Wi-Fi–Hacking Neighbor From Hell Sentenced to 18 Years

Questions on how we spend our money and our time - consumer goods and services, home and vehicle, leisure and recreational activities
Post Reply
User avatar
Topic Author
fredflinstone
Posts: 2829
Joined: Mon Mar 29, 2010 7:35 am
Location: Bedrock

Wi-Fi–Hacking Neighbor From Hell Sentenced to 18 Years

Post by fredflinstone »

Please, please tell me how to secure my Wi Fi network so that this doesn't happen to me!
A Minnesota hacker prosecutors described as a “depraved criminal” was handed an 18-year prison term Tuesday for unleashing a vendetta of cyberterror that turned his neighbors’ lives into a living nightmare.

Barry Ardolf, 46, repeatedly hacked into his next-door neighbors’ Wi-Fi network in 2009, and used it to try and frame them for child pornography, sexual harassment, various kinds of professional misconduct and to send threatening e-mail to politicians, including Vice President Joe Biden.
Full article at:
http://www.wired.com/threatlevel/2011/0 ... from-hell/
User avatar
ol_pops
Posts: 306
Joined: Thu Mar 01, 2007 8:44 pm

Encryption

Post by ol_pops »

Make sure it's encrypted. The stronger the better. Check your Wi-Fi manual.
User avatar
Rob5TCP
Posts: 3812
Joined: Tue Jun 05, 2007 7:34 pm
Location: New York, NY

Post by Rob5TCP »

The original encryption scheme was WEP and was too easily violated. The most recent from 2008/2009 is WPA2. Below is a brief description of each type of encryption. You will have to check the manual that came with your system to see which one it supports.

http://helpdeskgeek.com/networking/comp ... ion-types/
User avatar
Topic Author
fredflinstone
Posts: 2829
Joined: Mon Mar 29, 2010 7:35 am
Location: Bedrock

Re: Encryption

Post by fredflinstone »

ol_pops wrote:Make sure it's encrypted. The stronger the better. Check your Wi-Fi manual.
From the Wired article:

"Ardolf downloaded Wi-Fi hacking software and spent two weeks cracking the Kostolnik’s WEP encryption"

So encryption wasn't enough.
kirent
Posts: 529
Joined: Tue Sep 28, 2010 1:06 am

Re: Encryption

Post by kirent »

fredflinstone wrote:
ol_pops wrote:Make sure it's encrypted. The stronger the better. Check your Wi-Fi manual.
From the Wired article:

"Ardolf downloaded Wi-Fi hacking software and spent two weeks cracking the Kostolnik’s WEP encryption"

So encryption wasn't enough.
WEP is not enough. WPA2 will be enough as long as you don't use a dictionary/easy password.
Disclaimer: I am not a financial or legal expert and all information I provide is given for entertainment purposes only, at your own risk and with no guarantees of accuracy.
epilnk
Posts: 2717
Joined: Wed Apr 18, 2007 7:05 pm

Post by epilnk »

You don't thwart a guy like this with superior technology. Because if he can't get into your wifi he's just going to pour sugar in your gas tank or poison your dog or something. The home defense rifle thread comes to mind here.
kirent
Posts: 529
Joined: Tue Sep 28, 2010 1:06 am

Post by kirent »

epilnk wrote:You don't thwart a guy like this with superior technology. Because if he can't get into your wifi he's just going to pour sugar in your gas tank or poison your dog or something. The home defense rifle thread comes to mind here.
What does sugar in your gas tank do?
Disclaimer: I am not a financial or legal expert and all information I provide is given for entertainment purposes only, at your own risk and with no guarantees of accuracy.
User avatar
Topic Author
fredflinstone
Posts: 2829
Joined: Mon Mar 29, 2010 7:35 am
Location: Bedrock

Post by fredflinstone »

Rob5TCP wrote:The original encryption scheme was WEP and was too easily violated. The most recent from 2008/2009 is WPA2. Below is a brief description of each type of encryption. You will have to check the manual that came with your system to see which one it supports.

http://helpdeskgeek.com/networking/comp ... ion-types/
Thanks. My router uses WPA/WPA2 encryption. I have a long password (more than 20 characters) that includes both numbers and letters. Is there anything more I should do? Should I change my password every few weeks just to be safe?
User avatar
Rob5TCP
Posts: 3812
Joined: Tue Jun 05, 2007 7:34 pm
Location: New York, NY

Post by Rob5TCP »

Let's not go crazy - I do it every 6 months or so. WPA2 is the best and WPA is ok for most. A determined cracker can probably get through anything.

But, you sound pretty secure.

DON'T lose your password and don't go leaving sticky notes that someone can see them.
kirent
Posts: 529
Joined: Tue Sep 28, 2010 1:06 am

Post by kirent »

fredflinstone wrote:
Rob5TCP wrote:The original encryption scheme was WEP and was too easily violated. The most recent from 2008/2009 is WPA2. Below is a brief description of each type of encryption. You will have to check the manual that came with your system to see which one it supports.

http://helpdeskgeek.com/networking/comp ... ion-types/
Thanks. My router uses WPA/WPA2 encryption. I have a long password (more than 20 characters) that includes both numbers and letters. Is there anything more I should do? Should I change my password every few weeks just to be safe?
WPA still uses TKIP. WPA2 uses CCMP which is better.
Disclaimer: I am not a financial or legal expert and all information I provide is given for entertainment purposes only, at your own risk and with no guarantees of accuracy.
amh
Posts: 100
Joined: Tue Jun 22, 2010 7:52 pm

Post by amh »

In addition to enabling WPA2, you can disable SSID broadcasting (so that nearby computers won't see your network advertised) and enable your access point's MAC address access list feature, if any. The latter will allow you to restrict wireless access only to certain machines even when the WPA2 key is known. These steps aren't going to stop truly dedicated attackers, but unless there's a personal vendetta against you, anything that lowers your profile will nudge them towards the less secure neighbors.

On the more extreme side, you could also take steps to reduce the amount of signal emitted outside your house; by reducing the transmit power on the access point (if possible), or by shielding the windows/walls. But if you're that worried then maybe you should get less crazy neighbors. :shock:
555
Posts: 4955
Joined: Thu Dec 24, 2009 6:21 am

Post by 555 »

epilnk wrote:"You don't thwart a guy like this with superior technology. Because if he can't get into your wifi he's just going to pour sugar in your gas tank or poison your dog or something. The home defense rifle thread comes to mind here."
Someone gets it. This is not about technology. It's about predators. These victims were lucky to have such powerful allies. But there are so many victims who go for years suffering in silence because they just can't get anyone to understand what they are being put through.
billern
Posts: 1079
Joined: Fri Dec 07, 2007 3:08 pm

Post by billern »

amh wrote:In addition to enabling WPA2, you can disable SSID broadcasting (so that nearby computers won't see your network advertised) and enable your access point's MAC address access list feature, if any. The latter will allow you to restrict wireless access only to certain machines even when the WPA2 key is known. These steps aren't going to stop truly dedicated attackers, but unless there's a personal vendetta against you, anything that lowers your profile will nudge them towards the less secure neighbors.

On the more extreme side, you could also take steps to reduce the amount of signal emitted outside your house; by reducing the transmit power on the access point (if possible), or by shielding the windows/walls. But if you're that worried then maybe you should get less crazy neighbors. :shock:
If you want security and a better overall connection, run Ethernet cable through your house and go wired.
gurujji
Posts: 127
Joined: Wed Dec 01, 2010 4:03 pm

Post by gurujji »

fredflinstone wrote:. Is there anything more I should do?

Do's & Dont's
http://www.airtightnetworks.com/home/re ... ccess.html

http://www.airtightnetworks.com/fileadm ... mplete.pdf

and some "scan" tools for WI-FI.
http://www.metageek.net/docs/wireless-networking-tools/

- i use inSSIDer
- set password as a sentence, if the system accepts it.

- enable DHCP in the router
- in DHCP settings, limit the IP-distribution using "start IP" & "End IP".
- A new device connecting to my wi-fi setup will not receive an IP, because it's all used up.
Xile F Investor
Posts: 138
Joined: Tue Jul 27, 2010 7:54 am
Location: Virginia

Post by Xile F Investor »

Filter by MAC address as well. It's a pain to add new devices, but it blocks those which you did not authorize.
What you must do is, speak so loud that I can not hear you. | Those who say it can not be done should not interrupt the people doing it.
User avatar
GregLee
Posts: 1748
Joined: Wed Oct 27, 2010 3:54 pm
Location: Waimanalo, HI

Post by GregLee »

Xile F Investor wrote:Filter by MAC address as well. It's a pain to add new devices, but it blocks those which you did not authorize.
I use WEP and a MAC address filter, though I have read that MAC addresses can be snooped out then spoofed, and so provide little protection against a knowledgeable attacker. It seems very unlikely to me that a sophisticated hacker would ever become interested in breaking into my network, since (for one thing) that wouldn't get him into any of my computers.
Greg, retired 8/10.
btenny
Posts: 5702
Joined: Sun Oct 07, 2007 6:47 pm

Post by btenny »

Don't forget to change the supervisor default ID and password. These Ids are different and separate from the user ids.

Bill
harland
Posts: 332
Joined: Fri Feb 23, 2007 11:33 am

Post by harland »

GregLee wrote:
Xile F Investor wrote: I use WEP and a MAC address filter, though I have read that MAC addresses can be snooped out then spoofed...
This much is true. I can easily change the MAC address the Ethernet adapter uses on my Linux box.

The one thing I really dislike about Yahoo! Mail (which the victim used) is that it doesn't offer a constant https connection. (GMail does though.)
The one thing that unites all human beings, regardless of age, gender, religion, economic status or ethnic background, is that, deep down inside, we ALL believe that we are above-average drivers.
slick_dealer_05
Posts: 420
Joined: Tue Jul 24, 2007 8:16 pm

Re: Wi-Fi–Hacking Neighbor From Hell Sentenced to 18 Years

Post by slick_dealer_05 »

fredflinstone wrote:Please, please tell me how to secure my Wi Fi network so that this doesn't happen to me!
Do you realize the probability of this happening to you compared to being killed in an auto accident or drowning in a swimming pool?

If your neighbors are trying to sneak in your wireless network, they are probably also going through your garbage to get your personal information . They can easily frame you by putting some child porn in your garbage. What will you do about it?
User avatar
Topic Author
fredflinstone
Posts: 2829
Joined: Mon Mar 29, 2010 7:35 am
Location: Bedrock

Post by fredflinstone »

btenny wrote:Don't forget to change the supervisor default ID and password. These Ids are different and separate from the user ids.

Bill
thank you. I have done this now.
User avatar
Topic Author
fredflinstone
Posts: 2829
Joined: Mon Mar 29, 2010 7:35 am
Location: Bedrock

Re: Wi-Fi–Hacking Neighbor From Hell Sentenced to 18 Years

Post by fredflinstone »

slick_dealer_05 wrote:
fredflinstone wrote:Please, please tell me how to secure my Wi Fi network so that this doesn't happen to me!
Do you realize the probability of this happening to you compared to being killed in an auto accident or drowning in a swimming pool?
Someone once hacked into my email account.
gabylon
Posts: 372
Joined: Thu Dec 31, 2009 12:54 pm

Re: Wi-Fi–Hacking Neighbor From Hell Sentenced to 18 Years

Post by gabylon »

fredflinstone wrote:Someone once hacked into my email account.
From what I read, he didn't hack into the victim's Yahoo account. He opened a new Yahoo account on the victim's name, then sent the threatening emails from this account through the victim's wireless connection, so they would be traced back to his Internet account. It's analogous to someone making threatening calls using your phone line.
Ardolf used the Kostolniks’ wireless router to connect to the Internet, accessed a Yahoo.com email account he had created in Matt Kostolnik’s name and, posing as Matt Kostolnik, sent three separate emails to his coworkers. Ardolf sent the emails using the Kostolniks’ wireless Internet connection, with the intent that the emails would be traced back to the Kostolniks’ Internet account with Qwest.
A firewall like comodo would alert you to another computer trying to connect to yours.
User avatar
curly lambeau
Posts: 669
Joined: Wed Apr 25, 2007 10:42 am

Post by curly lambeau »

amh wrote:In addition to enabling WPA2, you can disable SSID broadcasting (so that nearby computers won't see your network advertised) and enable your access point's MAC address access list feature, if any.
This is totally useless for repelling anyone capable of hacking your wireless IMO.

Nobody hacking your wireless network is going to use software that needs SSID broadcasting to find you, and anyone can spoof a MAC address.

Just use WPA/WPA2 with a strong passphrase.
ataloss
Posts: 887
Joined: Tue Feb 20, 2007 2:24 pm

Post by ataloss »

Nobody hacking your wireless network is going to use software that needs SSID broadcasting to find you, and anyone can spoof a MAC address.
I agree, there isn't any harm in turning off ssid broadcasting or turning on MAC address filtering but these are effective for only the least competent hacker. The guy who can hack your WPA2 would not be deterred at all by those ineffective measures. The best solution for a router that doesn't do WPA2 is a new router.
User avatar
Topic Author
fredflinstone
Posts: 2829
Joined: Mon Mar 29, 2010 7:35 am
Location: Bedrock

Post by fredflinstone »

thank you so much for all the suggestions. Bogleheads are the best!

One more question: my router software provides an option for a firewall. Until now, I have used the default setting, which is "off." I am wondering if I should change this setting to "low," "medium" or "high."

It appears that a high setting would result in the loss of certain functionality. Here is what the manual says:
The default firewall security level is set to “Off”. Activating the firewall is optional. When the firewall is activated, security is enhanced, but some network functionality will be lost. If the firewall is enabled with dynamic addressing in step 1, all DHCP allocated addresses will use the same firewall rules. Static IP addresses can be configured on a per address basis in the firewall.
Anyone know anything about this?
arthurb999
Posts: 440
Joined: Wed Apr 29, 2009 1:07 pm

Post by arthurb999 »

Mac address filtering
Only allow x amount of devices at a time (the amount you have)
SSID not broadcasting
allsop
Posts: 1046
Joined: Sun Jun 15, 2008 7:08 am

Post by allsop »

curly lambeau wrote:
amh wrote:In addition to enabling WPA2, you can disable SSID broadcasting (so that nearby computers won't see your network advertised) and enable your access point's MAC address access list feature, if any.
This is totally useless for repelling anyone capable of hacking your wireless IMO.

Nobody hacking your wireless network is going to use software that needs SSID broadcasting to find you, and anyone can spoof a MAC address.

Just use WPA/WPA2 with a strong passphrase.
The router should also be configured to only accept WPA2-PSK (PSK=Pre Shared Key) connections as this gives a better security. Most home routers will by default start using less secure protocols/encryption if the stronger ones fails.

The PC should be configured to only connect to wireless router using WPA2-PSK that it knows about.
allsop
Posts: 1046
Joined: Sun Jun 15, 2008 7:08 am

Post by allsop »

fredflinstone wrote:thank you so much for all the suggestions. Bogleheads are the best!

One more question: my router software provides an option for a firewall. Until now, I have used the default setting, which is "off." I am wondering if I should change this setting to "low," "medium" or "high."

It appears that a high setting would result in the loss of certain functionality. Here is what the manual says:
The default firewall security level is set to “Off”. Activating the firewall is optional. When the firewall is activated, security is enhanced, but some network functionality will be lost. If the firewall is enabled with dynamic addressing in step 1, all DHCP allocated addresses will use the same firewall rules. Static IP addresses can be configured on a per address basis in the firewall.
Anyone know anything about this?
A home router will (usually) by default block outside initiated connections while allowing connections from the inside out to the scary WWW, and for most home users this is sufficient.

With firewall rules you can block some types of connections from leaving or entering (say Microsoft network traffic). Unless you know what you are doing you can have a non-functional network or introduce security problems.

You should check if there is a new version of the software in the router that fixes potential security problems. Router software is same as all other software: buggy.
User avatar
curly lambeau
Posts: 669
Joined: Wed Apr 25, 2007 10:42 am

Post by curly lambeau »

If you want to fool around with trying to test your home network, or are curious how people crack wireless networks, you can boot this software from a CD or thumbdrive:

http://www.backtrack-linux.org/
aetos
Posts: 22
Joined: Tue May 03, 2011 11:27 am

Post by aetos »

Surprised no one has mentioned changing your router password from the default.
allsop
Posts: 1046
Joined: Sun Jun 15, 2008 7:08 am

Post by allsop »

aetos wrote:Surprised no one has mentioned changing your router password from the default.
Ah yes, and make sure that the router administration is not allowed from WWW (default by modern routers) or even WiFi interface if possible.
Grt2bOutdoors
Posts: 25625
Joined: Thu Apr 05, 2007 8:20 pm
Location: New York

Post by Grt2bOutdoors »

epilnk wrote:You don't thwart a guy like this with superior technology. Because if he can't get into your wifi he's just going to pour sugar in your gas tank or poison your dog or something. The home defense rifle thread comes to mind here.
A load of bird shot put in the right place would discourage such a perp from ever trying this again, then again 18 years with "bubba" should also work. Have fun in the slammer.
User avatar
Scott S
Posts: 1937
Joined: Mon Nov 24, 2008 2:28 am
Location: building my position

Post by Scott S »

stives wrote:
epilnk wrote:You don't thwart a guy like this with superior technology. Because if he can't get into your wifi he's just going to pour sugar in your gas tank or poison your dog or something. The home defense rifle thread comes to mind here.
What does sugar in your gas tank do?
Not much, as it turns out: http://www.snopes.com/autos/grace/sugar.asp
"Old value investors never die, they just get their fix from rebalancing." -- vineviz
Grasshopper
Posts: 1209
Joined: Sat Oct 09, 2010 3:52 pm

Post by Grasshopper »

My wireless security; living 1/2 mile from anyone else, and 4 dogs. :lol:
User avatar
SSSS
Posts: 1914
Joined: Fri Jun 18, 2010 11:50 am

Post by SSSS »

Grasshopper wrote:My wireless security; living 1/2 mile from anyone else, and 4 dogs. :lol:
Should be safe unless the attacker is rich enough to afford a can of Pringles.

http://en.wikipedia.org/wiki/Cantenna
http://www.turnpoint.net/wireless/has.html
http://www.makeuseof.com/tag/how-to-mak ... es-can-nb/
Grasshopper
Posts: 1209
Joined: Sat Oct 09, 2010 3:52 pm

Post by Grasshopper »

Thanks now I have something else to worry about.

SSSS wrote:
Grasshopper wrote:My wireless security; living 1/2 mile from anyone else, and 4 dogs. :lol:
Should be safe unless the attacker is rich enough to afford a can of Pringles.

http://en.wikipedia.org/wiki/Cantenna
http://www.turnpoint.net/wireless/has.html
http://www.makeuseof.com/tag/how-to-mak ... es-can-nb/
:cry: :cry:
User avatar
archbish99
Posts: 1649
Joined: Fri Jun 10, 2011 6:02 pm

SSID Broadcasting

Post by archbish99 »

Most of the posts here are spot-on -- WPA2 with a reasonable-strength key is more than sufficient. Just remember that technology exists to block a specific attack; keeping him from getting on your Wi-Fi doesn't stop other nefarious actions if you actually did wind up with the "neighbor from hell." The processing power required to crack WPA2 is prohibitive for the foreseeable future; far easier to break into your house, steal a laptop, and crack your password. :)

However, I have to push back on disabling SSID broadcast. There's no security advantage in that, because you still disclose the name of your network anytime one of your devices connects to it. Your SSID is not a password, so don't try to use it as one. It's not protected in the 802.11 protocols, it's just an identifier and nothing more.

See http://www.howtogeek.com/howto/28653/de ... re-secure/ for a good overview.
Post Reply