Ask any devices or smart home question in the Devices/Security or Network Troubleshooting Categories.
Happy posting!
Neighbor has hacked into my router and is piggybacking - what can I do?
Best Answers
-
Tin_Man
Member, Beta Tester Posts: 7✭
Wow, some great info here but there are simpler solutions. For example, wiring in as many devices that support it and then configuring the guest network (or a vlan if you have business class equipment) specifically for wireless. Isolate them so that if say someone does manage to crack through the wireless they don't have access to the whole house. And if you didn't know, fing makes a nice app you can install on your phone and keep an eye on wireless devices connected to the network. Most wifi vulnerabilities these days take advantage at the moment devices connect to the networks, so just keep an eye out for new devices that show up and if anything you didn't allow shows up, change the password. When adding everything back on, don't give out the password instead you type it into the devices. That way every device allowed hast to get passed you first. With small home networks this type of management is possible and very secure.
9
Answers
There are other things you can do, depending on the routers feature, like whitelist the MAC addresses of the equipment you want to allow access to your network but that’s a bit of work to implement. That will keep him off the network assuming he does not have your MAC address list and can’t spoof a known MAC address.
Community Manager at Fing
Another thing to consider, since you're neighbors in an effort to keep the peace where you live: Create a guest network and leave them a note or otherwise inform them that they can use that one instead. You don't know what the situation is and why they use it to begin with, maybe they can't afford it on their salaries?
Curious though, how do you "know" that your neighbor attached themselves to your network?
-Warden Anastasia Luccio, Captain
Can't tell if you're a tech or not, but if you can keep up there's the following you should do if you suspect that you were targeted or know that your router is volnerable to specific worms out there high jacking equipment. While the advice previously mentioned is sound advice, I will add that if you do change the passwords on the equipment, please be sure to use a fresh new password and not one that you already use for anything else. Also, I would do a hard rest of the device back to factory and I would go to the manufacturer's website and download their latest firmware and manually do an update install. Don't use the auto update nor backup/restore settings. Manually reconfigure it. Some of the worms out there add scripts to the autoconfiguation wizards so don't use anything that makes things easy, and verify all the details in the devices logs.
Thanks all for your responses. You can choose BEST ANSWERS - by selecting:
Did this answer the question? Yes/No - choose as many that have helped you
Community Manager at Fing
An attacker can trivially bypass MAC filtering, and a hidden SSID is also pretty much useless for many reasons.
1. Make sure you are using recent firmware
2. Make sure that you are using WPA2 or, better, WPA3
3. Be sure WPS is DISABLED
4. Be sure admin login from WAN is disabled
5. Change login and WPA2/WPA3 passwords
6. Disable uPNP and check port forwards
7. Scan all internal systems for malware
8. This is my favorite - since you are effectively controlling your neighbors internet, you can do MitM - Man in the Middle attacks, to scarf their passwords and inject malware into the datastream to take control of your neighbor's computers. You could play harmless pranks, or surreptitiously make their computers do evil things. I will not go into detail out of respect for the family nature of Fing's community, but use your imagination. Just remember that it is your IP address, so don't do anything terribly illegal.
Read up on WiFi MitM, SSLStrip, Evil Twin and the like, and have some phun with those crooks before you lock them out. :)
And this is just the start. The WiFi alliance screwed up big time when they created this standard. I suspect we'll uncover more issues as time rolls on. Meanwhile routers with WPA3 enabled run the risk of not getting fixed leaving them open to attack.
It isn't ideal yet, but it is more secure than WPA2, and is a step in the direction of fixing long standing known vulnerabilities in the old WPA2. It is just short sighted to say that it is a joke just because it isn't impenetrable. WPA2 Enterprise is also vulnerable to KRACK, so even going so far as advising OP to set up RADIUS would be less secure than the preferred WPA3.
It is the old routers with WPA2 that are at risk of never being updated, given that it is an old protocol that is being phased out in favor of the new updated standard. Admittedly, I wouldn't rush out and buy new gear just for WPA3 yet, but I *would* have some fun with that neighbor. :)
OpenRadius is no safer. The current WPA3 implementation has the same risks with EAP-pwd, that means it's no better than WPA2.
There will be no fixes to WPA3. It is permanently broken. Fixes, if and when they come, will be with WPA 3.1. However the closed door nature of the development of this standard means that it's never going to be properly vetted before it goes public, meaning that there's a very high risk that it'll be broken just as easily.
Worst of all this is users who are given the illusion of security. Right now, I'd trust WPA2 over WPA3 any day of the week. It's older yes, it's creaky and leaky, sure. But it's a well known standard now. WPA3 is a black hole just waiting for new vulnerabilities to be found on it.
@SimplyNadar , instead of berating someone who does security for a living, why not google the issue a bit and see what comes up. Yup there are pros and cons to every protocol out there but the free dissemination of information, both PRO AND CON, can help people come to their own conclusions.
For example:
for anyone who reads this thread thus far, please google the protocol and issues and see what comes up.
Did this answer the question? Yes/No - select Yes and that will choose a BEST ANSWER.
Community Manager at Fing
I'd like to advise you that we do not advise anyone here to issue any sort of attack on anyone else, that's not why we're here.
WPA3? Hasn't been mainstreamed yet so please don't provide information that the average consumer cannot implement effectively.
-Warden Anastasia Luccio, Captain
-Warden Anastasia Luccio, Captain
Thanks for allowing us an opportunity to help ease your concerns and assist with regaining control over your network. Feel free to ask us anything (well .. almost anything
-Warden Anastasia Luccio, Captain
There's a lot of advice in here but I'm going to give you the advice that will be 99% effective.
Change your Wi-Fi password.
That's it. Nothing more. MAC address filtering is useful but if you're neighbor can hack their way into a Wi-Fi network without the password then MAC address is filtering is trivial to bypass. Same with SSID hiding.
Radius servers are fantastic, and I run one, but they're a bit more advanced to set up and really don't add much security without implementing EAP-TLS it's not much more secure.
VLANing is useful but you probably don't have a router that supports it (we're talking about mostly enterprises routers like Cisco, Mikrotik, Juniper, and Ubiquiti).
Just change your Wi-Fi password and you should be good.
Also: people keep mentioning KRACK and yes that is a vulnerability but it was parched 2 years ago (I would know, I was working in a SOC and we got emergency called in). If your router doesn't have a patch for KRACK then it's time to replace the router as it hasn't been updated in 2 years.
* I'm used "paired" here just to mean the devices that share some sort of trust mechanism for that Apple user - by way of Keychain or Apple ID, for example.