Attacker told my daughter he'd hacked our internet - help

chuckschucks Member Posts: 2
edited October 24 in Devices & Security

Someone last night tried to get pictures from my daughter by saying he’d hacked our internet and to prove it he cut her off WiFi.

i’m new to all this but I do know if you get a IP address you can overload a router to get it to reboot ?

anyways I’ve reset the router, removed all devices and changed all passwords.

question is what else can I do?

VioletChepilCiarankltaylorRobin

Answers

  • PoohPooh Member Posts: 675 ✭✭✭✭✭
    edited October 23
    Hello @chucks, and welcome to the community!

    Is it possible to overload a router? Sure it is. That said, it's very highly unlikely. It's also doubtful that this person has really hacked your internet. Traditionally this is something said to people to scare them into paying money.

    Are we talking pictures off a smart device , or a PC? If a device, iOS or Android? If a PC then Windows, Linux or Mac?

    Most consumers use leased IP addresses that can change on a irregular basis (whenever the lease expires). This alone would make launching a DDOS attack somewhat doubtful since they'd need to know what your IP address is. This is not impossible, but for a home user with little to directly gain, somewhat unlikely.

    The biggest risk is from exposed ports and installed malware: right now I'd say you've checked all the requisite first boxes.
    People say nothing is impossible, but I do nothing every day.
    chucksVioletChepilkltaylorGummyKing
  • chuckschucks Member Posts: 2

    Thanks for getting back to me.

    For what I know my daughter was using a iPad mini 2 and clicked on and link on a YouTube channel of a person she was talking to, the person question started telling her he had control and to prove it he said he’d turn the WiFi on and off, could have been coincidence but she said he did .

    VioletChepilkltaylor
  • PoohPooh Member Posts: 675 ✭✭✭✭✭
    Yeah, sounds very very improbable to be honest. I think you're good! I've lost track the number of times someone had told me that "something" had happened on the network but it transpires they were wrong and they'd interpreted something totally different as being that "something".
    People say nothing is impossible, but I do nothing every day.
    VioletChepilkltaylor
  • MarcMarc Member Posts: 427 ✭✭✭✭✭
    @chucks, this might be a good opportunity to have your daughter change her Google password, to be on the safe side, if she used it to log into YouTube when this incident happened.  As @Pooh said, I can't think of any way he could have messed with her internet unless he was within wireless range of where your daughter was and stepped over your wifi signal.  Thats a heck of a lot of coincidences after a chance encounter on a web site where he just happened to be within distance of where she was.  Not likely.
    Thats Daphnee, she's a good dog...
    PoohVioletChepilkltaylorGummyKing
  • PoohPooh Member Posts: 675 ✭✭✭✭✭

    Good call on the Google password change there, @Marc .

    People say nothing is impossible, but I do nothing every day.
    VioletChepilMarckltaylor
  • VioletChepilVioletChepil London, UKAdministrator Posts: 2,232 admin
    I've just slightly modified this title @chucks thanks @Pooh and @Marc for the helpful suggestions.
    Seeing if any others can add in too: @pwmeek @Hronos @kltaylor @SimoneSpinozzi

    Community Manager at Fing

    MarcPoohkltaylor
  • kltaylorkltaylor Member Posts: 558 ✭✭✭✭✭
    This topic hits home for me, as a father of three girls I know what you're feeling.  Not only would I recommend changing passwords to something more robust, nothing that can remotely be determined through common words, etc.  But I would take it a step further and look for good parental controls as well.
    Our youngest has her computer in our computer room, and even with her tablet and phone, I know what she's doing and where she's going.  She also knows that if there is something questionable, she brings the issue to me and asks for my help.
    I'll refrain from saying anything about hunting down the idiot, but ... I just did =)
    Seriously though, talk with your daughter and have a conversation about the great and powerful internet, but also help her to recognize the dangers and risks.  Reassure her that you're there to protect her with her online experience and that she's hasn't done anything wrong.
    "There's a fine line between audacity and idiocy."
    -Warden Anastasia Luccio, Captain
    VioletChepilMarcGummyKingCiaran
  • KingofKatsKingofKats Member Posts: 1
    These are all good suggestions. In addition, I'd make sure that the security protocol on your router is at least WPA/2 and if she's old enough to understand passwords, I'd introduce her to a password manager such as LastPass, OnePassword or DashLane. Finally, I always suggest to anyone who has a Google account that he or she opts for two-factor authentication, using the Google app for same. The last may seem like a hassle, but it buys you and your daughter a lot of peace off mind — because even if somebody phishes her for her password and succeeds, they still would need to crack the second factor, which is enough to make most hackers move on to an easier target.
    PoohMarcGummyKingCiaran
  • PoohPooh Member Posts: 675 ✭✭✭✭✭
    All good advice there, @KingofKats. Welcome to the community!
    People say nothing is impossible, but I do nothing every day.
    VioletChepilCiaran
  • SimoneSpinozziSimoneSpinozzi Member Posts: 71 ✭✭✭
    First of all: once you have had a security breach. You will always live with a bit of fear... and that is unavoidable. You can let it spiral out of control... or just do the basic stuff.

    The most basic stuff you can do is "burn everything to the ground". Metaphorically: that is... disconnect everything at once... format everything and reinstall it... and get rid of everything you do not need that connects to the internet and buy new stuff... and do it all at once, do not reconnect to the internet until you are done and there is even one overlooked device.

    Yeah, you do not need to go that far. But in order to "not go that far"... it's actually a lot more work. Here is what you need to do step by step.

    First of all: understand the problem.

    You or your daughter are not dumb for falling for it. You are just ignorant. The two things are not the same. Please bear that in mind. It might make me facepalm when i see people overlooking "basic" stuff. But that does not mean i am superior. My knowledge lays elsewhere. That's how society works. I know zilch of how to do a lot of stuff that many other people find "obvious" and/or "easy".

    So. With that in mind.

    Step 0: before you do anything, check the text of the email you received. There is a very good chance you were never "hacked" and it's your average hoax that would just make you lose time. If the email is an hoax, check if it carried viruses or anything. It might be very simple social engineering and scare tactics to make you do stuff you do not know would be harmful.

    If the text of the email does not appear in "hoax/scam surveillance" sites telling you "yeah it's an hoax"... then you can go forward.

    I did not understand if your internet was actually cut or if you just got warned that it could be done. If it got cut and it's on an hoax/scam surveillance site... the site will probably tell you what you did (unknowingly) to make your internet get cut for a while.

    Most attacks are so widespread they are literally handled by chatbots. Even those handled by actual human beings... are often sloppily done because people need to know you are an incompetent for answering them so that they know they will have an easy way into tricking you to do what you wish to do. It does not pay to win the thrust of people to betray them, but it pays a lot to do something recognizably fake that only people that know nothing about it and know zero about security will fall for it.

    Second way to attack people ... there is a much higher chance that instead of cutting off your internet via arcane dark magic... your daughter has opened the images, possibly with standard tools like an image gallery from android or windows or your standard web email viewer.

    Heck in theory there are entire services that will just add a 1 pixel by 1 pixel transparent image to your email just to track you when you open that email. But that rarely get used. (and even more rarely by actually malicious people. ¯\_(ツ)_/¯ )

    However it's a well known attack scheme to attach images with code inside and it's also why lots of browsers stopped showing JPEGs and similar things by default inside emails. And if you download images do not use standard tools to open images or do not allow your web browser to open images from unknown sources... the attacker can literally do nothing. 

    Buuuut standard tools and large web email providers are well known and documented and easy to exploit.

    So: first thing to do is to check your webmail for the setting that hides images from unknown sources... and never display them unless you know who they are. Then check if your "attacker" is among your known sources and remove the rights to display images from that person (it's a not a web browser setting is a web email setting).

    Second: Your daughter probably went to an unknown internet site, or received an email from an unknown source. The site told her to install a viewer on her phone for the site to maximize the experience or the email seemed innocent enough and she visualized it with all the images showing up.

    That is enough to allow a random denizen to run something uncontrolled on your phone or install a javascript on the page you are viewing and tell you that you need an update or something... or call on a web store on your PC to install whatever random program the hacker is piggybacking, because the hacker knows the vulnerabilities.

    Then you do what you needed doing, nothing happens.

    At least 1 day or month later, if you still have the app installed, or the program installed or the script is still running because you gave it an "ok" when it asked you for an "update" the actual attack takes place, most people don't remember what they had for lunch and they do not think about that thing they used once and had been laying there.

    Aaaand that is how you get your internet "hacked". It's nothing like science fiction where people ⛈️HACK YOUR ROUTER.⛈️ or idiocies like that.

    It's just normal people giving normal permissions to normal applications that then get exploited because they are badly maintained by their curators.

    And it's also how why a lot of stuff "breaks" with modern operating system updates. Since nobody takes care of the security of their own programs, and since it's a nation-wide security risk... people higher up than the companies making operating systems have delegated to the companies making the operating systems to just make sure certain exploits do not happen... and that breaks a lot of legitimate uses of similar things. There fore computers feel constantly slower and cramped because they have to go through more and more loops....

    ...because of badly designed programs that nobody maintains and that are a constant security risk to everybody.

    As usual the sloppyness of a few and the maliciousness of even fewer reflects on the well-being of everybody. 🤦‍♂️

    Back to the Original Problem.

    Step 2: is to clear the cache of your browser check all permissions given from your daughter to the browsers you use, if anything does not look like something you need to use, delete it. Usually there is a security tab and check various persmissions from ability to set cookies to access to javascript and other things like that. Set your browser to never accept third party cookies and then remove default perm issions except for images and javascript. You need images and javascript even though they are the main attack point (mostly because everybody needs them)

    However... You do not know a site? You block images, cookies and javascript from that site. There should be many in your security settings. In many cases your security settings get synced from one browser to your others... so one way to do it is to log your browser onto its cloud and start using that.

    I could suggest "very basic security extensions" (Ublock Origin, and its Extra, Malwarebytes extension, Privacybadger, Web Of Trust, Shodan) Buuut teaching you how to use these would.... take a few weeks. And in any case, most of the times you do not need them if you do not know how to use them (they are actually bad if you do not know how to use them, because like most security stuff they themselves can be attack vectors if improperly used😅 ... especially poor old uBlock).

    Step 3: Then go to whatever operating system and start going through the list of programs you use. Uninstall anything you do not need and especially that you do not remember installing.

    Today it is much harder for "hackers" to actually bypass the operating systems so this should (90% of the times) clear everything that is installed in your PCs and your phones.

    Yes, you need to do this on all the PCs and all your Phones and Tablets. One overlooked user-influenced device is one device that will get used for malicious purposes.
    VioletChepilMarc
  • SimoneSpinozziSimoneSpinozzi Member Posts: 71 ✭✭✭

    Step 4: Now there are also many """""""smart""""""" devices sold nowadays. If you cannot do without, remove their permissions to use the internet. Yes. There might be some comfort in turning on the lights from your phone or squeezing the juice from your packet of juice via your phone... I.... honestly do not see what this confort should be. But "Dumbifying" smart devices and raising their protection by (at the very least) changing username and password is usually the easiest way to close incredibly huge security holes in a modern house.

    I've... personally had to show people why their webcam which they did not know hat a web interface (Manuals?! Who has time to read them!) was open to the public or why somebody who shall not be named should not leave the interface to control his water plant open to the internet so he can check on it from his phone. Yes it is easy that way. But i could literally break the turbines if i wanted. And just because "Yeah but nobody does that"... is honestly not a good excuse in my book.

    So in general i advice against 99% of "smart" stuff connected to the internet.

    Especially the now always more and more Alexa and Google things, since those are the main gateways of attack, on account that you can install stuff on their cloud support to "enhance your experience" and they are by far the least protected things in your own home. So yeah. "Get Dumb" and remove anything "Smart" that does not do stuff you actually need. For the stuff you actually need, check their security setting. If they can go live (like many webcams) via a phone command (a.k.a. via internet) find alternatives.

    To note. In many cases people who do not know how their devices work and want them to "just work" are the main source of headaches, and why "scaaaaaaaaary" stuff like Alexa giggling "at random" makes me facepalm when people think their devices are "hacked" or "possessed".

    Spoiler: they are usually never hacked or possessed. And you can clearly check online why some of that stuff happens, though you need to at least have an understanding of how this stuff works to see why that is no hacking.

    Except when it is... which happens a lot more rarely and even more rarely looks like "scary urban myths" based on misinterpreted facts due to ignorance.

    In any case the basic rule is: if you don't need it. Don't buy it. If you need it but not connected, don't connect it. If you need it and part of the need is that it has to be connected... At the very least read the manual and search how to set its security. Pretty please? 😟

    So if you have bought them and already have them, disconnect them. Often times: Not having something "comfortable" is worth not having the headache of checking up how the security of a sloppily thrown together cheap operating system works against people who actually want to harm you... often for stupid reason or without thinking. Once again, often these attacks are literally handled by bots not real humans and the actual person behind them does not care about you nor they know about you.

    All this said... i'm sorry if it looks like "a lot" but this is veeeeery basic security and i tried to simplify and generalize a lot of things that are a lot more complex than this.

    The good old saying "read the f-ing manual" is there for a reason. Often times knowing how to use the stuff you use everyday... helps you protect you from random harm. It's not "being dumb" that creates problems. It's often "not having time to learn".
    VioletChepilMarcPixelpopper
  • VioletChepilVioletChepil London, UKAdministrator Posts: 2,232 admin
    Thanks for the amazing post @SimoneSpinozzi
    @Slim81 - I'm just going to split your discussion into a new thread so we can start with getting help for that one too. 

    Community Manager at Fing

  • SimoneSpinozziSimoneSpinozzi Member Posts: 71 ✭✭✭
    i honestly posted very basic stuff from checking what could be wrong or if it's a scam that will actually lure you into doing the very thing you do not wish to do... to how to get rid of the great majority of this without having to reinstall everything.

    I just... explain too much (even for basic things) soooo i had to split the post because it went over the character limit.
    VioletChepilKingofKatsMarc
  • Doc_ADoc_A Member Posts: 1

    Astounded that in the last year our court 12 homes have jumped from 40 to 456! Newbies are broadcasting and attaching without making security changes. These devices and routers or mine latch on to any network thy can, ROKU BOXES seem like loose cannons and until I set MAC blocking, poor streaming and very poor wifi phone signals were using IPs and MAC s all around me. The MAC-accepted has blocked new unprogramed neighbors, but as 5G arrives this blizzard of signals is going up 100 %.

    VioletChepil
  • SimoneSpinozziSimoneSpinozzi Member Posts: 71 ✭✭✭
    @Doc_A
    Wait... uhm.... what?! Why setup a whitelist/blacklist instead of simply putting a username and password?
    With a Whitelist/Blacklist your router is working double if not triple time. With a username and password it just ignores anybody that does not identify itself. Put your router as "invisible" if you don't want random people to try and use your network and set up your home appliances to try and connect to the invisible network even when they do not "see" it.

    Do not do that with your phone though, it drains the battery when you're not home, just set your phone to use your carrier network. You should not use your phone to browse at home anyway.

    And i don't understand why 5G should affect your home WiFi.
    VioletChepil
  • MarcMarc Member Posts: 427 ✭✭✭✭✭

    Step 4: Now there are also many """""""smart""""""" devices sold nowadays. If you cannot do without, remove their permissions to use the internet. Yes. There might be some comfort in turning on the lights from your phone or squeezing the juice from your packet of juice via your phone... I.... honestly do not see what this confort should be. But "Dumbifying" smart devices and raising their protection by (at the very least) changing username and password is usually the easiest way to close incredibly huge security holes in a modern house.

    I've... personally had to show people why their webcam which they did not know hat a web interface (Manuals?! Who has time to read them!) was open to the public or why somebody who shall not be named should not leave the interface to control his water plant open to the internet so he can check on it from his phone. Yes it is easy that way. But i could literally break the turbines if i wanted. And just because "Yeah but nobody does that"... is honestly not a good excuse in my book.

    So in general i advice against 99% of "smart" stuff connected to the internet.

    Especially the now always more and more Alexa and Google things, since those are the main gateways of attack, on account that you can install stuff on their cloud support to "enhance your experience" and they are by far the least protected things in your own home. So yeah. "Get Dumb" and remove anything "Smart" that does not do stuff you actually need. For the stuff you actually need, check their security setting. If they can go live (like many webcams) via a phone command (a.k.a. via internet) find alternatives.

    To note. In many cases people who do not know how their devices work and want them to "just work" are the main source of headaches, and why "scaaaaaaaaary" stuff like Alexa giggling "at random" makes me facepalm when people think their devices are "hacked" or "possessed".

    Spoiler: they are usually never hacked or possessed. And you can clearly check online why some of that stuff happens, though you need to at least have an understanding of how this stuff works to see why that is no hacking.

    Except when it is... which happens a lot more rarely and even more rarely looks like "scary urban myths" based on misinterpreted facts due to ignorance.

    In any case the basic rule is: if you don't need it. Don't buy it. If you need it but not connected, don't connect it. If you need it and part of the need is that it has to be connected... At the very least read the manual and search how to set its security. Pretty please? 😟

    So if you have bought them and already have them, disconnect them. Often times: Not having something "comfortable" is worth not having the headache of checking up how the security of a sloppily thrown together cheap operating system works against people who actually want to harm you... often for stupid reason or without thinking. Once again, often these attacks are literally handled by bots not real humans and the actual person behind them does not care about you nor they know about you.

    All this said... i'm sorry if it looks like "a lot" but this is veeeeery basic security and i tried to simplify and generalize a lot of things that are a lot more complex than this.

    The good old saying "read the f-ing manual" is there for a reason. Often times knowing how to use the stuff you use everyday... helps you protect you from random harm. It's not "being dumb" that creates problems. It's often "not having time to learn".
    You’ve got some good info in here but I don’t necessarily subscribe to the scorched earth policy of breaking all access to the internet for everything. If people were to know about and follow some basic security do’s and dont’s, they would be in a world of better shape. 
    1. Don’t install extensions, applets or any other crud on top of your browser, smart appliance etc. if you have to, make sure it from the vendor and that vendor is reputable
    2. Do change the default admin name and password
    3. Do use a strong password
    4. If an offer sounds to good to be true, it is. Don’t click on it!
    5. Change your passwords regularly
    6. Use a password manager if remembering too many passwords is difficult 
    7. Don’t use the same password everywhere. If you do and it’s discovered, that’s a game over moment. 
    There is so much more to do but, most people can still feel free to use that smart bulb with a bit of common sense and diligence. 
    Thats Daphnee, she's a good dog...
    VioletChepilOKCCiaran
  • SimoneSpinozziSimoneSpinozzi Member Posts: 71 ✭✭✭
    @Marc

    we seem to have a "very (very) different" definition of scorched earth. I was telling to somebody who ***had already*** sustained an attack how to minimize the chances to leave the attacker still in possession of tools... ***without*** using a scorched earth policy.

    Checking if the attack was real, then clearing cache, then uninstalling stuff that is "suspicious" and you never remember installing and never use, and finally read what are the security settings on anything that is not your main PC and change passwords and users around ... looks like very basic, and very bland stuff to me.

    If you think what i suggested (and summarized above) is "scorched earth" you have a very different idea. It is actually very bland ***basic and generic*** security for an ***after breach***. I don't even know if i'm talking about a cellphone, tablet, game console, or PC and if it's Mac or IBM-compatible stuff. I know zero, therefore i tried to stay as generic as possible.

    Telling somebody how to ***prevent*** attacks is.... useful... to a certain degree when said person was ***not already*** breached.

    I told the person how to tell if there actually ***is*** a breach (most times there has not even been a breach, just the fear of one exploited thanks to social engineering and that can lead to an actual breach). And if there has been one how to remove it in the blandest way that saves as much as possible of one's own system... without knowing what said system is.

    Actual scorched earth would be to remove all data storage (including bios eproms), fry that with high electricity and sell the rest of the electronics for scraps. Because that is ***cheaper and more time efficient*** than trying to root out some of the attacks i have seen.

    I have seen people attacking from USB keys which had their firmware rewritten, i've seen actual hackers flashing bios eeproms on user machines at reboot... remotely. And yes even people using 1x1 transparent images and javascript in a webpage that was not even the active tab to send all keystrokes to themselves. I've honestly seen all kinds of stuff.

    What i am suggesting is very bland and basic stuff that a user can implement, because randomized and non-targeted attacks to totally random people... just tend to be massive distributed stuff that, let me tell you, fairly suck as far as attacks go... but that anybody who has never even bothered to understand even very basic security finds "science-fiction"-y while it's real dumb stuff that exploits fear and ignorance.

    Heck most of the times it's your phone that has been breached, because people use phones to do the most dangerous stuff without even knowing... at which point you are better off buying a new phone rather than trying to re-install it because most assuredly what has been compromised is the very tool that would allow you to format everything and reinstall from scratch your own phone and therefore removing the virus is basically the same as bricking your phone unless you send it to the company that made it... at which point they usually switch the main board that has everything on it ... honestly it takes less time, i agree with them.

    Though i don't agree with their standard "trashing" policy which is "just dump them here" which is usually both sucky as far as recycling goes and is a big data security flaw. 😅🤦‍♂️
  • bakryhettabakryhetta Member Posts: 8

    I myself faced this problem , i became much worried when I see forgn devices using my network and accessing internet . First i tried to get the Fing box from our local market but i didn't find .I logged in my router settings and in network security i entered all my devices's MAC addresses to allow access ( DHCP is set to on ) .At last i found no any foreign devices .

  • MarcMarc Member Posts: 427 ✭✭✭✭✭

    You bring up some good points, Appreciate the debate and all our different take on things @SimoneSpinozzi.

    Thats Daphnee, she's a good dog...
  • SimoneSpinozziSimoneSpinozzi Member Posts: 71 ✭✭✭

    I myself faced this problem , i became much worried when I see forgn devices using my network and accessing internet . First i tried to get the Fing box from our local market but i didn't find .I logged in my router settings and in network security i entered all my devices's MAC addresses to allow access ( DHCP is set to on ) .At last i found no any foreign devices .

    Most of the times... you just need to change the key to connect to your network. There is a fairly high chance that you still use the standard key which was not randomized. And that is how people are able to connect to your internet.
    bakryhetta
  • bakryhettabakryhetta Member Posts: 8

    I have no key generator and i also need to put the key in different devices such as android TV's and ip tv receivers , it is difficult to put the randomly generated passwords in these devices ,if you have a way or method to enter these generated keys i shall be thankful .I tried before to use the router setting of ( no DHCP ) and put manually an ip address for every device , but I faced a problem of some devices not accept the manual ip .I tried also the hidden network name but aly i found some devices not support thi property .

    Thanks for your comment .

  • OKCOKC Member Posts: 8
    edited November 3
    The #1 thing is to never give in to anyone's demands.  Practice safe surfing and good internet hygiene  All of the info below is assuming you have a windows desktop in your LAN. I have wireless capabilities from my Win10 desktop but I have it on airplane mode meaning "turned off" so everything goes through my modem / wireless router combo and FingBox'.

    Ransomware' makes demands "immediately." When you encounter a hack' threat' or script', unplug the router. Close down the browser or the whole operating system if you need to. Call tech support for your internet service provider or the device you are concerned about. Consider taking it to a professional. If you are leasing the router from your ISP they can get inside of it, show you around and help you with setup and how to look for connected devices. If you buy your own router like I did, they only help you get online.  If you purchased your router there should be tech support for a year but sometimes they aren't very knowledgeable but its worth a try.

    Going back to Original Poster did you state that you owned a Fingbox? If so were you able to see if anyone was in your "Local Area Network" While looking through DEVICES tab? All it takes is a couple of clicks and anyone in your LAN will be taken to the door and locked out. Also While in DEVICES, click on your avatar in the upper right hand corner > choose 'settings of 'Fing' > Turn on 'automatically block new devices. This will stop infiltration as soon as it happens and until you approve them.In the NETWORK tab is wi-fi intrusion protection turned on? Have you looked around inside the app, to see many of the tools?  Had a peak at the digital fence?

    Now to get to your original question "if there was anything else you could do after changing passwords etc.,  Here is something  I will do every so often just to feel as if I am wiping the dirt off of my shoes.

    Right click the start button > left Click 'Command Prompt Admin' > in the Admin Command Prompt, type "ipconfig/release" without the "quotation marks"  and press enter > unplug the router > turn the computer off and wait. The consensus is usually 2 minutes. plug the power back into the router > turn the PC back on after everything boots back up get back into "Admin Command Prompt" and type 'ipconfig/renew" and press enter. Here are some screen shots but it should be straight forward.
    If you don't have the FingBox I suggest you get one, if you do have one, you should be seeing the blue lights on it. see here for the meaning of Fingbox' lights.




    Marc
  • SimoneSpinozziSimoneSpinozzi Member Posts: 71 ✭✭✭
    edited November 3
    @bakryhetta no, no, you misunderstood what i meant.

    When you set up a new device in a network, there are 2 ways of doing it.

    The really wrong way, which is to either leave the network open while setting it up and then protecting it... or using WPS.... which is basically the same thing, but worse because it makes you feel like you are protected while you aren't...

    And the correct way, which is to set up a protection key in your router, it's usually referred to as WPA in your router's manual (though at the very least one should use WPA2).

    At that point when you connect a device you tell the new device what the key you setup is and you can connect to the network.

    Now, there are people who will tell you to make up a completely random string of numbers and letters which is impossible to remember as a WPA/WPA2 key (WPA2 being better, but WPA provided because "legacy" even though i think nobody uses it anymore. Also avoid WEP. Dinosaurs should stay extinct.)

    But seriously just use 6 or 8 words and put stuff you can remember between those words and change maybe a few letters into numbers, add intentional misspellings or word puns that break common grammar and it's just as safe.

    Between a key like this: GHTGHGNHDJHJewjfhfsalkkQYDgLHZYsdz5123741

    and a key like this: 0h.my.darling!Oh_my_darling!Oh-my-darling-CLAMMENT1N3!

    Honestly any attacker would find almost completely equal difficulty to break these two passwords, but the second is much easier to remember. The so called "L33t Speak" was invented as an easy way to remember how to write passwords and once you're strung together something easy to remember with stuff you find easy to associate as substitutions for the actual words (a random song nobody remembers, 0 for an O, but not every time, just the first time, so that we don't make a pattern, and since you can't have spaces first sequence uses dots, second uses low dashes, third uses dashes, etc. etc.) then you have a password you can remember and jot down "incomplete" (so that random people finding the notes won't be able to tell what the password is without more research, but you can tell at a glance)

    At that point you have a WIFI that does not need to see if everybody trying to connect is authorized and kick it out, which... for an open network... is hell, since it means the router is ***constantly*** doing that. But will just deny access to anybody who does not have a key. The difference being that normal devices that do not have a key will pester their users instead of your router, and thus your router will just have to deal with the attackers actively trying to break the key. At which point, yes... ***also*** having a whitelist might help... marginally (whitelists are much easier to break than encryption keys for hackers, especially if the whitelist is based on something as ridiculous as mac addresses... or worse... IP addresses... buut every bit helps).
  • bakryhettabakryhetta Member Posts: 8

    I am sorry if i hardly understy your words .

    You did not tell me practically how i can use these randomly generated keys ,is it by using an application program ? or using an extery device to generate the keys ? . If i want to use thesy randomly generated keys ,whay steps one by one , please .If any device or application program is required please mention they .

    Thanks a lot .

  • SimoneSpinozziSimoneSpinozzi Member Posts: 71 ✭✭✭
    @bakryhetta ;it's not an external program. It's very ultra-basic basic network security.

    You have to set up a WPA2 protection on you router.

    If you go to your router setup page (where you have set up your whitelist) you can generate a WPA2 key.

    But the problem is that every router sets it up in a different way. So i cannot be as specific as needed if you don't even know what a WPA key is.

    Second problem is: if you don't even know how to set it up... you would (essentially) see yourself cut off from your own internet the moment you insert that protection. Aaand then you would be unable to even ask for help.

    But essentially check what network you are connected to.. and once you get cut off because you have inserted a WPA2 key... reconnect to that network and give the same key.

    The easiest way would be to ask somebody you know to teach you the basic steps to set it up while on the phone, possibly not a VoIP phone or the moment you set up the protection... you would also need to tell the phone... or it gets cut off. 😅

    These are a couple of very basic guides on how to do it. But they all take given that you know at least a bit... which you obviously do not.

    I hope you will still be able to connect to the internet since there is an high chance you do not know what you are doing. I advice you read both. And then get some help from somebody to basically tell you what you do not know or what you are missing

    It's still better if you do it yourself, because that way you will learn... but not knowing what is your setup... i know there will be problems, because specific always beats generic. 😅 So... uhm... keep somebody handy and good luck i guess.

    https://www.thegeekstuff.com/2008/08/6-steps-to-secure-your-home-wireless-network/


    It's basically like setting up a lock on your door from the outside... and then remembering that you have to get back inside.

    What you have right ow is your router acting as a bouncer and he has to both let the stuff you need inside and outside... and then also check who is bringing said stuff inside and outside. Buuuut instead of asking for an ID once and then telling them "no" it's doing it for each single item they try to bring in and out. And every time they show up at your door just to look inside.

    It's bad because it overloads your router pretty easily (internet slows down and then stops) and also because it keeps it running hot (and running hot is always bad for electronic devices). Basically you will have to turn it "off and on again"™ very often. Especially during the summer.

    It works... but it works in a bad way, basically.
    Ciaran
  • ClaytonClayton Member Posts: 1
    @bakryhetta If you think that you need a generator to come up with complexity, the above mentioned apps that are available for Desktops and mobile devices can do that for you.  LastPass, 1Password, TrueKey, Roboform, etc.  Most offer trial versions so you can test each one out.
    VioletChepil
Sign In or Register to comment.