Serious WEP cracking question.

[GiverOfNothing]

This question isn't about HOW to crack wep, god knows theres enough HOWTO's out there. My question is what do you do once you have the key.

I have an EEE Pc and I installed BT3 on an sd card. After messing around with it for a while and getting wifi working, I figured I would try and crack my WEP. After about 2 days of trying different HOWTO's I finally cracked it. I call my techie neighbor over to show him. He asked me a really good question. "Now What? My router logs all incoming and out going IP address." He's right mine does that to. For instance I know alot of people that have there very own website set as there homepage. Which is easily track able back to the person. Thats just an example.

Now for my question. Is there a way to connect to an access point and be completely hidden from the logging software built in to most routers. Is there anyway to disguise the info leaving my computer? I know i can change my mac address. What else can i do to remain anonymous?

[merlin051]

this sounds dubious but here goes...

you could use hydra to log into your AP and clear the logs perhaps? hell even turn logging off once your in there.

erm, dont set your personel website as your homepage would be a good start...

Why do these type of questions always contain somones 'friend' or 'neighbour'?

What model and make is your AP?

[GiverOfNothing]

It does sound dubious now that i re-read what i posted. I have some REAL serious concerns seeing as how easy it was to crack my WEP key. It only took around 90 seconds! Im afraid that if its that easy for me with no "Real" hacking abilitys. How much easier is it for the kid down the street that everyone takes there computers to to be fixed.

I guess i should reword my last paragraph. Im not really interested in how to do it, but what should I watch for or are there ways to protect myself from this.

Judgeing from merlin051's post

Code:

you could use hydra to log into your AP and clear the logs perhaps? hell even turn logging off once your in there.

It's just as easy as I feared. My router is an old NetworkAnyWhere router. I believe there made by linksys. But how safe is setting up encryption. It seems WEP/WAP/WAP2 have all been cracked.

[Dark Ragnarok]

The idea of security isn't to keep everyone out but to keep bad people out. Namely script kiddies and thieves. Most dubious crackers and kiddies will opt out for the easiest network to crack. So if anything you should just make security tougher. If I were you I'd at least change security to WPA and make it about 10 digits long with at least one capital character, one symbol, and a number. Also the next best thing to do is set mac filtering to only allow certain macs in. If you do that it makes using the network at least very tough even if they spoof yours. The tougher your security the least likely it'll mishandled by nimwits. You sound like a home user. Most people who are malicious are looking for easy targets who also have something to lose. You probably have something others may want but it's better to make a malicious person go after an easier target.

[GiverOfNothing]

Sounds like great advice. My router is to old to do WAP. I think its time to by a new one. Would a home built linux router with shorewall or something be bettery than a store bought router, or maybe set it up as a gateway between the modem and router so I can have better logs and tighter control. Ive been using linux for years so settng it up would be easy. I just dont know diddly about networking or security in general.

[Barry]

#1 Don't use wep! As you now know, wep is ridiculously easy to break.
#2 Use wpa, for a home user, use wpa with a radius server for a business. Also if it's a business keep the wifi on a separate network from the wired. Let them vpn in if they need wireless and access to the file servers or whatnot.
#3 For home wpa, use "good" passwords. Mixed upper, lower, numbers, and symbols. Go for the longest password you think is reasonable. I'm pretty sure the longest you can go is 63 characters. Mine is that long and I keep it on my usb thumb drive and cut and paste it in.

[Thorn]

Also, don't rely on the built-in log on a router. Forward that log to a machine running syslog.

[Dark Ragnarok]

#1 Don't use wep! As you now know, wep is ridiculously easy to break.
#2 Use wpa, for a home user, use wpa with a radius server for a business. Also if it's a business keep the wifi on a separate network from the wired. Let them vpn in if they need wireless and access to the file servers or whatnot.
#3 For home wpa, use "good" passwords. Mixed upper, lower, numbers, and symbols. Go for the longest password you think is reasonable. I'm pretty sure the longest you can go is 63 characters. Mine is that long and I keep it on my usb thumb drive and cut and paste it in.

What I would do is use a root password, hex it, then rehex that, then 1337 it and do it as you said.

[karabaja4]

correct me if i'm wrong, but wpa(2) passwords like "$&712đš/!$@{*Asćłł27" are IMPOSSIBLE to break, at least in reasonable amount of time. everyting else is crackable.

so why use anything except wpa2 with a complicated password?

[Barry]

What I would do is use a root password, hex it, then rehex that, then 1337 it and do it as you said.

My root password is root. That wouldn't be very good now would it?