1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Securing Linksys WRT54G v5

Discussion in 'Networking Issues' started by jclarke5, Jun 24, 2006.

  1. jclarke5

    jclarke5 LI Guru Member

    Hello everyone. I am new here, and very much a novice w/ networking but I would like to present a stumper I can't seem to resolve.

    Basically, I have the WRT54G v5 with the lateset firmware installed. It is configured w/ PPPoE on, DHCP enabled, WEP 128-bit encryption for my home network of 4 PCs. My ISP is Bellsouth and I am on a Westell modem in bridge mode w/ the router.

    Here's the problem: My neighbor is constantly picking off my signal. I have tried Permit only MAC addresses, Prevent MAC addresses, changing SSID, but when I check the DHCP table, I still regularly find the unwanted parasite on my network! He has mentioned to me that he has some kind of security software that enables him to hack networks (but I didn't think he would hack mine).

    I suupose one solution would be to set up static IPs but I am not familiar with how to set it up.

    Please help me stymie my nosey neighbor!
     
  2. sufrano63

    sufrano63 Network Guru Member

    WEP encryption is hackable (sometimes in 2-5minutes)

    1. Chk your firmware# and upgrade to the latest to support WPA2 encryption
    2. Upgrade your PCs with this patch

    http://www.microsoft.com/downloads/...4d-e7c1-48d6-95ee-1459234f4483&displaylang=en

    3. Use password generator from here

    https://www.grc.com/passwords.htm

    4. Now dare your neighbor to penetrate your network. Sit back and enjoy

    If he's able to hack again after WPA2 encryption. He's probably already installed some kind of "keylogger" on one of your PC, so that's not going to help unless you reformat and start all over again.

    Good Luck
     
  3. Advis

    Advis Network Guru Member

    You should also get proof of your neighbours intrusion by taking screenshots of the DHCP table. I don't know where you live but in the UK this would fall under the computer misuse act. Don't let him walk all over you. Say you've got proof and are considering taking further action. Of course, beef up the security too.
     
  4. digitalgeek

    digitalgeek Network Guru Member

    beat the hacker...

    next time you know your neighbor is out, try a full reset and clear NVRAM...

    set a new SSID and don't broadcast, create a new wep key or a new WPA2 password and set mac filter to permit only.

    Beyond that, I would change the SSID and security regularly.


    If this doesn't stop him, you could consider setuping up a Win 2K or 2K3 server to host the DHCP and prevent him from geting acces that way.


    Good Luck!
     
  5. lwf-

    lwf- Network Guru Member

    WPA with a strong passphrase (get one at grc.com/pass) is enough, hiding and changing SSID wont help at all. MAC address protection is worthless too; it only gives you false security and requires extra work.
     
  6. digitalgeek

    digitalgeek Network Guru Member

    Mac Filtering...

    Mac filtering with WPA/WEP can slow a hacker down... and not broadcasting. Using combinations can make more difficult to hack.
     
  7. jclarke5

    jclarke5 LI Guru Member

    Still not working

    Guys,
    Thanks for all your suggestions. I ended up going with WPA2 and a strong password. It seemed to work for a couple of days but guess what...he's baaack!!

    I am considering running 300 ft. of ethernet cable throughout the house!

    Any other suggestions?
     
  8. sufrano63

    sufrano63 Network Guru Member

    Re: Still not working

    I very seriously doubt if he can crack WPA2 w/strong password (64 chars); otherwise we would all be hearing about in the news. Like I said before, looks like he's already penetrated your network with some kind of "keylogger". Your only option is to reformat all your PCs and start over.
     
  9. Toxic

    Toxic Administrator Staff Member

    have a look over this m8

    http://www.linksysinfo.org/modules.php?name=Content&pa=showpage&pid=37

    at a guess i would think he knows you passwords and your IP addresses range and mac addresses.

    try disabling SSID howevr it may give your wireless clients a problem.

    change the admin password to logon to the router.

    then change the IP addressing from the default 192.168.1.x to something more different.

    192.168.x.x x.x can be changed.
     
  10. mstombs

    mstombs Network Guru Member

    Disabling SSID is no protection, the info is still broadcast and easy for a software util to pick up - you can sit on a bus going through town looking at networks from a laptop as you drive past - so I am told!

    I suspect the V5 router with Linksys firmware has security holes, possibly via the WAN connection if your neighbour on the same ISP? Possibly via trojan/ keylogger as others have suggested direct to a PC within your network
     
  11. phecksel

    phecksel LI Guru Member

    Is he in the United States? Isn't it a federal offense to steal access?
     
  12. sufrano63

    sufrano63 Network Guru Member

    If he's already penetrated your network by installing "keylogger", then disabling SSID or any other stuff would do you no good. You can scan all your PCs using an anti-keylogger and check it out.

    BTW, try netstumbler and disable your SSID all you want..... :grin:

    WPA2 is currently NOT hackable and with 64 chars for passphrase. It's almost impossible to crack.

    I doubt if there was a security hole in the V5; otherwise, there would have been an immediate announcement from Linksys or from this site for an immediate firmware upgrade. Always upgrade to the latest firmware release if you can.
     
  13. gotamd

    gotamd Network Guru Member

    You have to use WPA with a secure password (randomly generated with no words, etc.) to hope to make your wireless network secure. WEP can be cracked in under 5 minutes and finding your SSID even when you're "not broadcasting" it is child's play for even a novice "hacker". MAC protection also obviously isn't working against this guy because he can spoof his MAC address (and probably already knows the MAC addresses of your computers). I would also turn off DHCP completely and change the default IP of the router to something other than 192.168.1.1 (to something such as 192.168.3.2). I know that in DD-WRT you can also change the maximum number of associated clients in the Wireless->Advanced Settings menu. Change it from 128 (default) to however many computers you have that will be accessing the network wirelessly. That's about all I can think of. If nothing else works, you may as well just report him to the police. Good luck, it sounds like you have a real a-hole for a neighbor :(

    Also, try to do this all when you know he is not home (or asleep). Start off by clearing the router's NVRAM completely by holding the reset button on the back down for 30 seconds.

    EDIT: I see that he somehow managed to get past WPA2 encryption. If that's the case and you were using a secure password, then he must have also hacked into one or more of your computers and infected them with keyloggers, etc. I would get all of your computers checked out. In the mean time, download a live CD such as Knoppix which will bypass any keylogger or virus installed on your computer. Boot from that and make the changes using the computer booted from Knoppix. Then, don't put any of your wireless computers back on the network until they've been cleaned of any and all viruses because it's likely that the second you put your new wireless key into them, it will be sent to your neighbor. I would also watch all of your financial information because if you had any of it on the computer, or bought anything online then your credit card(s) and bank account(s) may be compromised.
     
  14. digitalgeek

    digitalgeek Network Guru Member

    what a tool

    This guy sounds like a real tool... he must have nothing better to do with his time but hack you measly little network... It al most sounds like you need to infect you computer with a nasty hardware damaging virus and leave you network wide open so this guy gets infected and won't bother you again... (he probably has a good anti-virus) go to show nothing can stop a determined hacker.... good luck!
     

Share This Page