Testing my own network for weakness

What's the best way to setup a home network? Why should I care about BGP?

Testing my own network for weakness

Post by Maxiimus on Thu Feb 21, 2013 6:55 pm
([msg=73952]see Testing my own network for weakness[/msg])

Hi guys!
I have just fully set up my own network and was wondering where to start learning how to test my network for weakness.
I have looked all over and all I seem to find is in-depth stuff but I need to start at the basics.
I know it's a big ask but if you know of any sites that can help me then please let me know!

Many thanks.
Maxiimus
New User
New User
 
Posts: 3
Joined: Thu Feb 21, 2013 6:50 pm
Blog: View Blog (0)


Re: Testing my own network for weakness

Post by limdis on Thu Feb 21, 2013 7:03 pm
([msg=73954]see Re: Testing my own network for weakness[/msg])

Great, details on your network? What's your setup?
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1311
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: Testing my own network for weakness

Post by Maxiimus on Thu Feb 21, 2013 7:11 pm
([msg=73955]see Re: Testing my own network for weakness[/msg])

Just a normal wireless network with 2 computers connected via Ethernet and 3 laptops via wireless and the router has a built in firewall.
This is what I mean, I know nothing on the subject! :(
Anything you can tell me or even where to start, would be great! Thank you
Maxiimus
New User
New User
 
Posts: 3
Joined: Thu Feb 21, 2013 6:50 pm
Blog: View Blog (0)


Re: Testing my own network for weakness

Post by limdis on Thu Feb 21, 2013 8:24 pm
([msg=73959]see Re: Testing my own network for weakness[/msg])

Lets start with the security measures you have already put in place. Wireless encryption settings and your firewall.
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1311
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: Testing my own network for weakness

Post by madmax0150 on Fri Feb 22, 2013 9:58 pm
([msg=74000]see Re: Testing my own network for weakness[/msg])

this is what I do for my basic network security.

My first suggestion is installing a copy of comando firewall. I use the free edition but I highly recommend the paid for one. This software is really great at detecting real-time threats. You can even trace the IP of the origin of an attacker.

Also I run a virtual machine of backtrack 5 r3,, which has two amazing applications that are sent from the tech gods!

EtherApa ---this program allows you to see real-time connections, allows you to get a visual representation of your network, and of all connections coming into your network.

Zenmap --- this program will scan your network and collect information about, and will allow you to "poke" at any incoming IP's.

oh and remember Google is your friend. use it! :geek:
Disclaimer: Nothing posted by me is true. Any pictures posted by me are fictitious and found elsewhere online.
madmax0150
New User
New User
 
Posts: 10
Joined: Thu Jun 07, 2012 3:01 pm
Blog: View Blog (0)


Re: Testing my own network for weakness

Post by Maxiimus on Sat Feb 23, 2013 2:31 pm
([msg=74017]see Re: Testing my own network for weakness[/msg])

madmax0150 wrote:this is what I do for my basic network security.

My first suggestion is installing a copy of comando firewall. I use the free edition but I highly recommend the paid for one. This software is really great at detecting real-time threats. You can even trace the IP of the origin of an attacker.

Also I run a virtual machine of backtrack 5 r3,, which has two amazing applications that are sent from the tech gods!

EtherApa ---this program allows you to see real-time connections, allows you to get a visual representation of your network, and of all connections coming into your network.

Zenmap --- this program will scan your network and collect information about, and will allow you to "poke" at any incoming IP's.

oh and remember Google is your friend. use it! :geek:


All I have is the Microsoft firewall and a WEP key that came already on the router.

Would I just type this Commando into Google and download it or?
Also, I have heard of this Backtrack 5 but not a clue what it does or is about, sounds pretty good from what you have posted though, any links for download?
Cheers guys! :)
Maxiimus
New User
New User
 
Posts: 3
Joined: Thu Feb 21, 2013 6:50 pm
Blog: View Blog (0)


Re: Testing my own network for weakness

Post by 6sygma on Sun Feb 24, 2013 5:08 am
([msg=74071]see Re: Testing my own network for weakness[/msg])

1) Does your router have a web mgt interface?
2) If so did you change the default passwords that came with it for the admin of the web interface?

If the answers above are (1) Yes, (2) No then your network is already insecure and you just found your first vulnerability. If not let me know.

Regards,
6*Σ
User avatar
6sygma
New User
New User
 
Posts: 4
Joined: Mon Feb 18, 2013 4:49 am
Blog: View Blog (0)


Re: Testing my own network for weakness

Post by madmax0150 on Sun Feb 24, 2013 8:13 pm
([msg=74107]see Re: Testing my own network for weakness[/msg])

Oh and don't use WEP, it is terribly unsecure. See if your router supports WPA2. Also if you use WPA2 the longer the password the better, a 16 character password is almost impossible to crack.
Disclaimer: Nothing posted by me is true. Any pictures posted by me are fictitious and found elsewhere online.
madmax0150
New User
New User
 
Posts: 10
Joined: Thu Jun 07, 2012 3:01 pm
Blog: View Blog (0)


Re: Testing my own network for weakness

Post by limdis on Sun Feb 24, 2013 9:34 pm
([msg=74114]see Re: Testing my own network for weakness[/msg])

Cool, I don't want to start throwing tools at you right away for fear of overwhelming you since you mentioned being new to this.

Like 6sygma said, the very first thing you should do as soon as you pull your router out of the box is rename the router (the broadcast ID, the 'name' you see when you want to connect. This is often listed as the SSID if you have trouble finding it.) and change the admin password. Here is why; default router settings are posted all over the internet. If someone gains access to your network it won't take long for them to login to the router and take control of your network if you are still using default settings. Google ftw.

The next step since you said you have some stations that are connected via ethernet is to disable the router web management interface. This will prevent anyone from accessing the router (even you) unless you can physically connect to it, either via ethernet or usb.

Now briefly on encryption settings. As mentioned before if your router came out of the box with an already set encryption setting and key, you want to change it. There are many Cisco routers that come prepackaged rocking WPA2 but the key is "password". No go. With a key such as "password" you can crack the WPA/WPA2 encryption faster than WEP.

Now, WEP. There are a few reasons that some places use WEP. The list is somewhat ridiculous and I won't get into it unless someone really wants to know. But for personal use, get rid of it. WEP cracking can be done very very quickly due to the encryption cipher used. (Sources on request for those that are interested in specifics or coding your own cracker). WEP cracking can be trickier at times and those youtube skiddies might fail entirely if you don't have a station connected lol.

WPA/WPA2, for straightforward explanation they are pretty much the same thing. The effectiveness of the crack is based entirely on the wordlists used. Those who know what they are doing craft rainbow tables to expedite the process or can utilize hybrid attacks (combination of dictionary and brute force) to crack the key. So for you, a longer less common password can make it nearly impossible for your network to be broken into via traditional methods. Hackers also expect "hacker proof" passwords too. Such as Pa55W0rd123!!!. You're better off with "ILovemyCookiesALLdayLong123!!!"
Just as an example of course.
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1311
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: Testing my own network for weakness

Post by Dwere134 on Thu Feb 28, 2013 12:34 am
([msg=74258]see Re: Testing my own network for weakness[/msg])

limdis wrote:... Here is why; default router settings are posted all over the internet. If someone gains access to your network it won't take long for them to login to the router and take control of your network if you are still using default settings. Google ftw.


To better illustrate this go to this list of default router passwords and see if you can find the default password to your router. And this is an OLD list. ;)
Dwere (David)
Goatboy wrote:
Dwere wrote:I'm not one to start some branch of religion though. Not my thing.

Of course if you wanted to, you could call it the Davidians!
Dwere134
Experienced User
Experienced User
 
Posts: 83
Joined: Mon Sep 27, 2010 5:06 pm
Blog: View Blog (0)



Return to Networking

Who is online

Users browsing this forum: No registered users and 0 guests

cron