Wireless intrusion - WPA and TKIP cracked with ease
I'm a noob to this forum, but I've been working in the IT industry for 10 years or so. I'm not particularly experienced with wireless, just using it at home, but I'm learning fast.
So, I have a problem with one of my neighbours hacking my wireless connestion and downloading massive amounts of data, using a spoofed MAC. I have a belkin modem-router which is using WPA and TKIP/AES, and the intruder just waltzes through the secutiry like it's not even there. I've hidden the SSID, changed all the settings, and he just gets straight back in. I've even disabled wireless client access on the router and he STILL got in
I'm less bothered about stopping him now, and more bothered about finding out who it is so that I can set the cops on him, because this is costing me money and a lot of time. I've reverted to a non-wireless router in the meantime since there is nothing more I can do with the wireless.
Does anyone know of any counter-intrusion tools that I could use to find out what he's doing, or even counter-hack his machine? I think it's fairly well firewalled.
One, use a 5 gHz router and adapter for wireless. 5 gHz is well above 2.4 gHz, and can't be seen by 2.4 gHz adapters. But if the hacker also has a 5 gHz wireless adapter, its still possible that he could break in.
Two, you may try a higher grade security if WPA-TKIP isn't working. Try WPA2, if your devices support it. Also, try a longer password. Don't do something like a 6 letter password. Use more than 20 with different symbols and letters.
Three, keep a wired network. Wired is the only true way he won't break in any more.
The person has hijacked the router.
1) Reset it to factory settings
2) Set the admin password for the router to a really good one
3) Re-set up the WPA-PSK use WPA Password Generator from WhatsMyIP.org : Password Generator
4) Do all of this quickly before the hacker gets in and beats you to it.
Once all the doors are closed you shuld be o.k unless he is able to guess your WPA-PSK faster than anyone else on the planet. But with a WPA-PSK key like tn83k21r86pspyb3uaxzrvuqm3p6kgyuirxh58t48ndqjepudv 6jdvt4a265drf I doubt it.
Several weeks have now passed, so this message may be irrelevant. MikkiJayne, you mentioned that you wanted to locate the intruder. I too have a Belkin router and found that it has a security log where one can see the IP address of a machine attaching to your router, the IP address of a user logging in to the admin functions of the router (hopefully only you by now), and also the IP address of "attackers" from anywhere. Since you are an IT pro, you can no doubt quickly get info on the IP addresses of interest.