Eugene Computer Geeks Blog

Wireless networks have become the norm for most households and businesses. The problem is the majority of WiFi networks are not setup properly, and attackers take advantage of naive users, steal their Internet service, or even spy and collect personal information.

Just because you have a wireless password set, does not necessarily mean you are secured. It’s important to use a strong encryption method with a very robust, long, and unique password. Here are some tips on common practices to secure your network.

USE WPA/WPA2 AND AVOID WEP

Use WPA or WPA2 for your password encryption. It doesn’t matter if you use TKIP or AES, as long as you are using WPA/WPA2 for your password. WEP is outdated and very insecure. The average attacker can crack any WEP protected network in 5 minutes, even if you use a 128 or 256 bit key.

USE A STRONG PASSWORD

It’s important to use a password that is long, unique, and robust. The password should be at least 15 characters, have upper and lower case letters, numbers, and characters. Make the password something nobody else on earth would likely ever use.

Attackers use software than can guess thousands of passwords per second. They will usually feed it through a gigantic list of common passwords, or commit a “brute-force” attack, where they guess every combination of characters. In some cases the attacker can use multiple computers and servers to crack the password so that they can guess millions of passwords per second. Having a long and robust password will stop attackers in their tracks.

USE HTTPS WHENEVER POSSIBLE, AND AVOID PROTOCOLS THAT ARE UNENCRYPTED

When browsing the web, if sending or receiving something sensitive, make sure the site’s URL has https:// instead of http://. If you use an e-mail program like Outlook or Thunderbird, ensure that you have your e-mail account setup with encryption.

MAC ADDRESS FILTERING AND HAVING A HIDDEN SSID ISN’T SECURE

A lot of users will have an open network or use a WEP password and for protection they use mac address filtering or hide the network SSID. These methods will stop the casual user, but it’s very easy for an attacker to circumvent both methods. It’s best to use a very strong WPA/WPA2 password. Adding extra security measures won’t hurt, but shouldn’t be relied upon for high security.

The best way to configure your wireless network is by typing the local IP number of the router into your web browser. In Windows you can go to the command prompt and type: “ipconfig”, and write down the IP address located next to “Default Gateway”. You then open your web browser and type in the IP number into your browser, just as if it was a website. Consult your router manual for more information including the default password.

BEWARE OF ROGUE NETWORKS

It’s very easy for an attacker to setup a Wifi network with the same SSID (wireless name) as yours. They then use software to kick you off your network, and have you auto-connect to their Rogue network. Attackers can only do this if the network is open or if they have the wireless password. The best way to prevent being a victim of a Rouge network attack (Also called a Man in the Middle Attack), is to use a very strong WPA/WPA2 password.

For assistance you can try our FREE Tech Support Chat Room.  I also recommend consulting the manual for your router and read it thoroughly. You can also try calling the technical support phone number of the manufacturer of your router. Most companies will assist you for free if the router isn’t over a year old.

If your router is also a modem that you are renting from your Internet service provider, then they should be able to assist you with router problems or questions.

Ever needed to bypass an internet filter at school, work, or when using a restrictive network away from home? There are many different types of internet filters that function in many different ways, but I have yet to find one that couldn’t easily be circumvented. Not all of the methods listed below will work on all filters, so it’s best to try each method and become familiar with it.  Don’t let an internet filter block you from websites you need to visit. Use the techniques illustrated below.

GOOGLE CACHE
You can use Google cache to bypass almost any internet filter. Google saves a snapshot of all pages it crawls, and you can view the site through the Google cache. Almost no internet filters are set to block Google, and by using the Google cache version of a website, you can view a site without having to leave Google.com. Go to Google and search for: cache:www.thewebsite.com

For example if you want to view the Facebook page for President Obama, you’d type into google: site: www.facebook.com/barackobama

When I was shopping for a new laptop at a large retail computer and electronics store, I asked if I could use their computer to look up some information and reviews on the laptop I was interested in purchasing.   The employee stated that I was welcome to use their computer, but that their internet filter was very restrictive.  I started searching on Google and noticed almost all the sites were being blocked by the filter.  I showed the employee how easy it was to view the Google Cache version of the page, and get all the information I needed. Using Google Cache to bypass internet censors/filters is an excellent way to access a blocked site quickly, and if you are just getting basic info from the site. In this case, a cached copy from Google should fit your needs.

WEB PROXY SITES
Many web proxy websites are now available which you can use to circumvent most internet filters. Web proxies allow you to access a website through their network, making the contents behind the site invisible.  Use sites like ninjacloak.com, www.anonasurf.com, proxyeasy.com, freemao.info, bypassschoolfilter.com, filterbypasser.com, www.hidemyass.com, or newipnow.com. If the internet filter manages to block the web proxy, try finding the IP number by using the instructions located below.  If you are able to change your internet settings, you can also try using an actual HTTP proxy, which can be found at free proxy list sites like samair.ru.

USE IP ADDRESS
On a lot of internet filters you can use the IP address of the website instead of the domain name to bypass the filter.  You can use the ping command in the Windows command prompt to find the IP address of a site. Example: ping google.com , which will give you the IP for Google.com.  On Linux or Mac use the host command in the terminal. Example: host www.website.com  will give you the sites IP address. Then try using the IP address of the site instead of the regular domain name. This will bypass most internet filters and get right around the blocking of the website.  If you need to get the IP, but don’t have access to the command prompt. You can use the site Ping.eu to find the IP address of any website.

HTTPS
Occasionally switching a site to the SSL encrypted version will bypass filters. Try using https://www.website.com instead of http://www.website.com.  Sometimes this will bypass the internet filter because SSL uses encryption, which the filter software can’t read.

USE ANOTHER LANGUAGE
In many cases you can get around a blocked site by using the foreign version of the website.  Years ago, I needed to talk to someone on AIM (AOL Instant Messenger) while at a library, but noticed it was blocked. The internet filter was very restrictive and wouldn’t allow the user to visit web proxy sites.  I searched Google for foreign versions of AIM. First site that came up was the french version of the online browser-based AIM web client.  It got right past the filter with no problems. Most filters are only configured for one language.

GOOGLE TRANSLATE
Translate.Google.com  also translates websites.  In some cases you can use Google Translate to bypass internet censors and filters.  Just translate the site you want to visit by typing the website’s URL into Google Translate.  You CAN use the same language the website is using.  Google Translate works a lot like Google cache, but on some filters that block Google cache, Google Translate is almost always available.

WAY BACK MACHINE AT ARCHIVE.ORG
The “Way Back Machine” from archive.org is a site that archives a HUGE portion of all web pages on the internet. You can view websites going back years and years.  Very few internet filters block archive.org, and you can view most websites with this tool and fool the filter/censor.