Protecting files on PC from network hackers

[simonyeovil]

Dear Community,

I found Toms Hardware whilst trying to check the security of my wireless network at home. I live in the UK & have a typical infrastructure type new using a Belkin 54g router, a small Belkin USB wireless adapter dongle, & the built in Atheros AR500how easy7EG wireless built in adapters in a couple of laptops.

I found the routers SSID bas being broadcast & there was no encryption by default & no admin password to access the router!

I have fixed these, but before I did I thought I'd check how easy it was to get into my Internet access. Using another laptop I could simply connect to my unsecured network & access the Internet.

My question is if someone can easily do the above & get onto my wireless network & look 'upstream' onto the Internet, how wasy would it be for them to look 'downstream' & into whats on the disk of my PC/laptops?

Could they get in & access files, view documents or even alter files. If so, what common utilities would be needed?

I've turned on encryption to secure the wireless, hid my SSID & enabled XP's firewall. I have setup MAC address filtration also, which I guess will only permit machines that I know the MAC codes for can connect.

Hope someone can help,

Thanks,

Simon

 

[Guest]

All sound steps. But.

MAC filtering can be easily spoofed.

Hiding your SSID doesn't help and can cause connection problems. It's particularly pointless in areas crowded with wifi as other people will not see you and so avoid being on the same channel.

 

[eibgrad]

Although you mentioned fixing your lack of encryption, you didn’t provide any details. Hopefully you’re using either WPA2 (preferred) or WPA, and high quality key, one that is long, random, and based on a large character set. Doesn't do much good to use WEP, or use a key based on the name of your dog, phone number, or street address ( http://www.grc.com/password ).

Once your wireless secure is enabled, MAC filtering is pointless. Not that it was much value when wireless security was disabled. As suggested, it’s easily spoofed by anyone worth worrying about. But once you’re secured over wireless, whatever benefits existed are now gone. At best it might keep rogue devices off the network by those who otherwise have permission to use your network anyway. But most of the time it’s more hassle than it’s worth.

At that point, unless you have open ports on your router’s firewall (which you normally shouldn’t), that’s about as secure as it’s going to get. You should run a port test w/ Shields Up ( https://www.grc.com/x/ne.dll?bh0bkyd2 ) to verify that not only are your ports closed, but stealthy as well. The potential for mischief comes later as you perhaps open ports for remote access, gaming, etc. In those cases I suggest using applications that don’t require opening ports (e.g., Hamachi (VPN), LogMeIn (remote desktop)).

There’s also a debate whether using UPnP (Universal Plug N Play) should or shouldn’t be enabled. UPnP allows applications to open and close ports on the firewall as they need them. Mighty convenient when compared to managing those same ports manually. OTOH, it’s also convenient for any malware that finds its way into your system. OTOH (again), the fact UPnP closes ports when it’s done using them (assuming the application terminated cleanly) is an argument in favor of UPnP. So I’m not sure which is the right answer.

SSID broadcasts: Enabled
Wireless Security: WPA2/WPA w/ high-quality key
MAC Filtering: Disabled
WAN Ports: All Stealthy
UPnP: Disabled (certainly if you don’t need ports opened anyway)

 

[simonyeovil]

Thanks for your kind replies. I am using 1 10 char alpha-numeric passkey & WEP, as WPA is not provided with my 811-b kit. I have zone alarm, the firewall on the Belkin Router & the Windows XP built in one. Shields up suggests no open ports & I have re-enabled SSID.

I am still wondering as to how someone could access files on my hard disk & change things. What tools would they use? etc?

Thanks,

Simon

 

[eibgrad]

Thanks for your kind replies. I am using 1 10 char alpha-numeric passkey & WEP, as WPA is not provided with my 811-b kit. I have zone alarm, the firewall on the Belkin Router & the Windows XP built in one. Shields up suggests no open ports & I have re-enabled SSID.

I am still wondering as to how someone could access files on my hard disk & change things. What tools would they use? etc?

Thanks,

Simon

The most obvious and easiest means is to crack your WEP key (which these days, using readily available tools on the Internet, can be accomplished in about 60 seconds). At that point, they're on your network just like YOU!

So it's time to either disable wireless or better yet get a modern wireless router which supports WPA2/WPA.

 

[simonyeovil]

Thanks, I'm going to use ethernet via cable for my main PC & wireless with WPA & the other suggested ideas for the laptops.

I'm still intriqued as to what techniques/software I would use to access the files on my PCs. It it remote control, ftp, telnet etc.

I want to try & access my own files & use that as a benchmark when I try again with WPA & the other things people have kindly suggested. I read somewhere that trying to hack into your own system is the best way to see how easy or not it is.

I have a copy of Kismet & AirSnort, but these don't seem to help me access my PCs files.

Thabks,

Simon

The most obvious and easiest means is to crack your WEP key (which these days, using readily available tools on the Internet, can be accomplished in about 60 seconds). At that point, they're on your network just like YOU!

So it's time to either disable wireless or better yet get a modern wireless router which supports WPA2/WPA.

 

[eibgrad]

Thanks, I'm going to use ethernet via cable for my main PC & wireless with WPA & the other suggested ideas for the laptops.

I'm still intriqued as to what techniques/software I would use to access the files on my PCs. It it remote control, ftp, telnet etc.

I want to try & access my own files & use that as a benchmark when I try again with WPA & the other things people have kindly suggested. I read somewhere that trying to hack into your own system is the best way to see how easy or not it is.

I have a copy of Kismet & AirSnort, but these don't seem to help me access my PCs files.

Thabks,

Simon

I'm not sure that trying to hack your own system proves your system is safe. After all, that assumes you know and understand all the possible ways your system can be compromised. Even I don't know *every* possible means. Nor do I spend time trying to learn the same techniques. But like most ppl, I try to have a broad understanding of how things work and the ways to at least make my system not so much impenetrable (I'm not sure that's possible short of being OFF the Internet), but convince anyone interested there are far easier targets.

Here's an example of what's important to know.

Your local network uses Ethernet. Ethernet is 100% UNsecured. Ethernet was invented at a time when ppl only had closed, local networks and where trust was assumed (office or home). Then came the Internet and now that same technology was potentially exposed to the Internet. Therefore, all anyone had to do to compromise your local network is find a way on to it. Poor or no wireless security is one way. Once a wireless user is on your network, they can sniff your Ethernet traffic, spoof MAC addresses, engage in ARP poisoning, MITM (Man In The Middle) attacks, etc. I'm not going into detail about these since it's easy enough to research yourself. But the fact Ethernet is unsecured makes a wide range of attacks possible.

Likewise TCP/IP is UNsecured. That's why SSL and VPNs were created, to require authentication and encryption of your TCP/IP traffic. Do you enjoy online gaming or require remote access and leave ports open on the firewall? Every open port is an invitation to a hacker looking for a vulnerability in the service bound to that port. If that service can be compromised, then the hacker is possibly inside your local network again, and all the previous problems I mentioned about Ethernet become a distinct possibility.

That's why you can't test every possible avenue of attack. Most of us don't know every possible vulnerability. Even the provider of the service may not know until it's compromised by hackers and then hopefully fixed. But what's more important for you and me is to know is HOW it can happen and then take reasonable precautions. For example, don't leave ports open all the time, but only as necessary. Or better yet, use services that don't require leaving ports open (e.g., LogMeIn, Hamachi (VPN)). Or maybe have two networks where only one is exposed to the Internet w/ open ports and the other is not. Numerous strategies are possible, with varying degrees of effectiveness and hassle. But it’s the knowledge that open ports are a potential problem that's more important than knowing every possible threat.

Of course, then there’s malware that tricks you into letting the bad guys into your local network. So you need to be careful to not arbitrarily click on links you don’t trust. Or open email attachments from ppl you don’t trust (even then it’s possible to be harmed if you do trust them but they don’t know the attachment is malware either). Perhaps turn off scripting on your browser (an increasingly popular means to attack your network) and only enable it for sites you trust. Or use Firefox instead of IE and use the NoScript add-on.

Don’t connect to open wifi networks w/o using a VPN. Hackers love to hang around open wifi locations and eavesdrop on the unencrypted data streams that flow between unsuspecting customers and the wifi hotpsot.

Lots of different strategies to deal w/ different types of problems. I can’t list them all. You just need to learn by researching and staying on top of the topic.