Wireless Security Help

N

Natoma

Veteran
Each time you see **IP Spoofing**, we've been unable to log into our network. I've read of a flaw with wireless networking where someone spoofs the IP of the router, and tricks a computer into sending its encryption key to the hacker instead of the router. This is really irking me now. 10.10.10.2 login/logout is me going into the router to check the logs.

As you can see, someone tried ".33" first, but that failed as ".33" doesn't exist on our network. Then they went straight to ".1". Can someone help with this please?

I have DHCP enabled, but the block is 10.10.10.1-3 only, with .1 being the router.

The following settings are our security features:

MAC Filtering - On
Security Feature - WPA TKIP only
WPA TKIP - On. 63 Character Key
SSID Broadcast - Off
802.1x Authentication - Off. No Server Available

01/26/2004 09:52:37 10.10.10.2 login success
01/26/2004 09:52:07 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 2201 (from WAN Inbound)
01/26/2004 09:52:03 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 2201 (from WAN Inbound)
01/26/2004 09:51:43 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 2201 (from WAN Inbound)
01/26/2004 09:51:39 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 2201 (from WAN Inbound)
01/26/2004 09:51:31 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 2201 (from WAN Inbound)
01/26/2004 09:51:27 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 2201 (from WAN Inbound)
01/26/2004 09:51:24 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 2201 (from WAN Inbound)
01/26/2004 09:51:21 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 2201 (from WAN Inbound)
01/26/2004 09:51:18 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 2201 (from WAN Inbound)
01/26/2004 09:51:12 User from 10.10.10.2 timed out
01/26/2004 09:35:22 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1910 (from WAN Inbound)
01/26/2004 09:34:38 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1840 (from WAN Inbound)
01/26/2004 09:34:33 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1840 (from WAN Inbound)
01/26/2004 09:34:13 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1840 (from WAN Inbound)
01/26/2004 09:34:08 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1840 (from WAN Inbound)
01/26/2004 09:34:01 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1840 (from WAN Inbound)
01/26/2004 09:33:56 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1840 (from WAN Inbound)
01/26/2004 09:33:54 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1840 (from WAN Inbound)
01/26/2004 09:33:50 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1840 (from WAN Inbound)
01/26/2004 09:33:47 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1840 (from WAN Inbound)
01/26/2004 09:33:46 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1838 (from WAN Inbound)
01/26/2004 09:33:43 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1838 (from WAN Inbound)
01/26/2004 09:33:42 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1824 (from WAN Inbound)
01/26/2004 09:33:42 10.10.10.2 login success
01/26/2004 09:31:33 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1753 (from WAN Inbound)
01/26/2004 09:31:28 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1753 (from WAN Inbound)
01/26/2004 09:31:09 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1753 (from WAN Inbound)
01/26/2004 09:31:04 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1753 (from WAN Inbound)
01/26/2004 09:30:57 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1753 (from WAN Inbound)
01/26/2004 09:30:52 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1753 (from WAN Inbound)
01/26/2004 09:30:50 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1753 (from WAN Inbound)
01/26/2004 09:30:46 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1753 (from WAN Inbound)
01/26/2004 09:30:43 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1753 (from WAN Inbound)
01/26/2004 09:29:22 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1751 (from WAN Inbound)
01/26/2004 09:29:19 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1751 (from WAN Inbound)
01/26/2004 09:28:10 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1748 (from WAN Inbound)
01/26/2004 09:28:08 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1748 (from WAN Inbound)
01/26/2004 09:28:04 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1748 (from WAN Inbound)
01/26/2004 09:28:01 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1748 (from WAN Inbound)
01/26/2004 09:27:30 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1746 (from WAN Inbound)
01/26/2004 09:26:43 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1736 (from WAN Inbound)
01/26/2004 09:26:39 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1736 (from WAN Inbound)
01/26/2004 09:26:19 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1736 (from WAN Inbound)
01/26/2004 09:26:15 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1736 (from WAN Inbound)
01/26/2004 09:26:07 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1736 (from WAN Inbound)
01/26/2004 09:26:03 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1736 (from WAN Inbound)
01/26/2004 09:26:00 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1736 (from WAN Inbound)
01/26/2004 09:25:57 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1736 (from WAN Inbound)
01/26/2004 09:25:54 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1736 (from WAN Inbound)
01/26/2004 09:25:47 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1735 (from WAN Inbound)
01/26/2004 09:25:44 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1735 (from WAN Inbound)
01/26/2004 09:25:41 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1735 (from WAN Inbound)
01/26/2004 09:25:30 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1733 (from WAN Inbound)
01/26/2004 09:25:26 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1733 (from WAN Inbound)
01/26/2004 09:25:18 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1733 (from WAN Inbound)
01/26/2004 09:25:14 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1733 (from WAN Inbound)
01/26/2004 09:25:11 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1733 (from WAN Inbound)
01/26/2004 09:25:08 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1733 (from WAN Inbound)
01/26/2004 09:25:04 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1728 (from WAN Inbound)
01/26/2004 09:25:03 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1727 (from WAN Inbound)
01/26/2004 09:25:01 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1717 (from WAN Inbound)
01/26/2004 09:24:41 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1698 (from WAN Inbound)
01/26/2004 09:24:33 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1698 (from WAN Inbound)
01/26/2004 09:24:28 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1698 (from WAN Inbound)
01/26/2004 09:24:26 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1698 (from WAN Inbound)
01/26/2004 09:24:22 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1698 (from WAN Inbound)
01/26/2004 09:24:20 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1698 (from WAN Inbound)
01/26/2004 09:21:41 10.10.10.2 login success
01/26/2004 08:48:03 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1415 (from WAN Inbound)
01/26/2004 08:47:56 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1415 (from WAN Inbound)
01/26/2004 08:47:39 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1415 (from WAN Inbound)
01/26/2004 08:47:31 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1415 (from WAN Inbound)
01/26/2004 08:47:26 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1415 (from WAN Inbound)
01/26/2004 08:47:19 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1415 (from WAN Inbound)
01/26/2004 08:47:13 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1415 (from WAN Inbound)
01/26/2004 08:47:04 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1331 (from WAN Inbound)
01/26/2004 08:47:04 10.10.10.2 login success
01/26/2004 08:44:42 10.10.10.2 logout
01/26/2004 08:37:43 10.10.10.2 login success
01/26/2004 08:05:43 NTP Date/Time updated
01/26/2004 08:04:30 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1097 (from WAN Inbound)
01/26/2004 08:04:27 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1104 (from WAN Inbound)
01/26/2004 08:04:26 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1095 (from WAN Inbound)
01/26/2004 08:04:06 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1097 (from WAN Inbound)
01/26/2004 08:04:03 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1104 (from WAN Inbound)
01/26/2004 08:04:02 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1095 (from WAN Inbound)
01/26/2004 08:03:54 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1097 (from WAN Inbound)
01/26/2004 08:03:51 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1104 (from WAN Inbound)
01/26/2004 08:03:49 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1095 (from WAN Inbound)
01/26/2004 08:03:47 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1097 (from WAN Inbound)
01/26/2004 08:03:45 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1104 (from WAN Inbound)
01/26/2004 08:03:43 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1095 (from WAN Inbound)
01/26/2004 08:03:42 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1104 (from WAN Inbound)
01/26/2004 08:03:40 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1095 (from WAN Inbound)
01/26/2004 08:03:38 10.10.10.2 login success
01/26/2004 08:03:31 User from 10.10.10.2 timed out
01/26/2004 02:06:37 NTP Date/Time updated
01/26/2004 00:59:57 **SYN Flood to Host** 10.10.10.2, 2569->> 65.54.206.30, 80 (from WAN Outbound)
01/26/2004 00:58:22 10.10.10.2 login success
01/26/2004 00:58:19 User from 10.10.10.2 timed out
01/25/2004 20:07:30 NTP Date/Time updated
01/25/2004 16:22:55 10.10.10.2 login success
01/25/2004 15:42:04 10.10.10.2 logout
01/25/2004 15:41:52 10.10.10.2 login success
01/25/2004 14:10:50 10.10.10.2 logout
01/25/2004 14:10:20 10.10.10.2 login success
01/25/2004 13:41:10 10.10.10.2 login success
01/25/2004 13:41:06 User from 10.10.10.2 timed out
01/25/2004 13:40:48 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1260 (from WAN Inbound)
01/25/2004 13:40:43 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1260 (from WAN Inbound)
01/25/2004 13:40:35 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1260 (from WAN Inbound)
01/25/2004 13:40:31 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1260 (from WAN Inbound)
01/25/2004 13:40:28 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1260 (from WAN Inbound)
01/25/2004 13:40:25 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1260 (from WAN Inbound)
01/25/2004 13:40:22 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1260 (from WAN Inbound)
01/25/2004 13:40:18 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1258 (from WAN Inbound)
01/25/2004 13:40:15 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1258 (from WAN Inbound)
01/25/2004 13:40:13 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1257 (from WAN Inbound)
01/25/2004 13:40:10 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1257 (from WAN Inbound)
01/25/2004 13:40:07 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1257 (from WAN Inbound)
01/25/2004 13:40:04 **IP Spoofing** 10.10.10.1, 80->> 66.93.190.246, 1257 (from WAN Inbound)
01/25/2004 13:18:34 10.10.10.2 login success
01/25/2004 13:18:29 User from 10.10.10.2 timed out
01/25/2004 09:15:07 NTP Date/Time updated
01/25/2004 03:16:01 NTP Date/Time updated
01/25/2004 02:36:27 **SYN Flood to Host** 10.10.10.2, 3982->> 216.254.0.91, 80 (from WAN Outbound)
01/25/2004 02:16:33 **IP Spoofing** 10.10.10.33->> 10.10.10.2, Type:3, Code:1 (from WAN Inbound)
 
Our company came to the conclusion that WiFi is inherently "not safe". So, all of our WiFi access points are actually outside the firewall and require VPN to log in to the corporate network. So, somebody could "steal" internet access, but still not have access to the intracompany network.
 
Wireless can be just as secure as a cable can.

It takes setting it up right to begin with.

Although I can ride around my neighborhood with my laptop and surf all day long. Kinda scary actually.
 
So I've heard. Unfortunately that doesn't help me atm. I don't have a network btw. I just use the wireless because I don't want to run a wire from the living room to the bedroom where the phone jack is.

Sigh. I should have just paid the $160 to install a new jack. We wouldn't be able to take it with us whenever we decide to move, but at least we'd have some peace of mind. :(
 
jandar said:
Wireless can be just as secure as a cable can.

It takes setting it up right to begin with.

Although I can ride around my neighborhood with my laptop and surf all day long. Kinda scary actually.
Click to expand...

I'm not sure what else I can do besides:

MAC Filtering - On
Security Feature - WPA TKIP only
WPA TKIP - On. 63 Character Key
SSID Broadcast - Off
802.1x Authentication - Off. No Server Available
 
you have SSID broadcast off and a 63 digit key.


thats pretty damn secure.


update the firmware on the router. change all passwords. reboot everything.

check with these guys:
http://www.dalantech.com/boards.php

some of the best networking gurus out there (and a few friends of mine)
 
jandar said:
Wireless can be just as secure as a cable can.

It takes setting it up right to begin with.

Although I can ride around my neighborhood with my laptop and surf all day long. Kinda scary actually.
Click to expand...

Yeah except you have to get into the cable which can be pain in the ass where as wireless you don't. Also with wireless you can cut MANY cables at once.
 
You must log in or register to reply here.

Similar threads

A
NPD February 2012
2
Replies
21
Views
5K
Laa-Yosh
L
C
Racing sims vs real life
Replies
5
Views
3K
Silent_Buddha
S
C
Top Gear Powerboard - Laptimes
2
Replies
26
Views
9K
zed
Z
T
PC keeps rebooting (anybody understands dump files?)
Replies
6
Views
5K
tongue_of_colicab
T
C
HDD is dying, I think. Help me know for sure?
Replies
18
Views
3K
Blazkowicz
B
Back
Top