..is this a hack possible remotely? Or is it someone Middle manning a bait network....or ?

evolusicevolusic Member, Beta Tester Posts: 6
First Comment Photogenic
edited May 2020 in Devices & Security
Network analysis 

Find open ports  (never seen that before )

Certificate from  http open port
 More from certificate.....
These are from my phone and i pad whats going on?would a Fing box per event this?honestly ive been thinking I’m in over my head.on this but I’m sure I’m compromised by someone grabbing my device by naming their WiFi identically and then feeding me through to my router .....if that did happen it would have to be one of my neighbors right? Within range of my network? Am i watching to may movies or is device security really that easy to get around? 

Answers

  • RobinRobin Administrator, Fing Team Posts: 3,785
    250 Answers 2500 Comments 500 Likes 100 Awesomes
    admin
    Hi @evolusic
    Do you have a multi-band router which provides multiple frequencies like 2.4Ghz and 5Ghz? Also, do they have the same SSID name? This could be explained through this. Any further advise @rooted @kltaylor @Marc



    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides("Helping Hand"). HAPPY POSTING!!!
    kltaylor
  • MarcMarc Moderator, Beta Tester Posts: 2,168
    100 Answers 1000 Comments 500 Likes 250 Agrees
    ✭✭✭✭✭✭
    @robin question is a good one.  2nd question is did you install an open source router software on your WiFi router?  That’s what openwrt is.  If you did that’s fine as many routers support this but want to make sure you did. 

    As Man in the middle would point to a duplicate router in the chain...  as a first troubleshooting exercise, turn yours off and see if the phantom one persists. 
    Thats Daphnee, she's a good dog...
    kltaylorProTecK
  • kltaylorkltaylor Moderator, Beta Tester Posts: 1,231
    1000 Comments 500 Likes 50 Answers 100 Awesomes
    ✭✭✭✭✭✭
    Both are great questions, it's what I would ask.  The OpenWRT is 'Open Source' firmware that some hardware manufacturers and models (Linksys comes to mind immediately) will allow you to flash a new 'OS' into the router.
    Have you changed routers lately?  As Marc asked, did you flash your router with Open Source firmware (tomato, etc.)
    "There's a fine line between audacity and idiocy."
    -Warden Anastasia Luccio, Captain
    Marc
  • rootedrooted Gulf Coast, USModerator Posts: 812
    500 Comments 50 Answers 100 Likes 25 Agrees
    ✭✭✭✭✭

    There are routers that come with OpenWRT preinstalled as well, not many but some.

    MarckltaylorProTecK
  • evolusicevolusic Member, Beta Tester Posts: 6
    First Comment Photogenic
    So i am using a router given to me from the provider a fiber cable internet to a central distribution in my apartment building to ether net cable to a dual channel zexel router i was told i couldn’t change the password even which is the last 8 digits of the serial number which i just realized wtf you can that somewhere i bet .....geez how dumb i never even thought ability this stuff till weird stuff started happening with my screens and devices hop on and off my hotspots ....anyways....so heres the deal yes i do have a multi band router but it clearly says and happened speraticlly over the last three days the 5 wouldnt sign its self on to the 2.7 the 2.7 was logged onto the 2.7! My phone and iMac both were on the network and there was a router and that is how you do that right? I grab your device by naming the network I’m hosting your homes exact name but no password while signed on to your network and with the right software can middle man the device right? Not a huge hack just gotta get the serial number and your in on every Usi fiber router holy cow troll me I’m wrong ....right? Or is the network really that lacking in  security! i never installed anything on that router but they probably are a simple PW as well so what can that software do?
  • evolusicevolusic Member, Beta Tester Posts: 6
    First Comment Photogenic
    My first tip to the issue was look at the first shot ones of the choices is RUN AWAY! Lol but see I’m running through a network with the identical name so if it’s available first and i have it as a fimilar network the phone or tablets just signs on .........thats so messed up man if i didnt have that device search function I’d never have know.....crazy ...would the Fing box stop this stuff?

  • webwolfwebwolf Member Posts: 21
    10 Comments 5 Agrees First Anniversary 5 Likes
    ✭✭
    I'm struggling to follow your comments a little. But best practice is of course to use WPA2 and use a long complex password. If you have an open WiFi channel with no password, then anyone with a router could name a WiFi hotspot the same as yours with no password and your devices would absolutely just hop onto the one with the strongest connection.

    The simplest way to check this is to logon to the router and change the WiFi name & Password. then reconnect all your devices to the new network with the new password. If the old network is still available then you know... it's at least suspicious; in that case, reset all your high profile passwords (Bank, Email, Social Media etc...).

    Never connect to a WiFi network with no password and if you do, use a trusted VPN provider. Personally I have my own VPN server because I trust my own network but not hotels, airports etc...
    kltaylor
  • kltaylorkltaylor Moderator, Beta Tester Posts: 1,231
    1000 Comments 500 Likes 50 Answers 100 Awesomes
    ✭✭✭✭✭✭
    rooted said:

    There are routers that come with OpenWRT preinstalled as well, not many but some.

    Wow, didn't know that.  Thanks @rooted for sharing that with me.
    "There's a fine line between audacity and idiocy."
    -Warden Anastasia Luccio, Captain
    rooted
  • kltaylorkltaylor Moderator, Beta Tester Posts: 1,231
    1000 Comments 500 Likes 50 Answers 100 Awesomes
    ✭✭✭✭✭✭
    evolusic said:
    So i am using a router given to me from the provider a fiber cable internet to a central distribution in my apartment building to ether net cable to a dual channel zexel router i was told i couldn’t change the password even which is the last 8 digits of the serial number which i just realized wtf you can that somewhere i bet .....geez how dumb i never even thought ability this stuff till weird stuff started happening with my screens and devices hop on and off my hotspots ....anyways....so heres the deal yes i do have a multi band router but it clearly says and happened speraticlly over the last three days the 5 wouldnt sign its self on to the 2.7 the 2.7 was logged onto the 2.7! My phone and iMac both were on the network and there was a router and that is how you do that right? I grab your device by naming the network I’m hosting your homes exact name but no password while signed on to your network and with the right software can middle man the device right? Not a huge hack just gotta get the serial number and your in on every Usi fiber router holy cow troll me I’m wrong ....right? Or is the network really that lacking in  security! i never installed anything on that router but they probably are a simple PW as well so what can that software do?
    I will agree with @webwolf in that I am a bit lost with this description, but let's give it a shot anyway.

    "So i am using a router given to me from the provider a fiber cable internet to a central distribution in my apartment building to ether net cable to a dual channel zexel router"
    Most companies will want you to use their equipment to make it easier on their remote techs to service them in the event that there is an issue with the network.

    "i was told i couldn’t change the password even which is the last 8 digits of the serial number"
    This part I would have had a more in-depth discussion with them on.  Personally I prefer to own and use my own equipment and allow the ISP to have access to it so they can manage it on their end.  Of course that's a personal preference, not sure if your ISP would allow the use of your own equipment, however I will stress that if they maintain the password as the last 8 digits of the serial number of the device, they're really 'pushing the boundaries' and daring someone to hack into them.  Again, IMO.

    "yes i do have a multi band router but it clearly says and happened speraticlly over the last three days the 5 wouldnt sign its self on to the 2.7 the 2.7 was logged onto the 2.7!"
    That really depends on the wireless capabilities of the device that you are using, whether or not it will see and/or connect to both wireless bands.  The 2.4 Ghz band is the one that's widely used and supports wireless A, B, and G versions of it.  5Ghz will only connect to other network adapters that are capable of connecting to those higher frequencies.


    "My phone and iMac both were on the network and there was a router"
    If three devices are all that you have and would expect on your network, then yes.  Your router will show up and typically have a different MAC address for each type of network connection: Ethernet, Wireless 2.4Ghz, and Wireless 5.0Ghz.
    If there are other devices listed on your network that you do not recognize, this presents to you an opportunity to review those devices and determine the action that should be taken on them (block, allow, identify, etc.).



    "I grab your device by naming the network I’m hosting your homes exact name but no password while signed on to your network and with the right software can middle man the device right?"
    You should always use secured wireless channels using WPA2, never leave them without a password to connect to.  If your wireless network does not require a password to attach to it, then it exposes anything on your network to anyone else who happens by and connects to it as well.  Check with your ISP and ensure that the wireless channels are managed with a secured/robust password and that only the devices that you allow are actually on the network.


    "Or is the network really that lacking in  security! i never installed anything on that router but they probably are a simple PW as well so what can that software do?"
    Check your router settings for this answer, and please have a discussion with your ISP support about this as well.  Since you want them to manage your network for you, you should involve them with any discussions about securing your online presence while using their service.  I would also ask to change the password on the router to something that isn't as easy as the last digits of the serial, and to share that password with you.  Express your concerns with your ISP and see how they respond.
    Hope that helps, good luck!
    "There's a fine line between audacity and idiocy."
    -Warden Anastasia Luccio, Captain
    rootedwebwolf
  • evolusicevolusic Member, Beta Tester Posts: 6
    First Comment Photogenic
    Wow I truly thank you all for responding. It’s a difficult task to wade through novice descriptions when I don’t really know what half the descriptions letters really mean so thank you . Let me simple and clear with this question though or I’ll try at least . I’m sure I’m being hacked my failure to communicate the incidents in a way you can understand is on me if I was more versed in the tech you’d understand it’s obvious. But if I am or not doesn’t matter to answer this. How can I create a safe WiFi network ? Would the 40$ on a Fing box slow me to control who is on my network? The router is an issue for sure and it is crazy that they do  it like that but I swear Usi fiber Minneapolis has routers you must use and the passcode is the 8 numbers I mentioned on every one they even have stickers that put the code in big numbers on the front of the router I will call them and ask about using my own . And I’m not making up the duplicate network trick it totally is a HUGE security issue in iPhones I thought android too. Name two networks identically. Have one with a passcode . Have your iPhone learn that network. That represents your work or home network. Now you can jam that or just use something to lower signal strength (distance or aluminum foil) and then turn on the second network with no password but higher strength and turn on iPhone WiFi. It will sign onto the closer stronger signal with no password without a prompt to you I swear unless they fixed it recently it’s still a thing I had a friend that said to treat all networks as hostile and firmer everyone so you have to key in everytime to avoid such an easy trap ....but yes thank you all who put up with my ADHD posting .it is appreciated 
    webwolf
  • rootedrooted Gulf Coast, USModerator Posts: 812
    500 Comments 50 Answers 100 Likes 25 Agrees
    ✭✭✭✭✭

    Try reading this page and see if any of it makes sense to help secure your OpenWRT based device:


Sign In or Register to comment.