{"id":1871,"date":"2020-02-23T01:13:11","date_gmt":"2020-02-23T01:43:11","guid":{"rendered":"https:\/\/ultering.com\/it4us\/?p=1871"},"modified":"2020-08-30T16:10:01","modified_gmt":"2020-08-30T16:40:01","slug":"do-you-use-wi-fi-stick-with-this-tip-to-avoit-intrusion-attack","status":"publish","type":"post","link":"https:\/\/ultering.com\/it4us\/?p=1871","title":{"rendered":"SECURITY: DO YOU USE WI-FI? STICK WITH THIS TIP TO AVOIT INTRUSION ATTACK"},"content":{"rendered":"

I describe a scenario when this kind of attack happens, supplying a few technical details and a solution that will help you to be protected avoiding that an attack like this comes to be successful.<\/p>\n

Attacks always happen. This is a rule of thumb.
\nThe golden key is to avoid them or make them ineffective, and if possible, given some extra duty for those who live by stealing your privacy.<\/p>\n

This article was written to attend most people, no matter the technical knowledge they may have and for this reason, contains extra details.
\nAfter all, security is for all.<\/p>\n

SCENARIO – ATTACK PRE-CONDITIONS
\n<\/strong><\/h2>\n

You are working on your notebook connected to the modem using an RJ-45 cable to access the Internet plugged straight to the router.<\/p>\n

See figure.<\/p>\n

 <\/p>\n

 <\/p>\n

 <\/p>\n

 <\/p>\n

The cable connecting to the  notebook (or desktop)<\/p>\n

Notice that you may have another cable connecting to a local network, or not, or whatever. It doesn’t matter.
\nThe key to our scenario is that the Internet connection is via cable and not Wi-Fi.<\/p>\n

If you have this, you get on the Windows taskbar the icon shown by the red arrow:<\/p>\n

If your connection is using the Wi-Fi, the icon is different, something like this:<\/p>\n

When you click on the network icon (red arrow), you get the following:<\/p>\n

Notice that Wi-Fi is turned off, instead, the cable connection is on.<\/p>\n

<\/span>THE ATTACK<\/span><\/h2>\n

The Internet connection starts to fail and stops.
\nWithout connection, if you are desperate, you try to connect via Wi-Fi.
\nThis is exactly the point when the attack begins.<\/p>\n

The Wi-Fi connection protocol sends your password at the handshake when it becomes vulnerable to be sniffed by the attacker.
\nIt is exactly what the intruder wants you to do – switching from cable to Wi-Fi it is possible to get your password and from that point on your privacy has gone.<\/p>\n

This YouTube video shows how a password is obtained during the handshake.<\/p>\n

Hacking Into WPA and WPA2 Wireless Networks<\/em><\/a><\/p>\n

There is also a good summary of complementary information here: “How to Hack WiFi (Wireless) Network<\/a>“.<\/p>\n

The key to this attack is to force you to go on Wi-Fi but this is only possible if the intruder has the means to provide this situation that depends on the flaws of the router model.
\nOlder routers are more vulnerable, like for instance D-Link DWR-922, although excellent device, but the years have come to it…<\/p>\n

During this attack, the cable connection is constantly put down.
\nAfter the attack is over, the device will get back to work as usual.<\/p>\n

The intruder must be near you, or at least the devices that is handled during the attack remotely.<\/p>\n

There are tools that warn you when suspect action is being taken on your connection and also identify from where it comes.<\/p>\n

Lenovo offers this feature embedded on its recent machines. The figure below shows the “Threat locator” in action.<\/p>\n

<\/span>HOW TO PROTECT YOURSELF<\/span><\/h2>\n

 <\/p>\n

1. Golden rule:
\nAvoid Wi-Fi connection for sensitive information.
\n<\/strong>Better using cable connection to the router that avoids handshake and makes it possible to detect when the thing goes wrong.<\/strong><\/p>\n

Use Wi-Fi for non-sensitive information, like watching movies, etc.<\/p>\n

2. Use a smartphone for financial procedures (bank operations), but be aware of the next advice.<\/strong><\/p>\n

3. Make sure that your smartphone is secure.<\/strong>
\nSmartphones are strict personal devices.
\nNever, ever, borrow it to someone.<\/p>\n

3b. Install good security applications.
\n<\/strong>It is required a good antivirus, firewall e a VPN service.<\/strong><\/span><\/p>\n

What is a VPN?<\/strong>
\nVPN avoids network exposure.<\/p>\n

4. Use strong passwords.<\/strong>
\nIn this kind of attack, the password strength doesn’t help.
\nSo, strong passwords are useless?
\nThe answer is NO<\/strong>.
\nThey are required to protect you against other kinds of attacks.<\/p>\n

<\/span>HOW TO HANDLE THIS ATTACK<\/span><\/h2>\n

Just turn off the router.
\nIf you have a second, switch to the other, otherwise, you may use your smartphone to provide a temporary connection through the “Tethering” feature until you provide a new router.<\/p>\n

When the attack is gone, the device returns to work on cable, but the intruder may return a new attack bothering you.<\/p>\n

 <\/p>\n

 <\/p>\n\n

<\/div>","protected":false},"excerpt":{"rendered":"

I describe a scenario when this kind of attack happens, supplying a few technical details and a solution that will help you to be protected avoiding that an attack like this comes to be successful. Attacks always happen. This is a rule of thumb. The golden key is to avoid them or make them ineffective, … Read More “SECURITY: DO YOU USE WI-FI? STICK WITH THIS TIP TO AVOIT INTRUSION ATTACK”<\/span> »<\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_bbp_topic_count":0,"_bbp_reply_count":0,"_bbp_total_topic_count":0,"_bbp_total_reply_count":0,"_bbp_voice_count":0,"_bbp_anonymous_reply_count":0,"_bbp_topic_count_hidden":0,"_bbp_reply_count_hidden":0,"_bbp_forum_subforum_count":0,"footnotes":""},"categories":[89,100],"tags":[],"class_list":["post-1871","post","type-post","status-publish","format-standard","hentry","category-network","category-security"],"_links":{"self":[{"href":"https:\/\/ultering.com\/it4us\/index.php?rest_route=\/wp\/v2\/posts\/1871","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ultering.com\/it4us\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ultering.com\/it4us\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ultering.com\/it4us\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/ultering.com\/it4us\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1871"}],"version-history":[{"count":6,"href":"https:\/\/ultering.com\/it4us\/index.php?rest_route=\/wp\/v2\/posts\/1871\/revisions"}],"predecessor-version":[{"id":4163,"href":"https:\/\/ultering.com\/it4us\/index.php?rest_route=\/wp\/v2\/posts\/1871\/revisions\/4163"}],"wp:attachment":[{"href":"https:\/\/ultering.com\/it4us\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1871"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ultering.com\/it4us\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1871"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ultering.com\/it4us\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1871"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}