I understand this is only tangential to phone security, but my phone is connected to the LAN and I know there are some great experts here.
Here's my situation: a few days ago I had some equipment installed that required wireless access. I had to give the installer my LAN password in order to set it up. After he finished and left the house I noticed he was still in his truck for more than 5 minutes and appeared to be using a laptop. My paranoia kicked in and I unplugged my modem.
My question is what's the worst could someone do on short notice with your LAN password? I've only noticed one oddity since then. I listen to SiriusXM streaming every day. Today it told me that I was listening on a different device (which I wasn't) and did I want to continue on my desktop. That's the only unusual thing I've noticed. Malwarebytes and Norton scans don't show anything. WinPatrol hasn't noted any new bootup programs.
I know I should have changed my LAN password immediately but I have probably more than 25 devices that connect to it and it's a major PITA to go to each one and change the connection password. I will do that today but I'm still wondering what a bad guy can do with my LAN password and SSID. I do live in a semi-rural area and a stranger would stand out immediately, so I'm not concerned with some sort of war driving event.
If someone knows of a better forum to post my questions I would appreciate that as well.
Thanks!
Windows 8.1
Apple Airport Express router
Bob Coxner said:
My question is what's the worst could someone do on short notice with your LAN password? I've only noticed one oddity since then. I listen to SiriusXM streaming every day. Today it told me that I was listening on a different device (which I wasn't) and did I want to continue on my desktop. That's the only unusual thing I've noticed. Malwarebytes and Norton scans don't show anything. WinPatrol hasn't noted any new bootup programs.
Click to expand...
Click to collapse
You are talking about you´re WLAN password, right?
Yes. WLAN password.
Well, the worst thing I think is infecting one of you're device inside you're LAN or changing you're router configuration to allow access from outside.
If you're device are secure and up-to-date I don't think he could have done anything harmful (except downloading illegal things)
Worst case
If they came prepared and had everything set on their laptop beforehand they could set up a man in the middle attack on the router such that everything you get is also routed though them. Do not worry most websites use ssl to encrypt traffic which is mostly unbreakable on a well setup website. I wouldn't use anything from a "small website" only google Facebook twitter and the big name, they are reliably secure. He will still be able to see the sites but not the data. One thing to be careful of is that google directs searches inside the url so he will still be able to see searches and even which search page. He could have also setup a backdoor in the router so he can get in later and do more. If you want more pleas pm me with the router model so I can look into it. do not give me the external address or password I dont want that only the modle number.
Just theoretically this is the worst case scenario of five minutes. he would have to have everything ready beforehand and be skilled and type faster than most people but the mere possibility of this is why I got my own router sealed and set it up myself.
Related
Hi All, I have a question I'm hoping someone might be able to help me with.
I have a Nexus S i9020A running CM 7.0.2 on AT&T. I've noticed something strange lately and can't quite pinpoint the problem.
I'm running a server at my house with a no-ip address to access my tv show downloads. I'm able to access this from the browser (any browser) while connected to wireless (in my network, or out) but only intermittently while on cellular data. When it isn't working it simply keeps trying to connect until it times out. I haven't yet recognized a pattern of when it works vs when it doesn't.
I thought for a bit it might be a DNS issue, but even with the straight IP address it won't load. Funny thing is, I'm still able to SSH into my router using ConnectBot, so I know the address is correct and the phone can see it. Other apps like RDP won't work either while I'm having this issue.
It's not the end of the world, but it sure is annoying. I'd like for it to work whenever I need it. Any ideas?! I'm stumped.
Thanks everybody!
Tim
I know nothing about networking, just so you know. It sounds like you know much more. I will offer a guess. With some other phones than the ns, sprint has multimedia proxies set for when you are on their network. Streaming music works on wifi but not cell. Use the msl to get into settings, ##data# is the code for sprint phones, and I forget what they are called but there's two proxy addresses and ports that need to be zeroed out then reboot in order to get streaming to work. This is probably not a solution for you but I thought I'd offer something since nobody else has chimed in yet for suggestions.
RS something or another. The other setting is always right next to the first one and generally at the bottom of the list of settings. It could be in advanced or multimedia. Different places for different phones. It would be wise to write down the default addresses and ports before changing them in case it doesn't work or breaks something. It usually doesn't though.
Hey herb, thanks for the response. I see what you're saying, but I don't think it applies here. I know I made it sound like I was streaming or downloading music through the phone...my mistake. What I actually meant was that I'm accessing a web site running from my house to control my home machine downloading music. It's nothing complicated, I'm just sure I'm explaining it terribly.
But, essentially it's just a regular old web page. It's just very strange that it would work wireless and not over cellular. They do run on funky ports, so that they're blocking or redirecting some stuff is very possible. Annoying...
So the S3 has known WiFi issues, but mine seems to have none of the issues I've read about thus far. It does have one irritating thing that has been driving me crazy for the longest time. If I ever move outside of the range of my network, reboot, or etc such that the WiFi has to be reestablished, it will decide that my network is "out of range" even though the signal is well within an acceptable minimum (it's a tad bit weak, but, once established it holds extremely steady pretty much no matter what I'm doing.) If I remove and re-add the network settings it works perfectly, again with a stable signal and perfect speeds until the next time I move out of range or reboot.
For now I've reenabled SSID broadcast, but I really liked the idea of having it off as it's a ridiculously simple yet strikingly effective security mechanism (I like the "security through obscurity" methods when I can -- especially since I'm having to use the old WEP encryption protocol to support some older devices, though I'm just about ready just to give up on them at this point. Even the best hacker in the world couldn't get into my network if (s)he never actually made any attempt to do so in the first place.) With SSID enabled, it has no troubles picking up my network every time, it just won't automatically pick it up without it.
Is this just an issue with the software itself or something? Anything that can be fixed from the user side, or is it something that can only be fixed by an update to the OS or related software itself? (But then with 4.1 coming soon supposedly I'm kind of hoping that if it is an issue with the software that would fix it. Still, that's a while away at least and this is assuming their plans aren't messed up with this whole lawsuit business causing them so many problems right now.)
If you have SSID broadcast disabled, how do you expect your phone to recognize the network? I can see how it would work if you enable SSID, connect to your network then disable it again, but it's not going magically reconnect with SSID disabled, its not logical seeing your SSID is what makes it possible for your phone to find your network.
Sent from my SCH-I535 using xda app-developers app
Wep sucks ofcourse but how about just setting up a mac addy auth to give another layer of security and enable ur ssid
Sent from my SCH-I535
I do use MAC address filtering if that's what you mean. While it might stop a script kiddie, I don't have a huge amount of confidence in it. MAC address spoofing is so pitifully easy than with computer equipment at least you usually are even presented with a configuration option that lets you specifically change the MAC address to anything you want. I'm definitely sticking with it because, well, there's absolutely no reason not to, but I actually have less confidence in MAC address filtering to stop anyone than disabled SSID broadcasting because anyone actually actively trying to break in should pretty much immediately bypass that particular mechanism right off.
Shibby87 said:
If you have SSID broadcast disabled, how do you expect your phone to recognize the network? I can see how it would work if you enable SSID, connect to your network then disable it again, but it's not going magically reconnect with SSID disabled, its not logical seeing your SSID is what makes it possible for your phone to find your network.
Click to expand...
Click to collapse
ALL other devices are smart enough to search for a manually configured network if they actually know the SSID to search for. My Roku, my Android 2.2 "Internet Tablet" (basically a PDA) by Archos, my Nintendo DS (this is the main thing holding me back at WEP, and as ancient and pitiful as its networking is, even IT can connect on its own without making me manually recreate the settings every time!) and my EeePC running Windows XP without any software to manage the WiFi settings except the built-in Windows thing.
Nazo said:
So the S3 has known WiFi issues, but mine seems to have none of the issues I've read about thus far. It does have one irritating thing that has been driving me crazy for the longest time. If I ever move outside of the range of my network, reboot, or etc such that the WiFi has to be reestablished, it will decide that my network is "out of range" even though the signal is well within an acceptable minimum (it's a tad bit weak, but, once established it holds extremely steady pretty much no matter what I'm doing.) If I remove and re-add the network settings it works perfectly, again with a stable signal and perfect speeds until the next time I move out of range or reboot.
For now I've reenabled SSID broadcast, but I really liked the idea of having it off as it's a ridiculously simple yet strikingly effective security mechanism (I like the "security through obscurity" methods when I can -- especially since I'm having to use the old WEP encryption protocol to support some older devices, though I'm just about ready just to give up on them at this point. Even the best hacker in the world couldn't get into my network if (s)he never actually made any attempt to do so in the first place.) With SSID enabled, it has no troubles picking up my network every time, it just won't automatically pick it up without it.
Is this just an issue with the software itself or something? Anything that can be fixed from the user side, or is it something that can only be fixed by an update to the OS or related software itself? (But then with 4.1 coming soon supposedly I'm kind of hoping that if it is an issue with the software that would fix it. Still, that's a while away at least and this is assuming their plans aren't messed up with this whole lawsuit business causing them so many problems right now.)
Click to expand...
Click to collapse
hidden ssid enabler will solve this problem. it works great for me. follow the directions in comments of play store though.
You know, I do believe that did actually solve the problem. I guess more testing is needed, but in my initial test it seems to have worked just fine with the SSID broadcast set to hidden again (I even rebooted the router and phone both just to be sure the settings fully took.)
It still strikes me as being a bit dumb that my ancient Nintendo DS that can't even handle WPA can handle a non-broadcast SSID and my previous Android PDA could as well, yet this Android phone couldn't out of the box...
I'm helping out with a number of upgrades and issues at a medical clinic where my wife works. It's a small business so there's not much in the way of an 'IT dept.' It's just been one issue after another and still being in school for this stuff it's been an experience to say the least. Half the programs I've never dealt with, the server was full of junk , out of date on everything (running server 2008 on top of it), only had 2 HDD's setup on raid0, was only running on 1 network cable even though there was an entire other and newer NIC installed with 2 more ports, and had a number of viruses that forced us to wipe it and re-install everything.
Now that that's working and I've got all the other computers connected and all that jazz we have another issue.
The modem-router has an issue. We can't get to the config page. It's a DSL modem-wifi router (upgrade??) from AT&T. After hard wiring a computer directly to it and going to it's login address (192.168.1.1) it asks for the username and password. Type that in and nothing - the page is blank. It's the correct IP, the username and password is correct, so what gives? Power cycling accomplished nothing and I'd prefer not to reset it since over a dozen workstations connect to it. Not to mention being wireless and in a medical facility I'm sure HIPPA wouldn't be to thrilled about an unsecured connection.
Is this a perfect time for AT&T to come out and give them a new one or is there something I'm missing? They're obviously not very bright since last nights resolution from them was to reset the connection on their end. "that should help with the speeds and make it faster" - umm, right. Since that sounds like the issue we called about...
--
The best you can hope for from AT&T is ti replace the gateway. If you're absolutely sure the admin name & password are correct, I say reset it. If they exchange the router, you're gonna have to re-enter all that stuff anyway.
-- Sent from my TouchPad using Communities
long story short- we live in a big house, one of the guys is way behind on rent, the cable/internet is in his name. as one last "f*** you" to the rest of us while he's being evicted, he changed the wifi login to something the rest of us don't know (we've been splitting the cable bill among the 4 of us this whole time)
so the modem is a comcast/xfinity branded XB2 "all-in-one" modem/router made by Arris.
the default network name and password are printed on the outside of the modem.
also printed on the outside is the serial number (alphanumeric 15-character), a CM MAC, an E-MTA MAC, and a WAN MAC.
now of course I could just hold down the reset button for 30 seconds, use the default login, change it to something new, and take over the modem, but that only lasts as long as it takes him to call comcast and get them to override the modem/internet service.
I've got an old android that I've rooted just for this purpose. (I don't have access to a laptop or pc with a wifi adapter right now) I've tried using androdumper to brute force the wifi to no avail.
i think the best way to go about this is... hard reset the modem... log into the modem using default info... and then what? that's where i'm stumped. i'm pretty new at this (if you couldn't tell)
is there any info I can pull off of the comcast/arris modem screen (10.0.0.1 I believe is the address) that I can later use to pull the wifi password?
any android apps I can use to pull the wifi password?
Security is WPA
Before this guy changed the password, I looked at the security settings using 10.0.0.1 and they were set to "very lax" or whatever comcast calls it.
If you have any questions for me I'll try to answer them the best I can
Thank you in advance for all the help
Just hard reset it and change the password to something your crew agrees with..
I can't think of a worse punishment than to have anyone deal with customer service repeatedly.
Even more so if you can keep his hands off of it..
nutpants said:
Just hard reset it and change the password to something your crew agrees with..
I can't think of a worse punishment than to have anyone deal with customer service repeatedly.
Even more so if you can keep his hands off of it..
Click to expand...
Click to collapse
i hear ya, especially comcast customer service, but it's not really a solution. i've given this a lot of thought, i'd rather not go through all the hassle, but i've already gone to the trouble of rooting my phone and scouring the internet for android apps and wordlists and brute force solutions, all to no avail
if we "misplace" the modem that gives the guy an excuse to get the cops involved and trust me he'd love an excuse to call the cops and stir up even more s***
could anyone please recommend an app to crack the wifi?
or maybe a link to some instructions/things to try?
FYI the phone I have rooted is a samsung galaxy centura
Just hard reset the damn modem. it takes less than 5 minutes. Once you reset it, change the default password. Reset the wifi as the same SSID, and put in a new password.
What's going to happen is this: He'll reset the modem again, and do the exact same thing, again. your problem is this: the Comcast service agreement is in HIS name. He doesn't even have to get the cops involved. All he has to do is call Comcast and THEY will come after you for theft of service, and they do not back down easily. Give up while you're ahead.
Your best option is this - Call Comcast. tell them you evicted this person, and that he left an active cable internet account at your address. You would like to get new service installed to replace this account. They will work with you on this. I've had to do this a couple times before.
Anyone interested in a challenge?
This is more of a question to those people who have knowledge on Wi-Fi router configurations, but I am really hoping maybe somebody has experienced this and found a solution.
Probably the reason why I haven't found a "solution" (in quotes since my Wi-Fi is not really broken) is because I don't know how to word this correctly so that a Google search can be successful so I'll try to explain myself as best as I can.
Here is my problem:
My home's Wi-Fi seems to be having this issue where it takes a while to connect to servers (or at least, that's what I think is going on)
Once it establishes a connection to a server, it seems to run fine there on out.
For example:
Please check this video out: Video
This is a game called "Shadowgun Deadzone", a multi-player game. When I'm on Wi-Fi, notice how it gets stuck on "Authentication in progress" for more than a minute?
Later on in the video, I close it, turn off my Wi-Fi and re-open the game and it only takes SECONDS to get to the same screen with my carrier's network.
No, my internet is not slow. Web-page browsing and watching videos is as expected from a 10 mbps internet speed and also playing the game mentioned runs excellent once I get it to connect, only on things like this game is where it takes a while to establish an "initial" connection to the servers
What do I mean with "things like this"? Well, WhatsApp is something that to my knowledge also connects to a server to send images and media, right?
Check this second video out: Second Video
This example is a little bit less clear, but it also seems that connecting to the "server" takes twice as long than if I do it with my carrier's network.
So here's what I know:
1. It's not device specific. This happens with any cellphone using things like what I mentioned above.
2. Not the device's fault either since I play this exact game on my aunt's house and it connects fast as expected
3. Router firewall is deactivated.
4. I've also got a Nintendo 3DS, doesn't take as long to connect to Nintendo Network and play online
5. I've tried labeling my cellphone as "game console" (same as my 3DS) on the router settings, but it doesn't help, it changes nothing
6. This "problem" doesn't exist on web browsing, downloading stuff, Youtube, and a few minor things
I know the fastest solution probably is to get a new router, which I will do in due time, but I'm really hoping to skip that step if I can. This is really bugging me and rather than avoiding this by buying a new router I want to learn what is a possible cause and fix it. I'm pretty sure learning how to deal with this could be helpful in the future.
Is it specific to WiFi?
This feels like a DNS issue. Some devices initial connection working fine and others not could be a DNS caching issue.
Clear the cache of all devices then try to connect to a site one at a time and time them. If they are all around the same speed after clearing the cache then it's probably a DNS thing.
I wonder if a cell phone gets a domain resolved on mobile, caches it, then use the cache when on wifi instead of making a new query. Just a shot in the dark
krisclarkdev said:
Is it specific to WiFi?
This feels like a DNS issue. Some devices initial connection working fine and others not could be a DNS caching issue.
Clear the cache of all devices then try to connect to a site one at a time and time them. If they are all around the same speed after clearing the cache then it's probably a DNS thing.
I wonder if a cell phone gets a domain resolved on mobile, caches it, then use the cache when on wifi instead of making a new query. Just a shot in the dark
Click to expand...
Click to collapse
I will certainly give this a try.
Yes, it's Wi-Fi exclusive. Only at my home's Wi-Fi, because I've played this game at other places via Wi-Fi and I don't have this problem so what you suggest might not work. I'm almost certain there must be something wrong with this Wi-Fi router, some configuration getting in the way.
Download something like FCC Speed Test that shows more than up and down, specifically things like dropped packets. Run it three times on the same device at both locations and compare. Have you checked the routers logs for anything out of the ordinary?
krisclarkdev said:
Download something like FCC Speed Test that shows more than up and down, specifically things like dropped packets. Run it three times on the same device at both locations and compare. Have you checked the routers logs for anything out of the ordinary?
Click to expand...
Click to collapse
For some reason this app "FCC Speed Test" is showing as incompatible with all my devices, I really hope it doesn't need some kind of special Wi-Fi chip that makes this app work. The "newest" device I have is a Note 3. Went ahead and downloaded the apk file.
I'll get that done today and post the results to see if you can see the problem more clearly.
I am really not a person that knows much about networking and technical details. I just know the VERY basic things.
Things like how to change my router password, view who is using my Wi-Fi signal and block them via a Mac address. The VERY basic stuff. So I wouldn't be able to detect anything unusual in the router logs
Thanks for your help, I really appreciate you taking your time to respond to this. I will probably have these results in a few hours since I'm at work (I will also test this at my work's Wi-Fi as I also don't have a problem here. Not that I play this game at work but I've given it a test and it doesn't have the same problem as my home's Wi-Fi)
Thanks again
krisclarkdev said:
Download something like FCC Speed Test that shows more than up and down, specifically things like dropped packets. Run it three times on the same device at both locations and compare. Have you checked the routers logs for anything out of the ordinary?
Click to expand...
Click to collapse
Unfortunately both places (my house and my aunt's house) stats look exactly the same. Both places dropped packets once. I ran it once at my work place and is the lowest you'll see in the attached screenshots.
I can't find a solution. I am close to giving up
Thanks for your help and your time
Up
:bump:
bump