My goal, where to start?

Data that travels over the air and how to protect (or decipher) it

My goal, where to start?

Post by ax10m on Wed Aug 22, 2012 8:19 am
([msg=68913]see My goal, where to start?[/msg])

I have my reasons to suspect my computer (and/or home network) might be monitored by another party.

I would like to be able to find anyone lurking or attempting to access my network.
Shut them down or allow them to monitor.
Monitor them in return.

Where is a good place to start with these objectives? Hacking websites and the like doesn't really interest me. Penetration testing of my network is my ultimate goal.


Follow up, how secure are VPNs?
ax10m
New User
New User
 
Posts: 6
Joined: Wed Aug 22, 2012 7:56 am
Blog: View Blog (0)


Re: My goal, where to start?

Post by limdis on Wed Aug 22, 2012 8:37 am
([msg=68914]see Re: My goal, where to start?[/msg])

Welcome to my neck of the woods. I would love to help you out. Tell me a little bit about how your network is setup then we can jump right into things. There are a great deal of ways to go about this but considering the variables first. I assume this is your out of the box home network?
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1388
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: My goal, where to start?

Post by ax10m on Wed Aug 22, 2012 8:53 am
([msg=68915]see Re: My goal, where to start?[/msg])

Yep, using an out of the box wireless router with built-in VPN service. Problem is that my setup is computer>vpn wireless router>modem which receives from a local antenna>antenna>internet? My concern is the antenna>modem link which is, I suppose, outside my network.

I don't want to go posting too many specifics but there's plenty of room for snoopers and I just want to make sure my online activities and computers are as secure as possible.

Edit: I suppose penetration testing is my goal. I have an older computer that I plan on using as "the bad guy" or vice versa - I don't really care what happens to that computer so I'm free to screw it up, wipe, and re-image as much as I want :lol:

-- Wed Aug 22, 2012 9:00 am --

Looks like my thread got moved from the noobie section to networking. I've been doing a lot of reading but the information, lingo, tools, etc is over whelming. It's tough for me to stay focused without following links down the rabbit hole. Any guidance on a good starting point would be good.

I've been looking at the Nmap tool because it has what appears to be a pretty comprehensive book. Thoughts?
ax10m
New User
New User
 
Posts: 6
Joined: Wed Aug 22, 2012 7:56 am
Blog: View Blog (0)


Re: My goal, where to start?

Post by limdis on Wed Aug 22, 2012 9:33 am
([msg=68917]see Re: My goal, where to start?[/msg])

If your modem has an antenna it likely has it's own wireless capabilities. But your internet should be coming in from your ISP via ethernet/phone line (dsl). Double check.

But jumping ahead do you have admin rights to the router login?

ax10m wrote:I've been looking at the Nmap tool because it has what appears to be a pretty comprehensive book. Thoughts?

Nmap is great! But one step at a time. You need to work with what you currently have access too before you start trying to learn outside tools.
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1388
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: My goal, where to start?

Post by ax10m on Wed Aug 22, 2012 9:48 am
([msg=68919]see Re: My goal, where to start?[/msg])

Well this is the first time I've seen a setup like this. I'm originally from the U.S. and use to the internet coming from an ISP to me through an ethernet/phone line. However, I'm oconus right now and will be for the next two years. After some more research, turns out it's a WiMax setup. The modem (ZyXEL MAX-206M2) does have it's own wireless capabilities and I have admin access to it's settings. However, I don't use it and never have except to connect my vpn wireless router to (vulnerability?). From what I can tell, the modem doesn't broadcast an SSID, at least, it's not appearing on my available networks list.

I also have admin access to my vpnrouter....and another spare router I'm not using. I may setup a mini "target" network to fool around with. In time...
ax10m
New User
New User
 
Posts: 6
Joined: Wed Aug 22, 2012 7:56 am
Blog: View Blog (0)


Re: My goal, where to start?

Post by tremor77 on Wed Aug 22, 2012 10:08 am
([msg=68920]see Re: My goal, where to start?[/msg])

Is your Internet Service Wireless?

If so, do you have an antenna/cantenna setup either within or on the exterior of your household?

If not,your wireless/vpn receiver - was that provided by your ISP?

Is the ISP public/private? Meaning - do you pay for a connection or is it municipal?
Image
User avatar
tremor77
Contributor
Contributor
 
Posts: 884
Joined: Wed Mar 31, 2010 12:00 pm
Location: New York
Blog: View Blog (0)


Re: My goal, where to start?

Post by limdis on Wed Aug 22, 2012 12:04 pm
([msg=68924]see Re: My goal, where to start?[/msg])

I learned something. I didn't know that some ISPs can/sometimes provide service via wireless. Which is cool in a way because it forces you to think outside the box. But yes need to know if this is a paid service. Additionally, I assume you can connect other computers in your house to your router. So I say we treat this the same way as a normal setup but with the additional possibility of viewing traffic. Going to think out loud here but if someone was to monitor the entire signal that goes out then not only you but everyone else getting their service this way would be vulnerable. Just because it doesn't broadcast an SSID doesn't mean it can't be picked up.

I suggest getting Backtrack now so we can start testing. It already includes most of the tools you are going to need. But yes pentesting your own network is a great way to learn because you see everything that happens from the hacker standpoint to the admin's view.

First thing is first though. Log into your router and view the connections/logs. If you are being hit with a MiTM attack they will need to be connected.
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1388
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: My goal, where to start?

Post by wan26 on Wed Aug 22, 2012 1:43 pm
([msg=68928]see Re: My goal, where to start?[/msg])

As for VPN security you may want to check out this blog as well.

https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/ it's a good read

I heard methods are improving, anyway ssl all the way.
User avatar
wan26
Experienced User
Experienced User
 
Posts: 91
Joined: Sun Jan 22, 2012 6:46 pm
Blog: View Blog (0)


Re: My goal, where to start?

Post by ax10m on Wed Aug 22, 2012 2:12 pm
([msg=68931]see Re: My goal, where to start?[/msg])

Yes, it's a paid service and yes it's provided via wireless. Given the location, I would be surprised if the entire network signal isn't monitored. Which router should I be focusing on? Vpn router (I bought) or the WiMax modem/router (supplied by ISP)? It seems if any interested parties were monitoring my activity it would be at the WixMax modem/router since that would be the starting point for my network.

What exactly am I looking for in the operations logs?

I'm looking into BackTrack - looks pretty intense and out of my knowledge level, then again, all of this pentesting is outside my knowledge level. I'll go ahead and install it on a spare thumbdrive I have and play around with it to see what I can come up with.

Also reading up on SSL. This is the problem, so much coming in at once, it's hard to stay focused! :|

On a side note: I have noticed that I lose my internet connection throughout the day and have to restart my vpn/router but my modem stays online.

-- Wed Aug 22, 2012 2:17 pm --

Limdis, do you have a stake in BackTrack or just like the quote? Also, any good beginner guides on it?
ax10m
New User
New User
 
Posts: 6
Joined: Wed Aug 22, 2012 7:56 am
Blog: View Blog (0)


Re: My goal, where to start?

Post by limdis on Wed Aug 22, 2012 3:21 pm
([msg=68936]see Re: My goal, where to start?[/msg])

ax10m wrote:This is the problem, so much coming in at once, it's hard to stay focused!

Actually this is a good thing! You should be excited lol. If you put some time into this you can really learn a lot and greatly increase your knowledge and skills in security. Yes you are going to want to access the router provided to you, since it is the device that your internet connection is coming in from. I've gotten the manual for your modem and am going through it now. Once you login you are going to want to access the DHCP Table to see who all is currently connected. It will show IP and MAC addresses to those connected. Hopefully the only clients connected belong to you. The logs (if enabled) will show events of any other clients that connected in the past.
Simple question I forgot to ask, have you encrypted your network?


ax10m wrote:Limdis, do you have a stake in BackTrack or just like the quote? Also, any good beginner guides on it?

No, I'm an avid BT user. Loved the quote. I suggest it because I got my footing in wireless work with bactrack. There are tons of tutorials out there on it and we have a lot of members here at HTS that use it and can assist you with any questions. It's convenient and can be extremely effective.
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1388
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Next

Return to Networking

Who is online

Users browsing this forum: No registered users and 0 guests