Uncreative Labs

Joined: 10 May 2008 Posts: 62

Hi guys. Its been a while since I have posted but this is the latest project I'd like to work on.

First a little back story. In October of last year I had acquired a netbook computer that utilizes wifi. It was the first wifi device I had used on my home network in about two years. Before I had this device I merely had the wireless feature of my router turned off.

I have Verison D$L. They gave me an Actiontec GT704WG Rev. B router to go with the service. I setup security on this thing. MAC Filtering, Hide SSID, Use WPA2 encryption with a strong passphrase. After several days. I notice my netbook is unable to find or connect to the AP. I check the router it is on and the wifi light is lit indicating wifi is active.

So I login to the router from my desktop only to find out my id and password doesn't work on it. I do a hard reset of the router/AP and then log in. I setup my information and security stuff like before but different passphrase. After a day, I notice the same problem. I look at the list of APs on my netbook that runs Windows 7 starter and my AP is there but labeled the default name. I log into the router from a desktop hard wired ethernet to the thing and everything is set to default as if it was reset.

I call Vz. They tell me that it is more than likely someone in the neighborhood doing this to me. But they can't support or offer any advice other than go to BB and talk to the GS (I'm editing out the words because of the spam filter, I don't want to be a target for banning). So basically I have a piece of equipment from Verizon, they refuse to support, because they can't preclude the possibility that it is some virus or something on one of my PCs. Mad

So after this ordeal I turn the wireless on my router off. Then something bad happens. I get an anonymous prank call from some dude the same evening telling me that "I'm going to get you.. you #$#$@#". I hang up on him. The guy calls again the next day but uses a text to landline feature from sprint wireless and tells me it is the guy who called the previous evening. At this point, I get angry. So I call the local law enforcement and fiile a repot. I tell them about the hackery, the threating phone calls, and the numbers those calls came up on the caller ID. The officer I speak with over the phone issues a report and gives me a report number and they say they will investigate.

So ever since, I have had wireless 802.11 services disabled on my router/AP. Fortunately at the time, I don't have anything that really requires it but in the future I might acquire a device or two that wifi will come in handy.

Which brings me to this point...

I have an old "single-core" 900Mhz Celeron tower lying around and would like to put it to good use. I was thinking maybe I should load Linux or something on it along with some sort of network security software (I don't know of any or how to configure but given good documentation I could learn it). Would it be worth turning into some sort of firewall or Wireless Intrusion Prevention / Detection System?

Right now I'm low on money and I really don't feel like going out to buy a new router. I tried three different wireless routers, my Actiontec, TrendNet, and Linksys. .. They all get hacked. Someone in my neighborhood or nearby is toying around with me and I don't like it.

Any suggestions would be appreciated.

Joined: 27 Feb 2012 Posts: 6 Location: Coalmont BC

You don't say how much ram the machine has. That will determine what you can run. The speed only determines how fast it will run. Smile

Anyway, if you have 512 MB disk space and at least 64 MB RAM you can run IPCop. It will run on a 486 or greater and the speed is not at all important because you will be using it as a router which is not very demanding. IPCop comes on a CD and is really easy to install. It is a Linux based setup made just to be a firewall and router. It will even automatically dial a modem upon access, if you want (or need) to use PPP. I used it for a while like that. Although it is specifically a firewall, it also has a setup for 3 separate lan outputs. Just plug in the extra NICs. You can get it here: http://www.ipcop.org/

Don't worry about knowing anything about Linux or not. It has an installer that's quick, and just walks you through it. After it's set up you just unplug the screen and keyboard, but remember to first set the BIOS to not halt on errors. Smile

Joined: 10 May 2008 Posts: 62

Ole Juul wrote:

You don't say how much ram the machine has. That will determine what you can run. The speed only determines how fast it will run.

Dude.. I'm well aware of that.

As I plan to tailor the machine to the software I didn't really think it necessary to mention every little detail of the machine. If the machine requires more RAM, I will add it. If the machine isn't fast enough I will go with another machine.

Old Juul wrote:

Anyway, if you have 512 MB disk space and at least 64 MB RAM you can run IPCop. It will run on a 486 or greater and the speed is not at all important because you will be using it as a router which is not very demanding. IPCop comes on a CD and is really easy to install. It is a Linux based setup made just to be a firewall and router. It will even automatically dial a modem upon access, if you want (or need) to use PPP. I used it for a while like that. Although it is specifically a firewall, it also has a setup for 3 separate lan outputs. Just plug in the extra NICs. You can get it here: http://www.ipcop.org/

IPCop would run very comfortably on the machine I have. However after looking at the features of the software it appears to be just a run of the mill firewall system. IPCop might come in handy at some point but it may not do exactly what I need it to do. I have a firewall enabled on the router itself but that only protects against WAN intrusions.

What I'm looking for something that will protect my wireless signal from an intruder gaining entry via the wireless signal. This is the vector of attack they are using, not the Internet. The person doing this to me is in my neighborhood.

Old Juul wrote:

Don't worry about knowing anything about Linux or not. It has an installer that's quick, and just walks you through it. After it's set up you just unplug the screen and keyboard, but remember to first set the BIOS to not halt on errors. Smile

I have no problem whatsoever working with Linux or configuring BIOS. I have been doing stuff like that since I was a teen. Its people with know how that are attacking my home network. I have to know how they are doing it and what vulnerability my infrastructure has so I can take the appropriate steps to protect myself.

Joined: 27 Feb 2012 Posts: 6 Location: Coalmont BC

dw wrote:

Any suggestions would be appreciated.

I take it you were kidding about that. Smile

Joined: 10 May 2008 Posts: 62

No. It's just that I don't appreciate it when people, especially new people, treat me like I'm retarded or something. Of course you have a weird foreign name and you are from Canada. That's probably why so I won't hold it against you. You are okay with me. Cool

Posted: Wed Feb 29, 2012 7:13 am

Have you tried whitelisting MAC addresses? While they can be spoofed, only allowing specific NICs to connect would seem to reduce your surface area of attack greatly.

Joined: 10 May 2008 Posts: 62

Yes. I forgot to mention that I did have MAC filtering enabled with my wireless devices on the whitelist. This still didn't have any effect because my router would just be reset to default settings with MAC filtering disabled. Its like no matter what security measures I would enable on the router, somehow the router would be reset back to default settings, wide open for anyone to connect and use.

Posted: Thu Mar 01, 2012 4:24 am

I had a Linksys that lost settings for a while. It was after I had installed the DD-WRT firmware, and it would reset whenever power was lost. Restoring the Linksys firmware and then later going back to DD-WRT seems to have solved that problem.

(Btw, you've got enough posts the spam words mod should shut off. I think the limit is 10.)

Joined: 03 Feb 2006 Posts: 488 Location: pennsylvanai

I cannot see an adult doing this to you'and how in heck did they get your phone number?
possibly someone is walking around with a wi-fi enables laptop
and using it a radio direction finder of a 'lost transmitter hunt"

this borders on crinal or theft of seriices.
I think you ISP would or should be alerted.
if it is DSL -0 verizon- they possibly would not care
but if it is a local company that will care .
and see if they are ripping off any other services from them.
try to keep out of the back and forth.
advise the internet provider that you were threatened.

Joined: 10 May 2008 Posts: 62

wdegroot wrote:

I cannot see an adult doing this to you'and how in heck did they get your phone number?
possibly someone is walking around with a wi-fi enables laptop
and using it a radio direction finder of a 'lost transmitter hunt"

this borders on crinal or theft of seriices.
I think you ISP would or should be alerted.
if it is DSL -0 verizon- they possibly would not care
but if it is a local company that will care .
and see if they are ripping off any other services from them.
try to keep out of the back and forth.
advise the internet provider that you were threatened.

It is Verizon service. They don't care. Their tech support wouldn't help me at all. They told me that I'd have to go hire the GeekQuad and call the cops. Then they told me just to turn off the router when not in use. I really dislike verizon and as soon as my contract ends with them I will be taking my business elsewhere.

It is theft of services, unauthorized access to computer system and probably a few other things. Plus communicating a threat. The person who said he would get me sound like he was a teenager or in his early 20s. I filed a report with the sherriff office (I live in the county, unincorporated).

After I filed a report with the sherriff and putting up a major stink with Verizon, they did offer to change my phone number free of charge. They sent me out a new router. But as I have tried three different routers and they all get hacked I seriously doubt a new verizon router (different model) will be helpful.