One night I noticed my tablet kept getting disconnected from my WiFi. I didn't think a whole lot of it, because it's kinda a POS and just figured it was being the POS that it is. Then the next night, I noticed my chromecast kept getting disconnected. This annoyed the hell out of me because I couldn't watch netflix. Then, another night a 3rd device kept getting disconnected.
This looks to me like some ass hole is trying to capture my WPA handshakes to try to find my password. ...and I just so happened to have new neighbors move in less than 2 weeks ago. fukin ass holes. I'm confident they won't find my password, because I changed it so it's all random characters (no words at all); 63 characters long and all unique characters.
I do however, want to stop them from disrupting me watching netflix and other communications. I suppose there isn't much I can do to prevent this nonsense other than using wired networking?
>This looks to me like some ass hole is trying to capture my WPA handshakes to try to find my password.
Are you just assuming this or did you actually see deauthentication requests?
Wyatt Butler
I'm assuming it. Because one device keeps disconnecting for a few hours, then it's fine. Then a different device keeps disconnecting for a few hours, and then it's fine. Rinse, repeat.
Logan Hall
>How to defend from deauthorization attacks? How did you know that is deauth packets? Maybe it's just the radio from your router. Open Wireshark and/or airodump-ng and make a .cap and upload to us analyze.
Carter Reyes
Also, some of the devices are 2.4 Ghz, and others on 5 Ghz. When one device continuously disconnects, others work fine, even devices on the same spectrum, so it's not interference from a microwave or something.
David Rodriguez
It's not happening at this very moment, and hasn't for a few days (that I've noticed). I mostly want to know if there's a way to defend against this for future use.
Angel Cook
Stop broadcasting your SSID and change the name, make sure that only authorised MAC addresses can connect to the network.
Jonathan Adams
As others have said, sniff for deauth packets, of you have proof you can either go over to them and ask them to stop or report them to the police, since this is illegal.
there's not really a way to stop it without rewriting your wi-fi firmware to ignore deauths
Jason Wilson
That won't stop a deauthorization attack.
>rewriting your wi-fi firmware That's what I thought
John Parker
i mean just mac blacklist him. it's right there. that may stop it for a little while.
Xavier Lopez
You can defend yourself by setting a honeypot with the same BSSID but with different security and channel e.g.: Your router is: 00:00:00:00:00:01 with WPA2 AES channel 2, and your honeypot is 00:00:00:00:00:01 with WEP security channel 1.
Juan Brooks
He can just spoof the AP with a white listed address
Dominic Perez
Go cut the power to their apartment or something.
And change the password at least once every 24 hours, yes it's a pain in the ass but do it - and make sure the Admin account on the router has been renamed to something else, the connection port is altered, and the admin password is obviously something pretty secure.
Even in spite of all this if someone really wants to get in and they're already using deauth attacks sooner or later they will because you're going to miss something.
Nothing is secure anymore, hasn't been for a really long time.
Andrew Moore
Pointless as the lack of traffic on the honeypot SSID will probably tip the attacker off. Granted if the attacker is only deauthing 1 device at a time, rather than all in range, they're either shit or thinking they're being sneaky.
Gavin James
Altrough, this could interfere in your WiFi. :^)
Christopher Campbell
It would probably be a good idea to log some of this traffic, possibly turn off the device being attacked, then try to locate the attacker by walking around and finding where the signal strength is the strongest.
Christopher Sanchez
This literally does nothing. A person can find your hidden network, determine the MAC address of any connected devices, perform a deauth, and then connect using a spoofed MAC address stolen from one of the connected devices.
Josiah Young
Let them into your network then fuck them in the ass
Nicholas Myers
Change your SSD to:" Asshole from unit X, quit your shit"
Leo Allen
Create a honeypot with internet access just for them and mitm it. Steal their logins and backdoor everything they download.
Levi Clark
Rollin forn this
Michael Lewis
>OP has cheap neckbeard asshole neighbourhg that can open aircrack >you assume he is full on master hacker NSA badass navy seal >mfw reading some of the advice here
OP, change the SSID of your network to something like "itsuckstobepoorandnotknowshitaboutaircrack" and let it rage for a while.
Ethan Young
yeah, take a crowbar and trash their home infront of them betcha they wont be able to fuck with your wifi anymore since you probably will be kicked out and in prison
Cameron Price
Even though they likely simply want to do the same thing I do with the internet (watch youtube, netflix and check email/bank account, etc), but on some one else's dime, I'm not risking it. I mean, after all, they appear to be actively attacking my network over a $55 per month subscription, which happens to be a felony in the US, btw. Who the fuck risks felony charges over $55??? Considering this, who knows wtf else they're capable of or willing to do. Maybe they want to send threatening letters to Obama or Trump from my account; I don't know nor care what their intention is. They're not doing it on my watch, and it's just pissing me off that they're interfering with me watching Netflix.
haha that'd be pretty funny. Unfortunately I see that going down one of two ways... Hopefully it'll get them to knock this shit off... OR it'd make this personal to them. ...you know, giving something for the lunatic/psychopath to react to.
If it weren't for PKI (public key infrastructure) I'd totally do this. And I believe I'd be completely within my rights to do so, so much so as long as it's within my domain.
Ayden Perry
Switching to wired was the correct answer.
Adam Smith
Not really. WiFi isn't very secure, that's why someone outside your network can literally deauth you and kick you off your own network. WiFi security is kind of a joke.
Thomas Long
Yeah or change the SSID to e.g. "ChangesPasswordDaily" to discourage them trying to brute force a captured WPA2 handshake.
Alexander Perry
I successfully got through a WP2A network like 7-ish years ago.
>my apartment neighbors >deauth'd and captured a WPA2 handshake >time for dictionary attack >cracked it within 2 minutes >WiFi password was "aviation", which was at the beginning of the alphabetical dict list >felt like a god
Being a script kiddy is fun sometimes.
Jordan Adams
There's no way to hide a connected device in the connected devices list is there? On closed source firmware that is and then what about open?
Andrew Wilson
stop using wifi
Robert Nelson
>since this is illegal. [citation needed] You might be able to slide it as a DoS under CFAA, but local police either: 1. Won't have a clue what you're talking about, or 2. Won't give a shit because it's technically the FBI's job to van them
Adrian Myers
>netflix
Elijah Scott
Change SSID to 'PasswordisYou' Then change the password to faggot
Then change it a few days later to a 64 character WPA2 keyboard mash, stop broadcasting SSID and reduce the power output as much as you can while still having good coverage where you want it
Landon Edwards
it could be anything, wifi is shit, all bets are off when there's 20 APs overlapped in an apartment complex
Leo Anderson
> someone outside your network can literally deauth you and kick you off your own network. WiFi security is kind of a joke. That's kind of scary actually. If Wi-fi is this insecure, why is it so popular? That's actually quite concerning.
Nolan Miller
>If Wi-fi is this insecure, why is it so popular? Because it's nice and easy for normies.
Lucas Wilson
>Be me >Surrounded by kids going to one of the best technical colleges in the world >Lived here for 8 years, slowly learned to adapt and was even instructed on how to better secure things by a few who broke in to my network a couple of times. >Fast forward to today >Fucking kids flying drones with cameras looking in people's windows >ATMs and gas pumps around the area frequently have card skimmers on them >Kids challenging each other to figure out how to break into electronically locked cars. It's not uncommon to walk to your car and see some idiot standing next to it, then pretend they were just looking up something on the phone >I just want to watch porn and Netflix in peace >WPA 2 AES >Signal as low as possible >Authorized MACs only >20 word network password.
How fucked am I Sup Forums?
Elijah Ramirez
>And change the password at least once every 24 hours Won't do shit if OP has a strong password in the first place.
>If it weren't for PKI (public key infrastructure) I'd totally do this. Still do it. If they notice websites aren't secure anymore, they will stop using your wifi. If they don't notice it, you have fresh logins to pretty cool websites win-win
Carson Allen
get rid of all electronics
Dominic Anderson
buy some ethernet cords
Adam Kelly
Pls enlighten me, but isn't just one WPA handshake capture enough for bruteforcing? No point in disconnecting someone from his wifi network unless you want to annoy him. Probably your equipment is malfunctioning or something is interfering.
Jaxson Rogers
Hide and rename your current wifi network, filter with MAC.
Set up another router with the same SSID and MAC, and with a proxy that replaces all pictures with horse porn, and let him have this one.
Ryan Murphy
>Hide wifi network
Dominic Barnes
change your ssid to "iknowwhatyouredoing"
Kayden Ortiz
I think the only way to stop this is with custom firmware or you need to physically locate the mischief
Kevin Miller
AFAIK if you are SURE that this is going on they are doing something similar to a DDoS (i am not tech savvy i am a newfag i dont even have linux pls no bully).
But the thing about technology is that the smart guy always win. This isn't a deal about who can secure better vs a hacker, but who's smarter.
Overall the best and most secure way to deal with this is so either remove all electronics or get rid of your wi-fi permanently. However considering that you use shit like tablets and smart TVs that's not what you are likely to use. Having a small lan system with very small range routers might be a good idea.
If you cant stop them from getting into your area, get the area away from them.
Henry Bell
If HTTPS is this insecure, why is it so popular? That's actually quite a lot more concerning that Wi-Fi.
Adam Morris
That's better than nothing user, many people don't even know it's possible.
Matthew Wilson
is it?
Leo Price
HTTPS is pretty popular.
John Anderson
It's gonna slow him down. If it starts happening within a few hours of your changes then it's likely not deauth.
Ethan Jackson
leave em a note saying that if they try to bruteforce your wireless password again you'll call the police on them
Wyatt Stewart
I agree, but hiding wifi network from someone who is doing auth attack is a joke.
Blake Cook
It's not insecure, don't listen to the FUD here.
Go ahead, try to crack a WPA2 secured router, I'll be waiting a few hundreds years for you to do it.
Jacob Edwards
Who knows how he picks his next target? Could be from looking at the list of available networks on his Windows 10 computer.
Logan Allen
change ssid to "StopDeathAttackOrICallThePoliceOnYou" or "IhaveAstrongpasswordStopTrying" is your best bet. Or just grow some spine and knock on their door.
Jonathan Wilson
that's a reliability issue, not a security issue WPA2 is as secure as your password. dictionary attacks certainly work against weaker passwords
Tyler Martin
if you have no idea about technology, why try to give advice when there's plenty of people who actually know what they're doing around?
Henry Barnes
If your password is in a dictionary, WPA2 doesn't matter.
Logan Evans
B-but Applel says that wireless is the future. T-they know best don't they?
Jacob Lewis
You send a request to an authority to verify that you're not Hackerman Hackson.
Now, it costs $50 000 dollars to be allowed to say that. This puts this sort of thing way out of reach of three letter agencies as they would never spend that amount to be able to MITM everything on the fucking planet.
Nathaniel Peterson
>the entire world is america
Joseph Clark
So replace the names with what ever the agencies are called in your stupid country.
John Adams
Set up a vpn server on your router, so you will need to connect to it first to access the internet.
Noah Wilson
Don't do this. Some other router will use the same channel and wifi will be fucking bad.
Austin Morgan
So what? An attacker still can take your network down
Andrew Thompson
Dude, from my experience, he is not trying to deauth to capture your 4-handshake of the WPA, becouse the deauth will be me Minimum and happen for milliseconds that won't disturb your video watching or browsing.
However, what I think he is doing is deauth on purpose, using a tool like "mdk3" to kick your devices from your router and/or flooding the packets to cause clients to reset. And usually they go on this method becouse they didn't break into your WiFi (as you said, it is hard to break)
How to defend, well, unfortunately not with your home equipments, on enterprise, it is very easy to do so.
So my best advise for you, give him the password.
Jacob Gutierrez
How wil that stop deauth?
Connor Davis
It will stop unauthorized logins, otherwise use cable.
Daniel Morgan
So it wont solve OPs problem.
Adam Kelly
Of course they do, why else would their stuff be so expensive?
Nolan Ross
My router kinda sucks in this area. It only shows currently connected MACs (I can't find a log if it exists). Fortunately the DHCP server keeps logs of which MAC has which IP, as long as the lease is valid, so I can go by that. Otherwise if they statically set an IP then I can only see them if they're currently connected.
>Still do it. Haha maybe I should >: ]
It's been a long ass time since I messed with this wifi cracking stuff, but when I did it to my own network, it often disconnected the device for a short moment. It happened so fast, the device didn't show any time it was actually disconnected, just a pop-up or whatever showing "now connected to network". I don't remember what I did to get this done; I'm pretty sure I sent a lot of the requests like the pic in 1st post.
>small range routers I suppose it wouldn't hurt to turn down the power a little bit.
I ultimately want prevent future disruptions from future deauth attacks. I'm confident they won't find my password for centuries (I used a damn good password)
>will be me Minimum and happen for milliseconds that won't disturb your video watching or browsing. So he's a script kiddie or just being a dick?
>on enterprise, it is very easy to do so. I've been wanting to get enterprise/business grade equipment because why not. Actually, I want to learn on a non-production network and I like high-end things. Anything on ebay you suggest?
Camden Hall
Because people are like "Oh, I can have internet on my computer and not have to worry about wires".
Then they start complaining about how their internet is so slow and how they're going to stop paying their bill unless the issue is resolved.
Then you realize they're 30 ft from their Wi-Fi router or gateway, with no access points setup, and they have a signal of like -96 or worse.
Ryan Nelson
>I suppose it wouldn't hurt to turn down the power a little bit. Keep in mind that turning the power down doesn't necessarily mean the deauths will not happen anymore. Them deauthing only 1 device every night seems more like a way to annoy you, than to capture the WPA handshake.
Austin Nguyen
Some script kiddie noob is using aireplay on you but forgot to set the count so it's deauthing you forever.
Your new neighbour has a shitty microwave and you have a shitty router. Or get Wireshark and confirm that you're actually getting flooded with deauths.
Luke Rivera
>I'm assuming it. are you retarded ? It's not that hard to run god damn wireshark and capture traffic. then come back and ask solution.