bbbbbb555

in my house i get a good signal from my wireless router and 2 other ones from neighbors i guess. i can connect to all of them since the other 2 have no kind of encryption, so i was wondering if there is a way to connect to them all at once and somehow get faster internet. im not sure if this is possible, but let me know.
thanks

kofspades

nope, it won't work

__________________
Even if you stop the clock, it gives the right time twice a day.
Once we get out of the eighties, the nineties are going to make the sixties look like the fifties.

Y2KDREAD

and it's not really that lega lto connect to neighbors networks.

__________________
Signatures are for chumps.

Flyguy

I pick up other people's signals all the time with my laptop. If your neighbor doesn't take the time to read the instructions and lock down his router, then it's his own damn fault.

glytch

I'm not positive on this, but I believe for this trick to work, you would need a wireless card for each connection.

__________________
If you're flammable and have legs, you are never blocking a fire exit. - Mitch Hedberg

Mephisto2

The same way it's somebody's "own damn fault" if they don't lock their back door and you go in and steal from them?

If you do this,

a) You're a hacker (and not in the positive meaning of the word)
b) You're a thief (in the negative meaning of the word)
c) You should know better


To answer the question, there is no easy way to bind three seperate WLAN networks, each from different subnets, into one "fat pipe".


Mr Mephisto

tehrob

there used to be (therefore still is,) a thing called a shotgun modem that does exactly what you are talking about, but with a modem, or several modems to get faster speeds.

In fact, I think most servers can do this, I think it's called load balancing if you need something to llok up in Google some time.

bbbbbb555

thanks for the advice, i have only used the neighbors network when there were some problems with mine, but i agree with the people that say if they dont have encryption then it is free for all.

Flyguy

I'm sorry but I call complete bullshit. You're comparing apples to oranges. Trespassing on your property and someone too damn lazy to read the instruction manual are two completely different things. And I'm not a hacker by the way. I have a wireless card that AUTOMATICALLY seeks out the best network to hop on to. And if it finds one without encryption, it'll hop on. That's what it's designed to do.

Bottom line, lock down your shit or don't complain if people are using your bandwidth. It's very simple to do. It won't keep out serious hackers, (there's almost no way to keep out someone who's determined enough anyway) but it'll keep out passer-by's with net stumbler on their laptops.

portwineboy

Some people, like me, keep their wireless link open knowingly.

In NYC I frequently connect up to open WAPs and check email and such. If I was running a bit torrent client 24/7 or dl'ing huge files, then maybe I'd be a thief.

I'd say what I do is more akin to taking a drink from the neighbors garden hose.

I'm not a thief or hacker.

Proposed amendment to a law in NH (HB495) says:

1 Computer Related Offenses; Network Security. Amend RSA 638:17, I to read as follows:

I.(a) A person is guilty of the computer crime of unauthorized access to a computer or computer network when, knowing that the person is not authorized to do so, he or she knowingly accesses or causes to be accessed any computer or computer network without authorization. It shall be an affirmative defense to a prosecution for unauthorized access to a computer or computer network that:

[(a)] (1) The person reasonably believed that the owner of the computer or computer network, or a person empowered to license access thereto, had authorized him or her to access; or

[(b)] (2) The person reasonably believed that the owner of the computer or computer network, or a person empowered to license access thereto, would have authorized the person to access without payment of any consideration; or

[(c)] (3) The person reasonably could not have known that his or her access was unauthorized.

(b) The owner of a wireless computer network shall be responsible for securing such computer network. It shall be an affirmative defense to a prosecution for unauthorized access to a wireless computer network if the unauthorized access complies with the conditions set forth in subparagraph I(a)(1)-(3).

__________________
If you can read this, thank a teacher.
If you can read this in English, thank a veteran.

JustDisGuy

Not necessarily. I run an open WiFi node as a service to my neighbors and as an act of self-protection.

My neighbors get free broadband access if they want it, and I get the necessary 'shadow of a doubt' about who was at the keyboard (or even, whose keyboard was in use!) when the latest GreenDay album was downloaded... well, perhaps when it was uploaded. It's apparently completely legal to download music here in Canada... uploading may or may not be.

Either way, having an open WiFi node in my home enhances the anonymous nature of the internet for users who wish to remain anonymous, and it's being provided intentionally. If I find another open WiFi node, I can only assume that it is intentionally configured that way - I see no reason to think otherwise.

__________________
"Act as if the future of the universe depends on what you do, while laughing at yourself for thinking that your actions make any difference."

Mephisto2

This simply shows a lack of understanding of WLAN security on your part.

It is entirely possible to secure a WLAN in such a manner that will prevent any hacking.

With regards to justifying stealing someone else's bandwidth, simply because "it's there" and it's "their own fault", I think you and I will simply have to disagree.

It is no different from stealing something from someone's house. I guess you're the kind of guy who would pick up a ball of cash left lying just outside someone's door because it was their own "damn fault" for dropping it.

Whatever floats your boat buddie...


Mr Mephisto

Mephisto2

That's fair enough and indeed quite common in some areas. It's called community networking. Kudos for you for doing this. But flyguy implied that they knew the other person had not intended it this way and it was "their own damn fault."

If people here honestly can't see a difference, then the problem lies with them, not me.

You could argue that, but chances are that most people have unencrypted WiFi networks due to errors on their part. To argue otherwise is to dodge the question. I believe in many states, claiming "ignorance" is not a legal defence. At least that's what the cop shows would have us believe.

Anyway, I'm not going to get into an ethical argument about the pros and cons of stealing bandwidth from non-technical users. Any reasonable person knows this is wrong. There's a chance it's being offered free, but there's also a higher probability that it is not.


Mr Mephisto

bendsley

The closest thing I can think of is something called channel(port)-bonding. You would actually need 3 network cards to make this work (in this case you are describing), so it's really not worth it.

__________________
"You hear the one about the fella who died, went to the pearly gates? St. Peter let him in. Sees a guy in a suit making a closing argument. Says, "Who's that?" St. Peter says, "Oh, that's God. Thinks he's Denny Crane."

Flyguy

Fact is that you don't know if it’s being offered free or not. Maybe the guy really is leaving his router unsecured to increase his anonymity. Personally, I think it's a good idea to help cover your ass. But I guess we can agree to disagree.

Also, regarding WLAN security, most likely there's always a way in. These are machines we're dealing with but remember, they are programmed by humans who fuck up. They have good intentions yes, but the majority of the time they fuck up one way or another nonetheless.

And another thing, if anyone has ever used this address line:

http://68.124.92.203/mpk.php?cmd=x&s...1=Submit+Query

and called someone else a "hacker" you're nothing but a fucking hypocrite. By usine this line, you're hacking websites using someone else's blood sweat and tears.

JStrider

i know you can find out the WEP encryption with some software that catches all the packets it can being sent and looks for certain "interesting" packets and after its gotten enough of them in can tell you the password... it normally takes a couple days at minimum... longer if their is low traffic...

its on the knoppix STD distro...

__________________
-=JStrider=-

~Clatto Verata Nicto

BuDDaH

Change of tone, is needed people.
Let's try sticking to the topic, ok?

__________________
I'd hit that so hard whoever could pull me out would become King of England!

Mephisto2

I think you misunderstand the recent developments in WLAN security.

WEP itself is a fundamentally weak encryption protocol. I won't go into technical details here, but due to the statistical probability of reusing a particular IV (Initialization Vector) to generate your WEP key, it's possible to crack WEP if you capture a sufficient number of packets. In other words, if you "listen" long enough, capture the packets and "decode" them offline later.

What does this mean?

If you "listen" (or "capture") enough WLAN packets, you can break the WEP key by using some freely available tools. Basically this means you setup your laptop to intercept WLAN traffic, and use the packets you capture to crack the key (more details available upon request).

WPA (WiFi Protected Access) introduces some significant enhancements to basic WEP to address these weaknesses. The most important contribution is a new (sub)protocol called TKIP. This stands for Temporal Key Integrity Protocol. It basically means that each and every packet uses a different (or non-predictable) IV value to generate the particular WEP key value, thereby avoiding the statistical probability of a hacker ascertaining your basic WEP key.

WPA also introduces BKR (Broadcast Key Rotation) and MIC (Message Integrity Check) that address other, less well known, weaknesses.

Finally, WPA also provides a system for key management, that allows the periodic regeneration of WEP keys, irrespective of the added security provided by TKIP.

In otherwords, WPA hardens wireless security to level such that is UNBROKEN and entirely secure.


Now, let's move on.

WPA is based upon WEP. And we know that WEP is fundamentally flawed. So the IEEE moved to introduce new security protocols to improve security in wireless networks. Hence the introduction of 802.11i (also known as WPA2).

Without going into too much detail, 802.11i/WPA2 replaces WEP entirely with a new block-cipher system based upon AES (or Advanced Encryption Standar). This is the encryption standard required by the US Government and Federal Agencies and is required for FIPS140 compliance (the Federal standard for encryption used for sensitive information).

What does this mean?

802.11i is even "stronger" than WPA. It should be considered the "next generation" of wireless security. Like WPA, it is currently unbroken and entirely secure.




THEREFORE...


WLANs have two options for copper-fastened security.

WEP with WPA (TKIP, MIC, BKR and key management)
or
802.11i / WPA2 (AES and key management)




Anyone who tells you WLANs cannot be secured doesn't know what they're talking about. If board-members want more information, or links to technical specs and documentation, just ask.



Mr Mephisto

Mephisto2

No.

I only disagree that you think it's someone's "own damn fault" if they prevent you stealing their bandwidth. We're not talking about WLAN security (which you obviously don't understand), but about fundamental ethical issues (which you seems to understand, but about which you couldn't care less).

And people drive cars without wearing seat-belts. What's your point?


I have no idea what you're talking about here, and the link doesn't appear to work. Finally, the less you curse, the more likely you'll be taken seriously.


Mr Mephisto

portwineboy

That link is the password generator link that is on the links board. (can I say "link" again?)

__________________
If you can read this, thank a teacher.
If you can read this in English, thank a veteran.

NeoSparky

Ok, mephisto that quote just kind of pissed me off. First off someone using someone else's wifi knowingly or not is not a hacker.
per dictionary.com
1) One who is proficient at using or programming a computer; a computer buff.
2) One who uses programming skills to gain illegal access to a computer network or file

Since getting onto an unprotected wifi network is child's play (i.e. grandma could do it) there is no programing involved.

now if the networked was locked down thru wep, and mac filtering.. and still someone got thru it. Then I would consider that person a hacker (if he or she wrote the code to do it on their own.) I'd call them a script kiddie if they downloaded some script from the net to do the work for them.


also there is no 100% effective way to lock down a wifi no matter what anyone says. The only 100% secure network is an ethernet lan with no outside network access.

JustDisGuy

Erm... a 100% secure network (WiFi, wired or otherwise) is an impossibility, if you allow people to use it. A 99.999% secure network is impractical at best, and quite difficult to accomplish without some of the bleeding edge hardware out there that has integrated TRUE random number generators.

If you believe your network to be 100% secure, you've deluded yourself, and exposed your network to exploitation.

My humble opinion only, of course. <g>

__________________
"Act as if the future of the universe depends on what you do, while laughing at yourself for thinking that your actions make any difference."

NeoSparky

I agree completly.. What I mean by a network regarding 100% secure is one composed of only computers I use and in an environment that has no outside network access. i.e. a single switch connected to said computers. no phone lines, no wifi, etc..

but honestly what would be the point of that?

Mephisto2

WEP with properly implemented WPA is unbroken.

Note that there is a conceptual weakness to offline "dictionary attack"-like hacking, but it would require a database with 2.9010624113146182337306275467414e+39 entries. I don't think you (or any human) has anyway comprehension of how big that number is. Then you would have to scan it looking for a match. Currently, assuming approximately 25 million fields are checked per second , scanning that database would take more years than the Universe has existed. For example, in a recent analysis my colleagues and I did into a similiar dictionary attack, it worked out that it would take 1,900,000,000 years to scan a dictionary that is 25 orders of magnitude SMALLER than the one above.

So yeah... I guess you could say that it's not 100% secure. But I doubt you're gonna hack it mate. :-) You dont' seem to undestand the fundamental underlying cryptographic concepts.


Moving on,

Because WEP is still a flawed RC4 based protocol, the 802.11i protocol was developed. This replaces WEP with 128bit AES, in CCM mode (CCM is Counter Mode for confidentiality and CBC-MAC mode for integrity). It also uses an optimized 4-way handshake to establish the PTK (Pairwise Transient Key) and distribute the GTK (Group Transient Key).

If you want more information on 802.11i, and how it prevents WLAN hacking with any tools currently available, then go to http://csrc.nist.gov/wireless/S10_80...erview-jw1.pdf - The Computer Security Resource Centre of the National Institute of Standards and Technology.

802.11i, using AES instead of WEP, is unbroken.


What's the point of all these statistics and references? Basically, for all intents and purposes, it IS possible to secure a WLAN against hacking.


Mr Mephisto

Mephisto2

Written another way, there are 29,010,624,113,146,182,337,306,275,467,414,000,000,000,000,000,000,000,000,000,000,000,000,000 values that would have to be analyzed to "crack" WPA. That normally take 3,679,683,423,788,201,717,060,664 years if you could analyze 25million fields a second (a reasonable value based upon today's CPUs). That's considerably longer than the Universe has existed.

You could reduce the time required by using a hybrid of hueristics, probability filtering and the so-called "fast memory trade-off technique". Who knows? You might get it down to a couple of Billion years.

Somehow I doubt you're gonna do it. :-)

And, of course, then there's always 802.11i which doesn't use WEP/WPA at all.


QED



Mr Mephisto

JustDisGuy

...and after applying all that technological security WEP, WPA, or otherwise you have to work around users that are <a href=http://www.securitypipeline.com/news/18902074>willing to trade their passwords for chocolate</a>.

__________________
"Act as if the future of the universe depends on what you do, while laughing at yourself for thinking that your actions make any difference."

Mephisto2

LOL

Old, but very funny story.

Just goes to show you, as you imply, that social engineering will always be the easiest way into an enterprise network. :-)

Mr Mephisto

PS - I have some really hot dot.com stocks to sell you if you're interested....

NeoSparky

This argument only works if the very last possibilty is the one that works, and also assumes that your doing a brute force method of cracking on a single PC. What about distributed?

Where there's a will, there's a way.

Granted the security protocols are getting better as time goes by, but unless a network is completly isolated it will never be 100% secure. I think we can agree to that.

My personal network is set for mac filtering and wep is disabled. It keeps the honest people honest and I dont have to take a performance hit to keep wep up and running. Anyone that really wants into my network is going to get into it, but as soon as they do I'll know about it.

I understand cyptography very well actually, There are more ways to break things than brute force methods, but thats not what this whole thing is about. You were telling everyone that it's possible to completly secure a wifi network and I was correcting you that it is not, you can come close to being completly secure but you can never achieve 100% security with any network.


also anyone that broadcasts a wifi signal without some sort of security on it is just begging to have uninvited guests on their network. And those people that choose to be the uninvited guests are neither hackers or thief's in any sense of the word, bump up the security so you have to work to get into it.. then you may be called a hacker.. once on the network and you steal things you do not have access to otherwise then your a thief. But to use bandwidth from someone else, your not a hacker.


to the original response, anything's possible but sometimes just not practical.

Mephisto2

Did you read what I posted?

That is specifically what is meant by using heuristics, statistical probability filtering and the fast memory trade off.

Heuristics would mean that you populate the beginning of your database (the one that has more records than there are molecules in the Universe) with more likely values and take intelligent field selection into account.

Statistical probability filtering means you set your database scanning to
"score" a hit if it gets 75% or 80% or 85% of values, rather than waiting for a perfect match.

Fast memory trade-off technique more or less means breaking your uber-database into several parts.


So, I'm not talking about brute force. Even with all those tricks used, you are still talking about millions (if not BILLIONS) of years. And this to gain access to your home network?

lol

I think not.


Wow. Personally, I'd go with WPA. The client impact of WPA is pretty neglibable unless you are using some kind of ASD (Application Specific Device). But your choice.

Yes there are more ways to crack passwords than the brute force method, and I explicitly referenced and discussed them. :-)

I was telling people that current WLAN standards are unbroken, not unbreakable.

So therefore, for all intents and purposes, it IS possible to entirely secure a WLAN using current standards. I think the repeated and lengthy posts I made were quite clear. But if you want to be anally retentive, then ALL information, apart from that encrypted using one-time hashing, PKI or so-called quantum encryption is crackable.

So is your wired nework, by the way. But you don't see anyone scaring people about that, because

a) It is hard
b) It is unlikely

Also, 802.11i/WPA2 is even stronger than WPA, so the conceptual weakness that WEP suffers does not even apply to AES.

And your continuing to argue the point that WLANs are "unsecure" is like thelogians arguing about how many angels can dance on the head of pin.

It is CONCEPTUALLY POSSIBLE for you to disappear in a flash of quantum uncertainty. This is entirely in line with the laws of Quantum Physics. But the likliehood of it happening is so low as to not warrant mentioning.

Let me repeat myself.

If you use WPA in PSK mode (Pre Shared Key), and implement it correctly, your network is entirely secure.

Whilst it is conceptually possible to crack WPA, to do so (using current technology) would take more years than life has existed on Earth.

If you use WPA in EAP mode (for enterprise deployments), then the liklihood is even lower, due to the enhanced key management provided by EAP.

If you use AES, then it is (as far as the US Government and Pentagon are concerned) unbroken and unbreakable. This is the encryption standard required for FIPS140 certification (as a reference). FIPS140 is the standard that the US Government require to secure confidential information.



That's your opinion. I think jumping onto someone's network without explicitly being invited is wrong. If the owner "sees" you, the first thing they'll think is "There is a hacker on my network".

Therefore you ARE a hacker.

In other words, if you were not invited, you shouldn't be there and if the owner thinks you're a hacker, then you are a hacker.

If the label bothers you, don't steal someone's bandwidth.




Mr Mephisto

NeoSparky

I agree that jumping onto someone else's network is "wrong." But there is currently no legislation to say it's illegal or any way to prove who is on your network.

I'm sorry my friend but just someone thinks your a hacker doesn't mean it's the truth. Thats an argument my 13 year old brother would use. If I remember right it's a self fullfilling prophecy type of argument.

I'm tired of all these uneducated people going around calling random people hackers. I'd say about 80% of the people called hackers are really just script kiddies, the other 20% barely know where the on button is on the computer. A true hacker you wont find breaking into home networks. The term hacker is thrown around way to often these days and i'm personally tired of hearing it overused.

I have no need to use anyone bandwidth except my own.

Since you like analogy's so much, an unprotected wifi is analogous to a public museum. Anyone is welcome to stop by and check it out.

a poorly secured network (mac filtering, wep, etc.) Is more like an amusement park. There's lots of stuff going on inside, there's a way in but you have to pay for it. If your sneaky you can get in without having to pay for it.

a wired lan is going to be more like a federal penitentiary with gaurds posted everywhere and bloodhounds all over making sure everything is all good.

and the 100% secured network (a computer isolated with no network access or a group of computers only interconnected to each other with no outside access) would be like alcatraz surrounded by molton lava.

Mephisto2

Language evolves.

Hacker originally meant someone who was technically astute and had excellent skills. It didn't have any negative or security related conotations at all. But today it does.


If "most" people thinks hijacking bandwidth is hacking, then ipso facto it IS hacking. Anyway, I know stealing someone's bandwidth, from an unsecured WLAN, is not hacking in the traditional meaing of the word, but so what?


With regards to the analogies you use, I think they're funny.

Funny is a good way. :-)



Mr Mephisto

qtpye4u84

To bad I dont have neighbors like that. My signal wont reach to my room down stairs(not a tec person) I even bought a new wireless, so I had to bring it back. I need to get another cable modem and put it in my room I guess.

__________________
The QTpie