On 04/01/2018 11:18, Chris Green wrote:
> Kiwi User  wrote:
>> On Thu, 04 Jan 2018 05:23:43 +0000, The Natural Philosopher wrote:
>>
>>> The whole world?
>>>
>>> That would be me and just who?
>>>
>>> No one else is on the network
>>>
>> This may be teaching grandma to suck eggs, but... are you sure - IOW do
>> you know that your external LAN interface is secure? Have you tested it?
>>
> What do you mean by 'external LAN interface'?  His (and my) LAN is on
> a private IP range and is mostly wired and within the house.  There is
> WiFi but I doubt if it reaches anyone else's house and you can't stop
> in the lane outside without causing an obstruction (and lots of dog
> barking).

You would be surprised about how far it extends. The range of your WiFi
depends on your equipment and that used by the second party, with some
very simple hardware it is easy to build an antenna with sufficient gain
to boost the signal out to a mile or more. While unlikely that some
hacker with QRP (reduced power) skills would be within a mile or two of
your house it is possible. I have used a simple cantenna to boost wifi
across a field of just over a mile to get a poor but useable signal.

2.4GHz wifi band routers output about 100mW, one of the current QRP ham
radio records is about 1500 miles on a microwatt, not a quality data
signal by any means but a very low bandwidth signal that was detectable.
With a directional antenna a hacker could sit in a car a hundred yards
or so away and easily pick up your router or a neighbour could. Finding
a way in through open ports is possible then but brute forcing the key
may be a better option.

I live in the UK and use Sky as my provider. Their routers use WPA
encryption which has an ASCII key between 8 and 63 characters long.
Sky chose 8 characters for simplicity which, if you use the full
printable ASCII set, has about 100 Billion combinations. At 10 seconds
per key that amounts to an average of about 15 thousand years to crack
by brute forcing so fairly secure.
Sky however, for customer simplicity and convenience over security, only
uses upper case letters in their passwords so that 95 possible
characters drops to 26 and brute forcing is possible in an average of 3
months.

You have to be very determined to crack an average user's wifi and even
more determined to do so at a distance but it is possible. Also bear in
mind that many small businesses use standard routers for the broadband
so hacking a shop to steal banking information is possibly more
lucrative. I brute forced a sky password in just over a month just for
fun with an old Pi1. It was an spare router of my own BTW before someone
quotes the computer misuse act. The simplest way to crack a neighbour's
wifi is just to visit them and sneak a peek at the back of their router,
it saves weeks of fiddling about.

Andy

--- SoupGate-Win32 v1.05