So my 128-bit encrypted wireless network was just hacked. I could see the wireless activity light blinking way more than it should be (laptop was idling on a website and nothing downloading. Then the hacker cracked my VNC password and started mucking around with my mouse pointer and windows while I watched in horror! I immediately shut off the VNC server and disabled wireless access. Come to think of it… I’ve seen some strange looking file access late at night when I’m going to sleep, so he may have been on my router for a good while. I don’t think he deleted anything or gave himself write access so he could plant a virus, but it’s really the principle of the thing. I guess it’s time to upgrade to a WPA-capable router.
User ChemBot has accepted this answer.
Answer by Romsus:
Here is your SOLUTION.
Have you done a virus check anyhow?
I hope they’ve not installed a keylogger or anything. =/
yeah, that’s one of the first things I checked. no odd processes were found and zonealarm hasn’t caught any strange program trying to access the internet. they could have used the Sony root-kit to hide the keylogger and bypass the firewall… but I’d like to think that they did not. I hope.
By the way, does anyone know how easy it is to bypass the password authentication on a VNC server? (RealVNC server on windows) my password is pretty difficult to just guess, so I’m wondering if there’s just some easy to explot backdoor or something.
I’m no expert about hacking but given enough time wouldn’t a “brute force” hacking program thing be able to crack your password?
Or if its just a regular word or common password some dictionary password cracker program.
I guess teh haxor could have had enough time to brute-force it. I’m not sure how long he had access to my network so he coulda been on there for days or longer. My password is not a word though, just a jumble of letters. I’ll have to add some numbers and capitalizations.
@ChemBot,regarding with your wireless encryption password, it can easily be cracked because it is WEP. You are correct that you shoudl upgrade ur encryption to WPA, take note make it WPA2 which gives a lot of crackers a headache. Cracking wep is really easy with aicrack-ng suite plus a wifite( mass wep/wpa cracker coded in python).
My suggestion is to rename your SSID or wirless network name, then for the passphrase make it complicated like adding special characters on it(it should be WPA2 not just WPA), upgrade the firmware of your router, reduce the signal of your router, and enable mac filtering although a mac address in the network can be spoofed but it can also help somehow.
@^DrAgOn^, yes you are correct, you need a tool that bruteforces WPA and WPA2 encryption but with WEP u don’t need a dictionary since it is a basic encryption.
FOR WPA >> Even if a crackerwith 4xCUDA Card machine a 36 characterset wont be crackable within a week. Current benchmark for 4xCUDA is 89K PMK per second. 2,821,109,907,456 passwords can be computed in 31,697,864 seconds or 8804 Hours.
In WPA cracking, you are only good as your dictionary