Wireless Compromised

Discussion in 'macOS' started by LucyFM, Jan 17, 2009.

  1. LucyFM macrumors newbie

    Joined:
    Nov 20, 2008
    #1
    I know this has been posted elsewhere but bear with me.

    I have looked all over the web for resolutions to this problem but the explanations go way over my head!

    I keep getting dialog boxes popping up out of the blue saying "Your wireless network appears to have been compromised and will be shut down for approximately a minute".

    It's starting to drive me NUTS! (Oh and I have an Orange Livebox router)

    Please advise, I have no idea how to make it go away :(
     
  2. cw2k7 macrumors member

    Joined:
    Jan 18, 2008
    #2
    Someone is trying to brute force their way in to your wifi network. WPA is susceptible to this if you use a weak password.

    Change you wifi routers security to WPA2 AES and use a randomly generated long password to avoid this.
     
  3. iObama macrumors 6502

    iObama

    Joined:
    Nov 16, 2008
    Location:
    SF
    #3
    I use the following WEP-128 key and have never had a problem:

    13121110090807060504030201

    (Notice that it's easy to type on a keyboard: One three, One two, One one, One zero, Zero nine, Zero eight, etc.)
     
  4. itickings macrumors 6502a

    itickings

    Joined:
    Apr 14, 2007
    #4
    Just keep in mind that WEP is severely broken and barely more secure than no encryption at all.

    Running wireless with no encryption is comparable to going on vacation and leaving the door to your home wide open, whereas running wireless with WEP is leaving and closing the door without locking it.

    I'm unfortunately not familiar with Orange Livebox, so I can't really provide any step by step instructions or even know what settings are possible.

    As far as I know, most people experiencing your problem have had their WPA set to TKIP and changing to AES made the problem go away. If you don't know how to change the settings on your router, or have no idea what I'm talking about, you need to find someone familiar with your router model to help you I fear.

    Good luck!
     
  5. Tex-Twil macrumors 68020

    Tex-Twil

    Joined:
    May 28, 2008
    Location:
    Europe
    #5
    Where do you get that message ? I've never heard of something like this. can you post a screenshot ? Just set a WPA encryption and you'll be fine.

    Tex
     
  6. numbersyx macrumors 65816

    numbersyx

    Joined:
    Sep 29, 2006
    #6
    Try changing your network password (I assume you are using WPA2) and see what happens. I'm not sure this is simply a router problem. I used to get similar pop ups on my old Windows XP desktop but they were viruses that had infected my browser.
     
  7. itickings macrumors 6502a

    itickings

    Joined:
    Apr 14, 2007
    #7
    Actually, WPA encryption is where the problem exists... Or WPA-TKIP, WPA-AES should be fine.

    If my memory serves me correctly, the problem lies in key generation with TKIP where message integrity is susceptible to brute force attacks. A failed message integrity may therefore be assumed to be an attack. Depending on the traffic or network state, this can happen even with 100% legitimate traffic.

    The complete message is "The wireless network appears to have been compromised and will be disabled for about a minute." I believe. Used to be in a Localizable.strings somewhere.
     
  8. Tex-Twil macrumors 68020

    Tex-Twil

    Joined:
    May 28, 2008
    Location:
    Europe
    #8
    I googeled for that message. It seems a bit odd to me. How the hell can a wireless client have and idea that the AP is being attacked. Plus .. yes you can bruteforce a WPA/WPA2 key but to do so, the only thing an attacker needs is the complete 4 way handshake which can be obtained completely passively and neither the Access Point nor the client have an idea that something is going wrong. The brutefore takes then place completely offline with a dictionary attack on those 4 precious captured packets.

    So I would be interested on what basis this message appears.

    Tex
     
  9. itickings macrumors 6502a

    itickings

    Joined:
    Apr 14, 2007
    #9
    Extend your Googling to the Message Integrity Code in TKIP for related reading. If the MIC fails repeatedly, the client will disable networking for a minute or so to vastly decrease the odds of a brute force attack succeding.
     
  10. Tex-Twil macrumors 68020

    Tex-Twil

    Joined:
    May 28, 2008
    Location:
    Europe
    #10
    OK interesting. I don't know this TKIP Countermeasures technique. Now it makes more sence to me and I understand what's happening ;)

    Tex
     
  11. itickings macrumors 6502a

    itickings

    Joined:
    Apr 14, 2007
    #11
    Yeah, things have a strange tendency to make much more sense when one got an understanding of them. :)

    AES is the way to go anyway, TKIP should be avoided.
     
  12. LucyFM thread starter macrumors newbie

    Joined:
    Nov 20, 2008
    #12
    I just tried ringing Orange tech support and went through the options and selected the option for help if you have an Apple Mac. They then told me to call an 0900 which will cost 50p a minute and will last no longer than an hour!

    I haven't been able to find any instructions in the box that the router came in so no luck so far!!
     
  13. Tex-Twil macrumors 68020

    Tex-Twil

    Joined:
    May 28, 2008
    Location:
    Europe
    #13
    Well here is a step by step guide to configure a Livebox but it's in French :)

    It shouldn't be that complicated thought. Just login to the box (usually http://192.168.1.1/) and find the wireless options and change the options.

    Tex
     
  14. LucyFM thread starter macrumors newbie

    Joined:
    Nov 20, 2008
    #14
    Thanks Tex. I have managed to get into the configurator, where I discovered password was set at WEP, I have changed it to WPA-TKIP, as the only options are WEP or WPA, WPA only, WEP only or No security.

    Oh and have attached a screenshot (I hope) as requested.


    EDIT: Just realised you can see what I was looking at in that pic! Oh well!
     

    Attached Files:

Share This Page