1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

My neighbour the thief!

Discussion in 'BlackHat Lounge' started by James2, Apr 15, 2012.

  1. James2

    James2 Senior Member

    Joined:
    Jun 3, 2011
    Messages:
    1,133
    Likes Received:
    994
    Location:
    London, England
    I noticed my internet connection was really slow even though I have a super fast service. Anyway, I done a scan using who is on my wifi and there was an unknown computer on my network. The ip is very similar to mine and my router is weak, so I know he/she is close, in my apartment block to be exact and there are only four apartments here. So my question is, how do I easily remove them permanently? I have password protected wap2, so they must have cracking software and I don't want it to happen again. I would also like to know who they are so I can shame them in public lol.

    Thank you in advance!

    James :)
     
  2. HoNeYBiRD

    HoNeYBiRD Jr. VIP Jr. VIP

    Joined:
    May 1, 2009
    Messages:
    5,890
    Likes Received:
    7,129
    Gender:
    Male
    Occupation:
    Geographer, Tourism Manager
    Location:
    Ghosted
    you can restrict computers by IP or MAC address in your router settings
    to access your wifi

    allow only your MAC address and forbid all the others, problem solved
     
    • Thanks Thanks x 4
  3. James2

    James2 Senior Member

    Joined:
    Jun 3, 2011
    Messages:
    1,133
    Likes Received:
    994
    Location:
    London, England
    Good advice, thank you :)
     
  4. RuiGomes

    RuiGomes BANNED BANNED

    Joined:
    Jun 12, 2010
    Messages:
    700
    Likes Received:
    238
    MAC filtering would be a good idea, unless you have various devices.
    I have done it in the past, but then it was a pain in the ass because my wifi printer didn't work, if a friend come along it couldn't use the wifi, etc.

    So my solution was to hide the SSID, so if anyone searches, they won't find it, and use a secure password.
     
    • Thanks Thanks x 1
  5. wanfirdaus

    wanfirdaus Regular Member

    Joined:
    Dec 6, 2010
    Messages:
    357
    Likes Received:
    132
    Occupation:
    IM
    Location:
    WP Login
    Home Page:
    • Thanks Thanks x 1
  6. foshizzle

    foshizzle Junior Member

    Joined:
    Jan 13, 2012
    Messages:
    126
    Likes Received:
    17
    MACs can be easily spoofed. Hiding SSID isn't really effective either. Ever heard about Backtrack? Google it! hehehe...

    What you need to to is secure your connection with WPA2 and a good RANDOM password! No one can crack this ever! NEVER use WEP encryption, this can be cracked within a matter of minutes.
     
    • Thanks Thanks x 1
    Last edited: Apr 15, 2012
  7. RuiGomes

    RuiGomes BANNED BANNED

    Joined:
    Jun 12, 2010
    Messages:
    700
    Likes Received:
    238
    Oh cmon man, we're talking about a neighbor who probably just guessed his password, not a word series hacker.
    Just hide your SSID and change your password. If he's able to get in, he's probably very skilled and there's few you can do to prevent him from getting in.
     
    • Thanks Thanks x 1
  8. HoNeYBiRD

    HoNeYBiRD Jr. VIP Jr. VIP

    Joined:
    May 1, 2009
    Messages:
    5,890
    Likes Received:
    7,129
    Gender:
    Male
    Occupation:
    Geographer, Tourism Manager
    Location:
    Ghosted
    MACs can be spoofed, but spoof to what? you only allow your MAC address to access the wifi, how the hell the neighbor will guess the MAC w/o having access to the network/router? and OP already said he protected his network with WPA2 and it's cracked
    if restricting by MAC address is not enough, his neighbor is a big time hacker, so he can do anything he wants

    or if OP has a static IP, he can restrict by IP as well
     
    • Thanks Thanks x 1
  9. oxonbeef

    oxonbeef BANNED BANNED

    Joined:
    Jan 4, 2009
    Messages:
    2,242
    Likes Received:
    7,872
    From Todays Telegraph.
     
    • Thanks Thanks x 1
  10. Nigel Farage

    Nigel Farage BANNED BANNED

    Joined:
    Feb 8, 2012
    Messages:
    563
    Likes Received:
    1,495
    I'm not convinced it's a neighbor stealing. A new problem I've discovered on a business network I manage is that some mobile phone apps are buggy as hell, and will run network usage off the charts. People come in with their mobile devices in their purse, and at about lunchtime the work computers start falling off the wireless network while desktops connected via LAN have no issue. We are considering changing the PW and restricting access to the wireless network to only work computers. So the first thing I would do is rule in/rule out any mobile devices.

    The second thing to consider is if the PW was hacked, how it happened. WPA2 can be hacked, but it takes time and a good amount of computer power and some skill. If they have the sophistication to crack encrypted WPA2 packets, they can afford their own internet. Are you certain wireless encryption is enabled. I"ve done on-site calls where someone in the household turned off encryption because they couldn't remember/weren't suppsed to have the PW, and no one knew it was unsecured.

    Some routers will output both a secure and unsecured wireless signal, and unless you manually turn of the unsecured signal you are providing free wireless to the whole neighborhood.

    People that dabble in blackhat arts frequently install experimental, special-purpose software downloaded from suspicious and highly dangerous places like uh.... well yeah, and so then their "free proxy" software decides to start offering free proxy service to all manner of evil spammers and ne'er-do-wells. Another thing to consider is that the existence of an outside party is what is spoofed, and in fact it's your own machine that is performing illicit operations online.

    Maybe YOU are "Anonymous", lol. That's one way to remain hidden, is to make someone else do the dirty work.

    Finally, I'd want to know PW length and whether or not it was guessable. Was it "password" or "poopoo12"? Dictionary attacks are much faster than brute force, and are a more likely explanation.
    Change your current PW to something else, and see if it throws the unknown entity off the network. Not sure what the longest & most complex WPA2 password is, but I'd bet the time to crack it is in terms of years, so changing it to a hardened PW may be the only thing you need to do. But malware is still a possibility.
     
    • Thanks Thanks x 2
  11. Nigel Farage

    Nigel Farage BANNED BANNED

    Joined:
    Feb 8, 2012
    Messages:
    563
    Likes Received:
    1,495
    Duplicate post.
     
    Last edited: Apr 15, 2012
  12. ThreadKiller

    ThreadKiller Power Member

    Joined:
    Jan 31, 2012
    Messages:
    614
    Likes Received:
    303
    Location:
    London
    Since you are running WPA2 you should be fairly safe. Just change the key to something completely random and you should be safe for quite some time. To crack any random wpa2 key within a reasonable amount of itme your intruder would probably be using dual GPU's for cracking, and unless you have a true geek in the house, that is probably not what's happening.

    You absolutely sure it is an intruder btw? Could be your phone, could be a vmware guest.
     
    • Thanks Thanks x 1
  13. tb303

    tb303 Power Member

    Joined:
    Dec 18, 2011
    Messages:
    601
    Likes Received:
    280
    Is WPA really that vulnerable these days then?
    If it is or the password was guessed then wouldnt this be the only time you could legally do arp poisoning on your own network it and sniff his logins? If its still quite technical then theres a chance hes doing this to you. :eek:
     
  14. brwipens

    brwipens Regular Member

    Joined:
    Nov 18, 2007
    Messages:
    245
    Likes Received:
    254
    Get a program called WIRESHARK and install it on a computer or laptop and directly connect it to your router. Wireshark is a packet sniffer and will capture all the traffic going in/out of your router and create a logfile of it(a HUGE logfile if u run it a long time). Now, go through the logs of all your neighbor's traffic and get information you might find useful and fuck him up.

    You can either do that or a) change your Pa33w0rd7z523ll b) enable MAC filtering c) disable WPA and use only WPA2. You could change your SSID and make it hidden but that isn't really security. If he/she still manages to leech off of your connection, you can always just walk over to his place with a baseball bat and give him a wood shampoo.

    What's your router? If it's a NetGear, make sure your "public network" is disabled. Some other mfgs ship their wifi routers with public access enabled by default so make sure that's disabled.
     
    • Thanks Thanks x 2
  15. joeyzaza

    joeyzaza Newbie

    Joined:
    Dec 10, 2011
    Messages:
    42
    Likes Received:
    17
    Occupation:
    This is my full time job now
    Location:
    Michigan
    Use wpa2 with a crazy complicated password. Works like a charm for me. Like stated before, if someone can figure out how to crack a wpa2 password, they probably have enough skills to make money and buy their own internet.
     
    • Thanks Thanks x 2
  16. RMX

    RMX Power Member

    Joined:
    Nov 16, 2009
    Messages:
    726
    Likes Received:
    389
    Occupation:
    Network Security Admin
    Location:
    London, UK
    Home Page:
    MAC can be sniffed and spoofed.

    WEP is shit - never use it.

    WPA/WPA2 can only be cracked if you are using pre-shared keys with it. Do not use those.

    Change the password to your router's web admin interface.
     
    • Thanks Thanks x 1
  17. Ste Fishkin

    Ste Fishkin "I'm watching you.." - Apricot Jr. VIP Premium Member UnGagged Attendee

    Joined:
    May 14, 2011
    Messages:
    1,833
    Likes Received:
    8,692
    Occupation:
    Rands Sex Slave
    Location:
    England
    Just change the encryption to WEP2 (I think)

    Change the password

    Change and hide SSID

    and MAC address filter it on top of that.

    Should stop 99% of thieves
     
    • Thanks Thanks x 2
  18. James2

    James2 Senior Member

    Joined:
    Jun 3, 2011
    Messages:
    1,133
    Likes Received:
    994
    Location:
    London, England
    Firstly, thank you all for your input and time. Some very good answers there. The chances of any of my neighbours being top class hackers is slim and if they was, they would indeed be able to afford their own internet. Now I can see that another ip address is using my router. It isn't a mobile device in my own home. I checked that out which leads me to the conclusion that I may have maleware installed on my computer. Thing is though if that was the case, why does it say that another ip is riding my internet, an ip that is very similar to my own (all the digits are the same apart from the last 3) I also done a full scan with malewarebytes and it says I'm clean.
     
  19. oxonbeef

    oxonbeef BANNED BANNED

    Joined:
    Jan 4, 2009
    Messages:
    2,242
    Likes Received:
    7,872
    Change your networks name to "Hard-drive-Nuke-botnet-virus"
    That should keep them away.
     
    • Thanks Thanks x 2
  20. Markthedude

    Markthedude Power Member

    Joined:
    Feb 26, 2010
    Messages:
    572
    Likes Received:
    266
    Occupation:
    Entrepreneur
    Location:
    United States
    Connect your computer via lan line and disable the router or wifi feature on your modem. Do another scan, if everything looks fine then you know that your computer itself is O.K i.e malware, spyware etc. If you only notice issues when you have wifi running then you need to figure out a way (or implement the ideas here) to secure your connection.
     
    • Thanks Thanks x 1