ask him about it!
  4. anim8or macrumors 65816


    Aug 16, 2006
    Scotland, UK
    A friend of mine told me about some software that is available that can hack into secure networks.... regardless of password, hidden SSID, etc.

    Unfortunately he didnt tell me what it is called as he didnt know himself, his brother who studies IT in manchester told him about it as he uses it!!!!!

    This worries me as i frequently get drops in speed on my wireless and wired network and i know there are a lot of students/young people in my building who may or may not be stealing my internet.

    This kinda thing really p****s me off!

    Sorry i cant be of more help, just thought i would let you know.
  5. Blinkwing macrumors member

    Sep 23, 2009
    New Zealand
    Why aren't you using WPA2?

    WPA/WEP are easily crackable.
  6. Melrose Suspended


    Dec 12, 2007
    Even with certain types of encryption, there are packet sniffers (or whatever) for PCs that make it less than difficult to get in (granted you have to have a bit of no-how to begin with). I don't know how to do it but I read an article on it last year about getting past your average home network security.

    On second thoughts, I guess that doesn't really help the OP..
  7. Rodimus Prime macrumors G4

    Rodimus Prime

    Oct 9, 2006
    it is not the wpa/wep are crackable but they are older. WPA2 will become easily crackable in the 5 years and that is just because of age people figure out how to crack it. Right now most people will not go past WEP because they do not know how to.

    As for the OP the is not much you can do short of changing you key and removing his mac adress. If you can go WPA2. You can also check to see how much of his hard drive is shared but doing any damage there can get you in both trouble with the police and get you sued.
  8. dmmcintyre3 macrumors 68020

    Mar 4, 2007
    some devices do not support WPA2 like my Mom's laptop does not support WPA2

    I used it to test my network's security. WEP went down in 45 min, WPA did not before I quit it after after about 4 hours. The speed of the cracking is dependant of the CPU speed of your computer and the amount of traffic on the network you are trying to crack. Havent used it since Leopard though. I think this is the name of the program I used

    Attached Files:

  9. ChrisA macrumors G4

    Jan 5, 2006
    Redondo Beach, California
    First off your router may not be set up like you think. Likely it is not. So start over.

    If the router has an access list, set the default access to "no-access" then enter the MAC address of every computer you wish to allow access. (Yes it is possible to spoof a MAC address.) Then of course turn on encryption and a password. If the router lack an access control list then get a new roputer.

    Also in the DHCP setup. Assign reserved IP address for each MAC address you allow. This will make it easy later to match up IPs to MACs, just look in the table.
  10. Rodimus Prime macrumors G4

    Rodimus Prime

    Oct 9, 2006
    Still not going to solve the problem as the above poster showed. It only takes a matter of minutes to crack a network. I have seen 128 bit wep go down in less than 10 mins. Mind you this was on a network with 2 computers downloading a few torrents so it had a lot of traffic to play with.

    The cracking time of a given wireless networks security is going to be cut in 1/2 about every 18 months with out other advances in cracking. Computing power is still doubling every 18 months and looks like it will continue that way for years to come.
  11. yg17 macrumors G5


    Aug 1, 2004
    St. Louis, MO
    Access control lists are the biggest waste of time. Sorry, but it's true. It takes 30 seconds to discover and spoof an allowed MAC address and they're a pain in the ass to maintain. They do nothing to protect your network. WPA2 with a good (long and random character) password is all you need.
  12. maflynn Moderator


    Staff Member

    May 3, 2009

    WPA security is virtually worthless and it matters not that you have a very jumbled password. Its so easily cracked that it offers zero protection.

    I'd make sure you either use a different address for your router and/or change its password. I'd also look at the router logs as that will detail what IP address are connecting.

    Also add WEP2 security, make sure you turn off broadcast SSID, and also change the name of the network.
  13. steve2112 macrumors 68040


    Feb 20, 2009
    East of Lyra, Northwest of Pegasus
    HUH? WEP2? Uh, no. WEP is still vulnerable. It's the algorithm itself that is vulnerable. WEP2 was a stopgap measure at best, and was never fully implemented or standardized. With the right software, any WEP key can be broken within minutes.

    There have been some vulnerabilities discovered in WPA/TKIP, but most are still proof of concept. None of them are as easy to execute as tools used to crack WEP. It's still far safer than any type of WEP. WPA2(AES) is currently not crackable.

    http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy (Yeah, I know. It's Wikipedia, but it's pretty accurate.)

    Finally, turning off SSID broadcasting does nothing. Any good sniffing tool will show the SSID, even if it is non-broadcasting.

    Anyway, yg17 is right. It is very easy to spoof a MAC address. ACLs on most home routers aren't that good. (Tomato or Open WRT are actually decent. Cisco's work pretty well. :)) Make sure WPA2 is on, and use a good, long password. As someone else suggested, you may want to start over on the setup, make sure WPA2 is enabled, and then check things out afterward. If he is still getting in after all that, he is damn good.

    Edit: If you want a REALLY good password, check out Steve Gibson's Perfect Paper Password or his online password generator. Good luck breaking one of those. https://www.grc.com/passwords.htm
  14. Rodimus Prime macrumors G4

    Rodimus Prime

    Oct 9, 2006
    I would not call WEP worthless. It is by far better than nothing.

    It limits people getting on the network to ones with a list a little know how and that is a very small part of the general populations. it keeps most free loaders off the network.

    Now if I wanted to get on some ones network with WEP yes I could but I have a little know how to do it. WEP problem is it can easily be brute forced crack and even more so when there is a lot of traffic.
  15. yg17 macrumors G5


    Aug 1, 2004
    St. Louis, MO
    You're thinking of WEP. WPA is still pretty secure as long as you're using a good password. WPA2 is better, but WPA will still get the job done if you have older devices around the house that can't do WPA2. The password you choose is important though, the best encryption is vulnerable to attacks if you choose a crappy password.

    And turning off SSID broadcast is just as useless as MAC filtering. It provides no additional security and just ends up inconveniencing the end users. Turning off SSID broadcast and using MAC filtering may stop a casual user who knows nothing about computers from attempting to connect to your network, but it is no obstacle to anyone trying to crack into your network. All it will do is delay them by about half a minute.

Share This Page