How to deal with neighbourhood hackers: tips for securing your Wi-Fi

Posted by

WiFi HackingRecently on a local social media group, I have noticed a trend in the “need” to hack wireless networks in order to steal other people’s PAID FOR internet.

Just in case people forgot, this is unethical and illegal. I don’t know what the charges are for hacking in Zimbabwe, so I suggest checking with your lawyer or local law-enforcement officer!

BE that as it may, a lot of us end up being victims of Wi-Fi hackers. But how does one know that their Wi-Fi has been hacked? Well there are a few noticeable things that you can keep an eye out for:

  • Sudden slow internet speeds
  • High internet bills (if you don’t have uncapped internet)
  • Slow network access (it takes longer for you to connect to your own network than usual)

There are many other ways to track the accessing machines on your network, my favorite is
Angry IP Scanner. This software requires updated Java components. Once you have downloaded and installed this program I suggest you read the user manual so that you can best identify what machines are on your network.

This software scans IP addresses on your network. There are two types of IP addresses;

advertisement
  • DHCP – Dynamic Host Configuration Protocol
  • STATIC – Manual IP address

The DHCP address is an IP address that is automatically assigned by your internet router and the STATIC address is manually set by yourself or your local IT administrator. It is usually best that you use STATIC IP addresses, especially for those who know how to change their IP’s at will. To do this, take a look here.

Now that you know how to change or set you IP addresses, it’s time to decide if you want to have STATIC or DHCP for your wireless network. It’s usually wiser to leave that set to DHCP, if you are using a laptop you’ll be moving from wireless signal to wireless signal often.
The next step is determining what router you have. The router is the device that connects you to your internet and usually (in most cases) has your wireless antenna. More information can be found here.
In Zimbabwe, from my observations, the Linksys brand is the most widely used brand. What you will need is an Ethernet cable (network cable) to proceed with configuring your wireless. Once you have connected your PC to the router physically you will need to know a few things first;

  • What is the router’s static IP address
  • What is the administrator’s username & password to access the routers onboard software?

Usually most Internet Service Providers (ISPs) change these login details and do not give them to the client. Insist on getting this information from them. Sometimes they do not so you can use the default login credentials. You can find this information by using Google or going directly to the manufacturer’s website.
To gain access to your router you need to know the routers IP address, this info can also be found using the manufacturer’s website. For example your router’s IP address may be 192.168.1.1, using the procedure in the link I added previously, change your onboard Ethernet port to and address similar but not exactly the same i.e. 192.168.1.2, your subnet mask should match exactly the routers, usually 255.255.255.0.
Now open up your regular internet browser, Chrome, Opera, Internet Explorer or my favorite Firefox. In the address bar where you type web addresses, type the IP address of the router i.e. 192.168.1.1 and hit enter. A login window will appear, enter the login credentials you have gleaned from either manufacturer or ISP. For Linksys follow the steps to set up your wireless security provided here.

If you don’t want to fiddle with the router provided by your ISP you can always request that they disable the routers wireless, and purchase your own wireless router which you can connect directly to the ISP provided device using an Ethernet cable.

You will need to change the static IP address of the purchased router so that it can connect to the ISP’s router. To do this read this article from Linksys.

For your wireless security key/password, try using alpha numeric passwords (passwords with small letters and capitals, numbers and punctuation) For example, b3sT9@55W0rD3v@ (that actually reads bestpasswordeva).

Remember that the longer the password/key the harder it is to hack. I would also suggest changing the login details of your router to something only you will know, and also disable login access to the router via Wireless.

Once you have set up and tested your wireless security and it works perfectly, you may also want to set up additional, more advanced security settings.

By following the routers manual you will be able to assign MAC addresses that are allowed to connect to your router, this way prevents other people from joining your network no matter how hard they try. Or you may want to use the internal firewall of the device.

However for these more advanced security measures, I would recommend that you do a lot of research into them and how they operate first, long before you attempt it yourself at home or in your office, especially if you are just a novice at networking.

There are some very trust worthy network techies that are ready, willing and able to come to your house or office to do this for you too. Just as a precaution ensure that they use your computers to do the set ups and configurations, as it is known that there are some unscrupulous techies that will give themselves access to your wireless. It’s a sad, but true fact.

One thing you need to remember when you search for your devices is that the credentials to login are MODEL specific. So knowing the model of your router and model number are important. To find this information, it’s usually marked on the top of the device, or can be found on a sticker on the underside (bottom) of the router.

What other security measures can you suggest for protecting WiFi networks? Please share below.

Mark is a tech and gaming enthusiast. He has experience in hardware maintenance and tech sales. He loves working with computers, horse riding and rugby. He can be e-mailed on markdbfulton@gmail.com

28 Comments

  1. kilotango says:

    hiding your SSID also works great

    1. Mark Fulton says:

      Absolutely, it does, how-ever some folk dont want to hide their SSID’s so they can add friends or family to their networks.

        1. kilotango says:

          Tapiwa its very easy just to go online and google stuff…then post an argument as you have done…to make everyone look stupid.

          practically, hiding your SSID while using MAC filtering and WPA2 will be the most secure you can get

          1. Tapiwa✓ says:

            My aim is not to make people look foolish – it’s to correct incomplete advice (which is dangerous)! I would similarly call out anyone who is telling people that “writing down your PIN on your ATM card is fine; just as long as you keep your card secure”.

            Ask yourself: if someone is knowledgeable enough/has the tools to crack your WiFi password, do you think they cannot find your ‘hidden’ SSID? This is the bottom line.

            Geez – thanks for narrowing down my contribution to “go[ing] online and google stuff”

  2. Robert Ndlovu says:

    Accessing an unsecured WiFi connection is not hacking nor illegal.

    1. Anonymous says:

      yes it is.

  3. Tapiwa✓ says:

    This article is missing the fundamentials. Here’s how to protect your WiFi: use strong encryption. This means:
    * have a strong wifi password
    * never using WEP, it can be cracked in minutes. Use WPA2 instead
    * avoid using WPA, it’s stronger than WEP, but still weak. Use WPA2 instead

    The following will not help you
    * hiding your SSID (an attacker could passively listen for WiFi beacon transmissions and discover your ‘hidden’ SSID
    * strong passwords on WEP. WEP is thouroughly broken.

    In a nutshell, always use WPA2+ AES

    1. Anonymous says:

      I want to hack wifi

      1. Tapiwa✓ says:

        You will need:
        * a wifi card/dongle that support promiscuous mode
        * wifi sniffing tools like Kismet, OR
        * get a bootable USB/DVD image of Kali linux (formerly known as Backtrack), which has all the tools you need

    2. Mark Fulton says:

      Tapiwa, i have already mentioned the need for stronger passwords. I specifically left out the WPA/WPA2 encryptions as this is ment for the “simple”user! I also mentioned that if one should require Advanced security mesures they should contact a Friendly Tech! 😉

      1. tinm@n says:

        Why expect your users to be dumbed down. Even if they were, its not even difficult as it is usually presented as AND OPTION…. NO THINKING INVOLVED.

        Dear Wireless network owner, ALWAYS SELECT WPA2

        This is what’s bad about tech people who mistakenly think telling users some details would be beyond them. Treating them like eggshells that would break at the slightest hint of something technical… THEY HAVE WIRELESS AFTER ALL, hello!!!. People have brains. Evolved to think….

        In fact, they wont be thinking….

        Want to be safe, lock your door, have an alarm installed… anyone mention specifics about how the motion detector works? Whether its detects of temperature variations? Has a notification system to rapid response? Whether that system broadcasts through radio or through GSM/GPRS?

        You are the authority, tell the user, use the highest wireless encryption standard available. WPA2!!!

        1. Anonymous says:

          WPA2 AES not TKIP. TKIP is vulnerable to rainbow table attacks

    3. Khal Drogo says:

      I concur with Tapiwa and such articles should end-up with a disclaimer.

  4. Cyberman says:

    seriously guys..
    All these Sec presentations can just protect you agnst inexperienced hackers,,,
    Coz seriously, there is nothing that can stop a real hacker from accessing your Wifi.

  5. tinm@n says:

    Lazy passwords are the weakest point.

    1. tinm@n says:

      following the encryption standard… ofcourse

  6. Jack Siziba says:

    Most comments here are from us overly technical people that are the exact problem. The average Zim user will never even notice they are being hacked. As the article suggests what’s needed is a pet techie that is house trained to watch the yard.

    1. Mark Fulton says:

      Thanks Jack, a point which i was trying to make 😉

  7. Dark Side says:

    This got me thinking, is it possible to turn the tables on an intruder? I looked it up and holy moly, the force is strong on the dark side! All the things you could do…

    1. Mark Fulton says:

      Yes it works both ways

  8. Farai says:

    1. Do not give anyone your password.
    2. White list MAC addresses for access from mobile, laptops and computers

  9. Khal Drogo says:

    Trust me guys the simple way to hack into a wireless network even Wi-Fi Protected Access II (WPA2) is using social engineering. Start with the user if you are living nearby someones WIFI HotSpot, take a walk outside the premises and find the splicing and on top of the splicing you will find the ISP/IAP name. Next lookup the directory phone number for the user telephone number and call her/him asking for the credentials and using jargon words and lying that you need to change the credentials or else the user will be affected with Heartbleed virus. But if he/she doesn’t know then you take the turn to call the ISP/IAP and tell them that you format your laptop after Heartbleed virus attack and you need the credentials ASAP. Don’t give the ISP/IAP Support team a moment to ask you some question but instead rant as the owner of the link until they give-up the WPA2 using pre-shared key (PSK) encryption keys. Believe me I have done it a couple of time and it worked…..

    1. Anonymous says:

      Go back and read your CEH coursebook.

  10. Beini says:

    Even WPA2 can be hacked using a deep dictionary attack. What people also have to do is change their encryption keys as often as possible. especially when the speed goes down!

    1. Beini says:

      the MAC address bit is also a bit useless coz if I sniff out your MAC address i can alter mine and bump out any device.

  11. NyashaSimon says:

    its a crime under Zimbabwean law to hack into some1’s network just that the Criminal Law Codification and Reform Act needs to be a little clear,
    163 Unauthorised access to or use of computer or computer network
    (1) Any person who, without authority from the owner of the computer or computer network, intentionally—
    (a) gains access to; or
    (b) destroys or alters; or
    (c) renders meaningless, useless or ineffective; or
    (d) copies or transfers; or
    (e) obstructs, intercepts, diverts, interrupts or interferes with the use of;
    any data, programme or system which is held in a computer or computer network shall be guilty of unauthorised
    access to or use of a computer or computer network and liable—
    (i) if the crime was committed in any of the aggravating circumstances described in section one
    hundred and sixty-six, to a fine not exceeding level twelve or imprisonment for a period not
    exceeding ten years or both; or
    (ii) in any other case, to a fine not exceeding level eight or imprisonment for a period not exceeding
    three years or both.
    (2) It shall be a defence to a charge of unauthorised access to or use of a computer for the accused to prove
    that he or she was not motivated by malice when engaging in the conduct constituting the crime, and that the
    conduct did not materially affect the data, programme or system in question nor the interests of the owner of the
    computer or computer network.

    so be careful

  12. Mak Khan says:

    thanks for share its really informative article..keet it up..
    http://currentlytrends.blogspot.com

Leave a Reply

Your email address will not be published.

css.php