# Ok, so everything is possible? changing MAC,detecting my WEP

## Coume

Hello,

Ok I'm starting to wonder one thing, what is it really possible to do!

I started to get interested into security thingie after buying a home wifi router to secure it... and now, I'm really lost in all what I read!

1) So is it possible really to change a MAC address? but will it be permanent or not??

I found several pages saying that someone could copy my MAC address and set his PCMCIA card for instance to get displayed with the same MAC, easying its intrusing...

So I tried that out...

I wrote down my wifi card MAC and used my friend one to try intrusing my home network with his card faking my MAC... I tried MACCHANGER but I always get the same error:

 *Quote:*   

> ERROR: Can't change MAC: interface up or not permission: Device or resource busy

 

I know I'm far from being an hacker so i must not do stuff the way they do, but I start to wonder if people stealing your MAC to enter your network is a Myth or a reality!

2) Then I installed kismet... and there I have been scared! My router is hidden, I mean does not send his name... but kismet discovered immediately my network (but not its name) and its channel, and config... 

and it wrote that it has a WEP key security!

But if they can see that, CAN THEY FIND OUT MY KEY?????? Cos' if they can I have to start changing it regularly... but if they can, is it only available to the REAL hackers or kind of anyone downloading the right tool, could find it out?

Thanks in advance for your thoughts

/me a bit puzzled after reading too much about wifi  :Sad: 

----------

## GBob

Recent articles said 8 minutes for the FBI to crack a wep key.  Move to wpa for security, and change it every so often.

----------

## Coume

 *GBob wrote:*   

> Recent articles said 8 minutes for the FBI to crack a wep key.  Move to wpa for security, and change it every so often.

 

Yeah but they are the FBI  :Smile:  I mean a normal geek could not, could he?

----------

## idefix

Hi,

I think you will be able to change your MAC address with the ifconfig command.

```

ifconfig ethx down

ifconfig ethx hw ether xx:xx:xx:xx:xx:xx

ifconfig ethx up

```

bye

----------

## Voorhees51

 *Coume wrote:*   

>  *GBob wrote:*   Recent articles said 8 minutes for the FBI to crack a wep key.  Move to wpa for security, and change it every so often. 
> 
> Yeah but they are the FBI  I mean a normal geek could not, could he?

 

yes a normal geek can crack a WEP key.  Take a look in the net-wireless section of Portage, there are tools there to crack it.

  wepattck, aircrack and others.

----------

## jonnevers

 *Coume wrote:*   

> 
> 
> Yeah but they are the FBI  I mean a normal geek could not, could he?

 

if i recall correctly it only takes about a million or so WEP encrypted wifi packets to determine what the key is. SO basically anybody with any sort of laptop that has a wifi card can break into any WEP only encrypted wifi network. You don't even need a notebook, use a PDA with 802.11 support to capture the packet. Remember that strange man just standing outside your house claiming to be waiting or his ride... there was a capturing device in his pocket...  :Smile: 

so the suggestion is to move to WPA. buy new hardware... heh, not really a great solution.

If you want a truly secure wifi link, a VPN tunnel should be utilized. IPsec is a good way to *easily* establish a VPN tunnel between your server and your notebook. Easiy is figurative in this sense.

-Jon

----------

## Coume

ok, so let's try to hack my wep key  :Smile:  lol I will let kismet running all night long and see if it gets the wep key or not...

Btw, as soon as I started kismet_server, I got this warning:

 *Quote:*   

> ALERT Fri Apr 29 20:17:46 2005 Suspicious client 00:0E:35:A7:F1:72 - probing networks but never participating.
> 
> ALERT Fri Apr 29 20:17:46 2005 Suspicious client 00:0E:35:A7:F1:72 - probing networks but never participating.
> 
> 

 

Which is not my MAC address, does that mean that someone is trying to hack me?

----------

## Coume

 *jonnevers wrote:*   

>  *Coume wrote:*   
> 
> Yeah but they are the FBI  I mean a normal geek could not, could he? 
> 
> if i recall correctly it only takes about a million or so WEP encrypted wifi packets to determine what the key is. SO basically anybody with any sort of laptop that has a wifi card can break into any WEP only encrypted wifi network. You don't even need a notebook, use a PDA with 802.11 support to capture the packet. Remember that strange man just standing outside your house claiming to be waiting or his ride... there was a capturing device in his pocket... 
> ...

 

Yep but if they need a million encrypted packets... it will take ages for them to get them??? I tried to run kismet for 10min it did not get a single encrypted one...

And when you are a user being scanned, you must notice it, don't you? A tool like kismet have to create a traffic on the router, so it will get discovered that you are trying to hack it... or did I misunderstood how it works??

----------

## GBob

Passive scanning.  You don't have to participate, just listen to capture packets.  Oh and consider, with a completely full packet each time using windows xp sp 2 (I just happen to know the buffer size for a packet is 8k) it would take only 7.6 gigs till someone had your key.  However, most of the time the packet isn't completely packed, so just based on these numbers I'd say after about 6 hours or so, your key could be decrypted.

Also, I'm sure someone will correct me if I'm wrong but I believe that all your packets should be encrypted, otherwise people could just follow you browsing activity in real time.

----------

## Coume

 *GBob wrote:*   

> Passive scanning.  You don't have to participate, just listen to capture packets.  Oh and consider, with a completely full packet each time using windows xp sp 2 (I just happen to know the buffer size for a packet is 8k) it would take only 7.6 gigs till someone had your key.  However, most of the time the packet isn't completely packed, so just based on these numbers I'd say after about 6 hours or so, your key could be decrypted.

 

So when it's passive, you cannot know that you are being recorded?? So someone can spy on you and you would not know it??

7.6Gb ??? I never thought that much packets were needed...

GOSH, I can't even try to hack myself with my 1.4Gb free on my HDD :/

so, now it's time to trying using WPA... It seems that my router is compatible!

----------

## GBob

Like I said, given that you needed 1 million packets, that's how the math works out.  Now I suspect that 1 million is on the high side, given the FBI can get in in under 8 minutes.

Now, I'm going to let you in on a secret, for most people if you have any password they will just continue on to a neighbor who has an open network.  I mean it isn't worth sitting there waiting to hack in when there's plenty of open networks.  There are to notable exceptions to this rule, the first is physical location.  If your neighbor is trying to get free internet from you, location will be more important.  Second if you have something specific that someone wants, then they'll spend the time.  So don't name it "My personal porn archive" and you should be good for the most part.

----------

## xces

Goume, you should really read the articles WEP: Dead Again, Part 1 and 

WEP: Dead Again, Part 2. They will at least give you an idea of what is possible nowadays with a laptop and a little spare time.  :Wink: 

----------

## r420r

i got same problem

#macchanger -r eth0

ERROR: Can't change MAC: interface up or not permission: Device or resource busy

i think that is about  hardware prob (when i change my mac address i cant connect to internet..) because i got another computer it is working ...

----------

## johnydoe

did you do a 

```
ifconfig eth0 down
```

 :Question: 

----------

## r420r

 *johnydoe wrote:*   

> did you do a 
> 
> ```
> ifconfig eth0 down
> ```
> ...

 

yeah i was try that it is working , i should change my mac address but i lose my internet connect when i change my mac address...

----------

