Sense of security - Please help

WhatsHerName
WhatsHerName Member Posts: 3
First Comment
edited July 16 in Devices & Security
I have a question concerning whether or not something sneaky could be occurring on my home network. Since my sons father and I broke up over 2 years ago, there have been a LOT of clues that indicate to me that something just isn't right. One minor example is that there is a password protected hidden network in my home. At one point, I unplugged the router and his mother immediately called me and asked me to fix it because my son must have tripped the wires. Very very odd stuff, but I'll spare you : ). If someone could please walk me through the steps of ensuring my network is secure that would be SO amazing and much appreciated. Thank you all!  
Tr33_IT_Security

Answers

  • Jdubs
    Jdubs Member Posts: 2
    First Comment Photogenic

    This is one of the most uneasy feelings to have. I’ve been in IT support roles for abet 10 years now and even just as recently as a month ago I just found out someone has been hacking my WiFi. There was plenty of odd behavior and clues to indicate problems but I never thought it was malicious until the attacker did something rash which gave them away. I never thought this would happen to me the way it did. Luckily I’ve been keen on other security practices which have kept me safe so far…that only means the people who’re doing this aren’t up to dates on the latest tricks on how to bypass some of the higher security features. Enough about me…


    One of the most commonly known tools for WiFi network exploitation is called a WiFi Pinapple. It works out of the box and is setup only takes a few minutes. Then you’re easily able to highjack WiFi traffic and even get WiFi password using the right tools. Non techie people can do this…but there will be signs that it’s happening. Duplicate, open, and hidden networks and even sometimes networks you’ve joined elsewhere can randomly pop up. I have one of these pineapples so that I could learn how to defend against them……I am still not certain how to combat them entirely, let alone get rid of them other than the certificate server, or having to go down a more leagal means…There are a couple of things you can do but it’s less than ideal.

    1. Pay for a VPN service. Mozilla is offering theirs for 50% off for 5 devices $4.99 a month. VPN is an all around good idea these days for many reasons these days. It encrypts all traffic and keeps prying eyes disappointed.
    2. Use a physical network cable instead of WiFi where you can.
    3. Use your cellular service instead of the WiFi
    4. ”Powerline” adapters will help you interconnect different rooms without having to run a cable all the way across your house. I have the Netgear 2000’a that offer a secure pairing option. There are others…anything more than 3 tends to degrade performance.

    They call this kind of attack, The Evil Twin.

    It is a twin. I hate it There are ways to get evidence of said malicious networks. Hacking like this is illegal and law enforcement would need evidence to do anything. Use a tool called “inSSIDer” by metageek, (note: wireshark would be best but isn’t exactly user friendly) it will let you “scan the wireless” waves as well as capture data and see what the Wireless devices are talking about, no sensitive details but the basic signalling that is being done. If you see a device that is sending many “deauthentication” packets that will be the evil twin. inSSIDer can even help you find the device in some cases.


    A couple of tricks to clearly see this happening(ona basic level) 1. setup your network in a “non standard” but secure way it’ll be pretty obvious there is a fake network mimicking yours.

    1. use WPA-3 for wireless encryption
    2. setup WPA2E
    3. run scans to see if mimic networks are still there with the wrong security

    capture your packets, save them as evidence.



    good luck, sorry if this didn’t make a whole lot of sense. I hope someone else has a better suggestion

    WhatsHerName
  • Tr33_IT_Security
    Tr33_IT_Security Member Posts: 1
    First Comment

    Hi WHN,

    You came to the right place and you are in the right direction.


    Part of my volunteer work is with victims of abuse and cyberstalking.


    Feel free to reach out to me via email at [email protected]


    I will not charge you, I'm a lead Security Analyst for a well known company and can give you an overview of the measures to take. Good luck and be safe and aware of behavior that is unusual especially with the modem itself.

    WhatsHerName
  • WhatsHerName
    WhatsHerName Member Posts: 3
    First Comment
    Jdubs, 
    You were most helpful! Thank you so much for all of the great info. I've read countless hours on this stuff and I still feel like a 2 year old completing a cross-word puzzle lol. I will definitely get digging in the directions to which you pointed. Thanks again =)
  • WhatsHerName
    WhatsHerName Member Posts: 3
    First Comment
    Tr33,
    Thank you! I will be in contact 
Sign In or Register to comment.