Wait for him to come back
0 x00 background
In zhihu column, I saw an article called “Cheating in WiFi”. The author continued the routing threat propagated before, which went viral on the Internet, and made many friends who did not understand have been asking:
Routing is so dangerous, what should I do??
Even before this article, the author and his team members had been preaching about the dangers of routing, as if everyone who uses routing is going to be exposed to all of their privacy.
From the beginning of the route because the default password was used by hackers CSRF modified the route DNS, further use DNS to hijack all user traffic to obtain private data:
The home router attack is likely to be upgraded!
Then WiFi weak password or WEP encryption is cracked by hackers, enter the LAN ARP sniffing, to obtain user privacy:
Are wireless routers at risk of being hacked?
The chameleon virus and honeypot AP:
There’s something wrong with WiFi
To small white users caused routing is a dangerous device impression, let’s also routing a clean it.
0 x01 details
The important reason for the impression of routing danger to small white Internet users is to focus on several points described in several articles:
- There are plenty of vulnerable routes out there.
- If you use a flawed route, hackers can gain access to your privacy at will.
- Hackers can obtain privacy: Renren account, Weibo account, QQ account and so on…
- There are already viruses that can spread over WiFi, and routes around the world are dangerous.
- A hacker can connect you to his WiFi hotspot without even knowing it and steal your privacy.
But the solution to write a little understatement, resulting in the first half is too easy to catch the eye, causing small white netizens panic.
In fact, in addition to the fifth point, the other hazards can be addressed in one way:
WiFi uses WPA2 strong encryption, and for high strength password, routing management also uses high strength password does not use the default admin/admin, to read with me: “high strength password”! At the same time, if WPS is enabled on the route, it can be cracked by brute force running PIN code. Therefore, WPS must be disabled at the same time.
As long as you do the above, your route will be secure. Even if a hacker with 0day could circumvent these limitations, trust me, you, as a white user, will not be the target.
The default password at the beginning led to a large number of white users using the default password, DNS was modified, thus hijacking traffic was modified to gain privacy.
The author reminds netizens that it is a good thing to change the default routing management password, so say “like”.
To chapter two, write about what you do to the goddess after you brute force break the access route, get all kinds of privacy, and that’s pretty exciting.
To the third article, I can’t help teasing:
First Chameleon Virus, the news report of this Virus: Chameleon Virus that Spreads Across WiFi Access Points like Common Cold
The virus was conceived, tested and tested by security researchers at the University of Liverpool in England. Is just a test type test, the virus did not spread outward, the virus is actually looks more like just a laboratory product, transmission efficiency is not high, the virus test report even if the virus spread out abroad, and their own routing loophole, to defend their routing is still infected with the virus way above:
WiFi uses WPA2 strong encryption, and for high strength password, routing management also uses high strength password does not use the default admin/admin, to read with me: “high strength password”! At the same time, if WPS is enabled on the route, it can be cracked by brute force running PIN code. Therefore, WPS must be disabled at the same time.
This idea will never catch on, because the virus spreads inefficiently, takes a single path, and new products from various vendors are trying to fix existing vulnerabilities.
At present, some domestic routers are adapted based on the open source product OpenWrt (such as pole routing), and there is no such problem. If there is a bug in the open source product, the official will inform and fix it in the first time.
The 2014 buzzword won’t be: router poisoning.
Even if there is certainly not because of the emergence of the virus, but the author has been writing relevant articles, do not believe we see at the end of the year.
The author has publicized all kinds of dangers, or to ensure their own safety measures are also emphasized, do not cause unnecessary panic.
Instead, the last honeypot router should really be reminded, the author just left:
Hackers have a way of accidentally connecting you to an UNKNOWN AP.
There’s no need to be mysterious. Here’s how you can connect to an unfamiliar AP:
Set up a WiFi you have connected before, ssiD and encryption method is the same as before, so that your device will automatically connect after finding the WiFi.
For example, I believe that most people’s devices have been connected to the UNencrypted CMCC, I build a CMCC unencrypted hot spot around you, your devices will automatically connect over, so that we are the same LAN, and then you can obtain all kinds of privacy.
So you’d better remove WiFi from your device if you’re connected in public places.
0 x02 conclusion
WiFi uses WPA2 strong encryption, and for high strength password, routing management also uses high strength password does not use the default admin/admin, to read with me: “high strength password”! At the same time, if WPS is enabled on the route, it can be cracked by brute force running PIN code. Therefore, WPS must be disabled at the same time.
Remove WiFi from your device that you connect to in public places.
If you pay attention to the above points, then you can feel at ease on the Internet cafe, do not fear, routing will not harm you!
0 x03 update
As pointed out by white Hat HQDVista, in the case of a honeypot AP phishing attack by hackers:
Remove WiFi from your device that you connect to in public places.
This solution is not entirely defense, its reason is in the process of the equipment connected wi-fi will send the probe, which will have ssid information, so that the attacker can obtain all the ssid information before you had connected, but not with encryption and password, so you can forge has been connected with no password ssid, on honeypot fishing: )
The current solution is to remove all unencrypted SSIDs or turn off wifi connections when not in use.