Dangers of WIFI networks

Has someone ever said to you «Leave your wifi free, don't you like free?""Don't be selfish»And so many things. The truth is that I personally do not see any problem to share my wifi with anyone. The problem is the dangers of having anyone on your wireless network, or worse, connecting to public networks of these that are in parks, cafes, etc ...

Today I come to tell you a little about one of these dangers. I introduce you:

 ARP Spoofing

According to Wikipedia.

«Is a technique used to infiltrate a network Ethernet switched (based on switches and not in hubs), which can allow the attacker to read data packets on the LAN (local area network), modify the traffic, or even stop it. "

But this is also done by means of the Wlan

According to @Jlcmux (I mean: D) Arp Spoofin tries to confuse the Router or AP by telling it or rather insisting that I have the MAC of the victim computer so that the device sends the packets that go to the victim first to me. So I can redirect or modify these packets before they reach the victim. That's when I can see all the victim's traffic or just stop it (Denial of services)

In conclusion, as the picture shows. We create an alternate channel between the network and the victim so that all traffic passes through the attacker before going to the victim

In this way, various types of software could be used such as msnspy or others with which you can see conversations from MSN, Facebook or others, to see passwords, hijack cookies and many types of attacks that are greatly facilitated by having all the traffic passing through your computer.

With tools like Wireshark we could see all this traffic. or use any other type of Sniffer to capture different types of packets.

Although there are tools and methods to free yourself from these types of attacks… Let's face it. Who uses them? Virtually nobody.

But we are going to name some tools to stop these attacks.

ARPON - A small tutorial

ArpWatch (In repos) A tutorial

The tools to attack I do not mention but they are not difficult to find and there are many of them out there if you want to try.

Greetings.


15 comments, leave yours

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   Germaine said

    The topic is very interesting, I will share it on my page. Thank you.

  2.   Daniel Rojas said

    Very good. I don't like having my home network open, what's more, I have it with WPA2, a fairly long password and MAC filtered. I know you can skip all that but in this area no one is going to do it hahaha

    Regards!

  3.   charlie brown said

    Okay, so I better continue with my paranoia that apparently is justified ...

  4.   hug0 said

    Leave my wifi open ?? !! Hahaha no. If I had a super bandwidth maybe but with my low speed I need it at all that of 😉

  5.   Blaire pascal said

    Good post, as always. But if they want the Internet, let them pay lol. Lie, there is nothing wrong with sharing.

  6.   AlonsoSanti14 said

    very good info ... I had to check, but then, in my house there is no one who knows about that (good that I say), lol but it's useful to know anyway ... 🙂

  7.   Hugo said

    Good article. It is good for people to become aware of the importance of security in information technology. Unfortunately many prefer to ignore it, until they become victims of an attack. It is enough to observe the traces of a firewall to verify that there are always those who are willing to try to enter your PC from the places you least expected: Russia, China, Korea, Brazil, Argentina, South Africa, etc.

  8.   dhunter said

    In my city there is a hard wifi, like 10 AP in a bridge and it takes almost the whole city, people take it to play wow but some friends and I want to put social network, status.net etc ...
    Currently the security is by mac filter but that is for newbies, so they plan to set up a radius server, there is nothing to hack because it is a local network and it only has a wow server and a jabber, later on you will have to worry but if you want to hack an account wow go ahead, it must be fun to take off the armor and put a thong on an alliance warrior.

  9.   Carlos-Xfce said

    This article is very interesting. At my house, we have a D-Link router and I set it a password with WEP2 and a very long one with strange signs, numbers, upper and lower case. However, I would like to learn more about how to configure the wireless network safely.

    If this were a YouTube comment, it could ask for something like "thumbs up if you want the author to make a video (in this case, an article) to teach us how to safely configure the router," heh heh heh. And those who read it could score so that the request was taken into account by the author.

    1.    @Jlcmux said

      xD. I personally don't mess with it much. I just keep it hidden. with a WPA2-PSK, and I audit it constantly.

      Something I did was leave it open for a few days and all the people who connected were banned by the MAC. 😀

      You can also disable DHCP and only authorize MACs with an IP from the router and that way it doesn't work even by assigning me an IP myself.

      A mouse can violate all this. But we go. they will get tired after 4 days of trying

  10.   merlin the debianite said

    Well if you have the wallet activated, although sometimes it is annoying, it will ask for the password when they try to enter the network. XD.

    Although creating a VPN is not a bad idea either.

  11.   ProgrammingO said

    The subject is very interesting, I am going to investigate a little ...

  12.   Joan Carlos Lopez Sancho said

    The only problem with Wi-Fi networks is electromagnetic radiation, due to the increase and degree of exposure as an expert on the subject, I can tell you that you can verify it by disconnecting and connecting after a day and you will notice, by cable it is harmless and inviolable, don't be fooled

    youtube downloader

  13.   issa said

    What a long thing

  14.   scorptech said

    I have this problem, I have a laptop with windows 7 and zonealarm blocks this for me, but even so in wireshark as well as networkminer, I see the error that throws me when I want to change, the mac of my laptop by the address of router xx. xx.xxx.xx blah blah blah. In wireshark it shows me how the router mac does arp to my laptop, an example my mac router is 00.00.00.00.00.00 and the laptop is 11.11.11.11.11.11. My question is this, before connecting the laptop to the wifi, I run as admin, wireshark, and I always choose everything, both lan and wifi. This is what I see when connecting something like this:

    GemtekTe_xx: xx: xx ARP ect ect .. and then the address where example 192.168.1.x is found or the mac of my router, asking who is connected in that address ect .., now in ubuntu I try to install networkminer and everything is fine , but when the graphical interface comes out I don't see the start and stop buttons.