The Glade 4.0

"Turn the lights down, the party just got wilder."
It is currently Sun Nov 24, 2024 11:05 am

All times are UTC - 6 hours [ DST ]




Post new topic Reply to topic  [ 22 posts ] 
Author Message
PostPosted: Wed Jul 13, 2011 10:34 am 
Offline
User avatar

Joined: Fri Sep 04, 2009 7:40 am
Posts: 4281
is the fact that we don't live next to this guy.

http://www.wired.com/threatlevel/2011/07/hacking-neighbor-from-hell/

Quote:
A Minnesota hacker prosecutors described as a “depraved criminal” was handed an 18-year prison term Tuesday for unleashing a vendetta of cyberterror that turned his neighbors’ lives into a living nightmare.

Barry Ardolf, 46, repeatedly hacked into his next-door neighbors’ Wi-Fi network in 2009, and used it to try and frame them for child pornography, sexual harassment, various kinds of professional misconduct and to send threatening e-mail to politicians, including Vice President Joe Biden.

His motive was to get back at his new neighbors after they told the police he’d kissed their 4-year-old son on the lips.

“Barry Ardolf has demonstrated by his conduct that he is a dangerous man. When he became angry at his neighbors, he vented his anger in a bizarre and calculated campaign of terror against them,” (.pdf) prosecutor Timothy Rank said in a court filing. “And he did not wage this campaign in the light of day, but rather used his computer hacking skills to strike at his victims while hiding in the shadows.

“Over months and months, he inflicted unfathomable psychic damage, making the victims feel vulnerable in their own home, while avoiding detection.”

Ardolf’s attorney, Kevin O’Brien, said in a telephone interview that “it was a lengthy sentence for a first time offender.” The defendant also forfeited his house and computer gear.

Ardolf had no criminal record, but an investigation revealed that he’d also hijacked the Wi-Fi of other neighbors, and terrorized them as well.

A father of two, Ardolf had turned down a 2-year plea agreement last year to charges related to the Biden e-mail. After that, the authorities piled on more charges, including identity theft and two kiddie-porn accusations carrying lifetime sex-offender registration requirements. He pleaded guilty to them all last year.

The bizarre tale began in 2009 when Matt and Bethany Kostolnik moved in the house next door to Ardolf, who at the time was a Medronic computer technician living in the Minneapolis suburb of Blaine. On their first day at their new home, the Kostolnik’s then-4-year-old son wandered near Ardolf’s house. While carrying him back next door, Ardolf allegedly kissed the boy on the lips.

“We’ve just moved next door to a pedophile,” Mrs. Kostolnik told her husband.


The couple reported Ardolf to the police, angering their creepy new neighbor. ”I decided to ‘get even’ by launching computer attacks against him,” Ardolf later wrote in a letter to the judge.

Rank, the prosecutor, put it not so mildly:

“It was apparently this incident which caused the defendant to begin a calculated campaign to terrorize his neighbors, doing whatever he could to destroy the careers and professional reputations of Matt and Bethany Kostolnik, to damage the Kostolniks’ marriage, and to generally wreak havoc on their lives,” he said.

Ardolf downloaded Wi-Fi hacking software and spent two weeks cracking the Kostolnik’s WEP encryption. Then he used their own Wi-Fi network to create a fake MySpace page for the husband, where he posted a picture of a pubescent girl having sex with two young boys. Under the “about me” section, he wrote:

“I bet my coworker that since I’m a lawyer and a darn great one that I could get away with putting up porn on my site here. I bet that all I have to do is say that there is plausible deniability since anybody could have put this on my site. Like someone hacked my page and added porn without my knowledge. This is reasonable doubt. I’m a darn good lawyer and I can get away with doing anything!”

He then e-mailed the same child porn to one of the husband’s co-workers, and sent flirtatious e-mail to women in Mr. Kostolnik’s office. “You are such a fox,” read one of the e-mails. He sent the message’s through the husband’s genuine e-mail account.

After the husband explained to his law office superiors that he had no idea what was happening, his bosses hired a law firm that examined his network and discovered that an “unknown” device had access to it. With Kostolnik’s permission, they installed a packet sniffer on his network to try and get to the bottom of the incidents.

Then, in May 2009,the Secret Service showed up at Kostolnik’s office to ask about several threatening e-mails sent from his Yahoo account, and traced to his IP address, that were addressed to Biden and other politicians. The subject line of one e-mail read: “This is a terrorist threat! Take this seriously.”

“I swear to God I’m going to kill you!,” part of the message to Biden said.

A forensics computer investigator working for Kostolnik’s law firm examined the packet logs, and found the e-mail sessions sending the threats. In the data surrounding the threatening traffic, they found traffic containing Ardolf’s name and Comcast account .

The FBI got a search warrant for Ardolf’s house and computer, and found reams of evidence, including copies of data swiped from the Kostolniks’ computer, and hacking manuals with titles such as “Cracking WEP Using Backtrack: A Beginner’s Guide;” “Tutorial: Simple WEP Crack Aircrack-ng” and “Cracking WEP with BackTrack 3 – Step by Step instructions.” They also found handwritten notes laying out Ardolf’s revenge plans, and a cache of snail mail that Ardolf had apparently stolen from the Kostolniks’ mail box and stashed under his bed.

“One of the manuals had Ardolf’s handwriting on it and another had the unique identifying ID for the Kostolniks’ router typed into it,” Rank, the prosector, wrote.

Also discovered in Ardolf’s possession was the pornographic image posted on MySpace and sent to the husband’s co-worker, and evidence that he’d secretly staged a similar harassment campaign against a neighbor at Ardolf’s previous home in Brooklyn Park, another Minneapolis suburb. Among other things, he sent that family a snail-mail message consisting of a one-page, color print-out of the family’s “TurboTax” return with personally identifying information, in addition to several skull images.

“I told you about a year ago that you should be very afraid. I can destroy you at will, you sorry *** excuse for a human,” the letter said.

The Brooklyn Park family told the FBI they believed Ardolf was upset that their personal care attendants, who looked after their two disabled twin daughters, parked their car in front of his house.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Wed Jul 13, 2011 10:49 am 
Offline
User avatar

Joined: Thu Sep 03, 2009 3:08 am
Posts: 6465
Location: The Lab
Wow, what a loser...

And I don't know why, but this line made me chuckle...

Quote:
unfathomable psychic damage


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Wed Jul 13, 2011 12:01 pm 
Offline
User avatar

Joined: Tue Sep 08, 2009 9:36 am
Posts: 4320
Wow.

Blaine is one of the northern suburbs of the city I live near. (I'm in the SW suburbs)


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Wed Jul 13, 2011 12:43 pm 
Offline

Joined: Fri Sep 04, 2009 11:58 am
Posts: 1596
I'm not quite as annoyed at my neighbor's failure to routinely mow his lawn anymore.


Top
 Profile  
Reply with quote  
PostPosted: Wed Jul 13, 2011 1:35 pm 
Offline
Lean, Mean, Googling Machine
User avatar

Joined: Thu Sep 03, 2009 9:35 am
Posts: 2903
Location: Maze of twisty little passages, all alike
Well, someone has to say it ...

Quote:
Ardolf downloaded Wi-Fi hacking software and spent two weeks cracking the Kostolnik’s WEP encryption.


Don't use WEP.

Don't use WEP.

DON'T. USE. WEP.

_________________
Sail forth! steer for the deep waters only!
Reckless, O soul, exploring, I with thee, and thou with me;
For we are bound where mariner has not yet dared to go,
And we will risk the ship, ourselves and all.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Wed Jul 13, 2011 3:52 pm 
Offline
User avatar

Joined: Thu Sep 03, 2009 10:59 am
Posts: 3899
So what should one use?


Top
 Profile  
Reply with quote  
 Post subject: Re:
PostPosted: Wed Jul 13, 2011 3:55 pm 
Offline
User avatar

Joined: Tue Sep 08, 2009 9:36 am
Posts: 4320
Ranelagh wrote:
So what should one use?


WPA or WPA-2

You should also setup your wireless router to NOT broadcast it's SSID.


Top
 Profile  
Reply with quote  
PostPosted: Wed Jul 13, 2011 5:42 pm 
Offline
Lean, Mean, Googling Machine
User avatar

Joined: Thu Sep 03, 2009 9:35 am
Posts: 2903
Location: Maze of twisty little passages, all alike
SSID hiding is security theater. Arguably, it even weakens your security if you have any mobile wifi devices (ex. cell phone, laptop, etc.) that ever leave your house. It pretty much boils down to this: who is SSID-hiding going to stop? Clueless casual snoopers? Even WEP accomplishes this on its own, and WPA(2) certainly does. Determined crackers? The same tools used to crack WEP are also used to probe hidden SSIDs, so no. Basically it accomplishes nothing.

_________________
Sail forth! steer for the deep waters only!
Reckless, O soul, exploring, I with thee, and thou with me;
For we are bound where mariner has not yet dared to go,
And we will risk the ship, ourselves and all.


Top
 Profile  
Reply with quote  
PostPosted: Wed Jul 13, 2011 10:33 pm 
Offline
User avatar

Joined: Fri Sep 04, 2009 7:40 am
Posts: 4281
Haha, "Security Theater", I like that.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Wed Jul 13, 2011 10:59 pm 
Offline
Web Ninja
User avatar

Joined: Wed Sep 02, 2009 8:32 pm
Posts: 8248
Location: The Tunt Mansion
How easy it is to access a router using MAC filtering?


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Wed Jul 13, 2011 11:05 pm 
Offline
User avatar

Joined: Wed Sep 02, 2009 11:04 pm
Posts: 751
WPA+MAC filtering?

Edit: Lenas beat me to it.

_________________
Hokanu
Duty is a magnificent blessing because it is the sign of trust from the universe.
END OF LINE.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Wed Jul 13, 2011 11:07 pm 
Offline
Web Ninja
User avatar

Joined: Wed Sep 02, 2009 8:32 pm
Posts: 8248
Location: The Tunt Mansion
Some quick Googlin' makes it seem very clear that the only real way to go is WPA2.


Top
 Profile  
Reply with quote  
PostPosted: Wed Jul 13, 2011 11:46 pm 
Offline
Lean, Mean, Googling Machine
User avatar

Joined: Thu Sep 03, 2009 9:35 am
Posts: 2903
Location: Maze of twisty little passages, all alike
Pretty much.

As to MAC filtering, spoofing a MAC address is pretty much trivial.

_________________
Sail forth! steer for the deep waters only!
Reckless, O soul, exploring, I with thee, and thou with me;
For we are bound where mariner has not yet dared to go,
And we will risk the ship, ourselves and all.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Wed Jul 13, 2011 11:46 pm 
Offline
Web Ninja
User avatar

Joined: Wed Sep 02, 2009 8:32 pm
Posts: 8248
Location: The Tunt Mansion
Guess I'll reconfigure my network tonight... AGAIN.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Jul 14, 2011 12:58 am 
Offline
Grrr... Eat your oatmeal!!
User avatar

Joined: Wed Sep 02, 2009 11:07 pm
Posts: 5073
I used to use WPA2 + MAC Filtering + not broadcasting my SSID, then my iPod started to freak out and not be able to connect to the network. So with my new router I just use WPA2.

_________________
Darksiege
Traveller, Calé, Whisperer
Lead me not into temptation; for I know a shortcut


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Jul 14, 2011 12:00 pm 
Offline
User avatar

Joined: Wed Sep 02, 2009 7:59 pm
Posts: 9412
Lots of things that stay on get fussy with unbroadcast SSIDs. Different devices/drivers have different ideas about when they should attempt to join remembered hidden SSID networks. I found that it played havoc with my laptop when I would sleep it away from the house and then wake it at home. It would never connect, until I restarted, because apparently the wireless driver didn't think that turning off wireless and turning it back on meant it was a good time to try again.

So, yeah. WPA2 + MAC filtering is what I do now. Sure, the MAC filtering isn't a big obstacle, but it's not inconvenient for me and it's just that extra thin layer.

_________________
"Aaaah! Emotions are weird!" - Amdee
"... Mirrorshades prevent the forces of normalcy from realizing that one is crazed and possibly dangerous. They are the symbol of the sun-staring visionary, the biker, the rocker, the policeman, and similar outlaws." - Bruce Sterling, preface to Mirrorshades


Top
 Profile  
Reply with quote  
PostPosted: Thu Jul 14, 2011 12:09 pm 
Offline
User avatar

Joined: Tue Sep 08, 2009 9:36 am
Posts: 4320
Stathol wrote:
SSID hiding is security theater. Arguably, it even weakens your security if you have any mobile wifi devices (ex. cell phone, laptop, etc.) that ever leave your house.


Can you expound on that?


Top
 Profile  
Reply with quote  
 Post subject: Re:
PostPosted: Thu Jul 14, 2011 12:10 pm 
Offline
User avatar

Joined: Tue Sep 08, 2009 9:36 am
Posts: 4320
Kaffis Mark V wrote:
Lots of things that stay on get fussy with unbroadcast SSIDs. Different devices/drivers have different ideas about when they should attempt to join remembered hidden SSID networks. I found that it played havoc with my laptop when I would sleep it away from the house and then wake it at home. It would never connect, until I restarted, because apparently the wireless driver didn't think that turning off wireless and turning it back on meant it was a good time to try again.


Odd. Never had a problem with it.


Top
 Profile  
Reply with quote  
PostPosted: Thu Jul 14, 2011 1:10 pm 
Offline
Web Ninja
User avatar

Joined: Wed Sep 02, 2009 8:32 pm
Posts: 8248
Location: The Tunt Mansion
Aizle wrote:
Stathol wrote:
SSID hiding is security theater. Arguably, it even weakens your security if you have any mobile wifi devices (ex. cell phone, laptop, etc.) that ever leave your house.


Can you expound on that?


It's because the device send out a signal searching for the SSID, and those devices are not secured.


Top
 Profile  
Reply with quote  
PostPosted: Thu Jul 14, 2011 2:07 pm 
Offline
Lean, Mean, Googling Machine
User avatar

Joined: Thu Sep 03, 2009 9:35 am
Posts: 2903
Location: Maze of twisty little passages, all alike
Wireless security in a nutshell:

WEP and WPA(1) both use the RC4 stream cipher for the underlying encryption. RC4 is no longer considered "strong", but only in the sense that distributed computing and/or massive super computers might eventually crack it. That said, there is a known-plaintext attack against RC4 (and therefore against both WEP and WPA) that would theoretically allow reading data from very short packets containing mostly known text. Moreover, due to a weakness in WPA's integrity algo (WEP's is even worse), it is theoretically possible to inject data undetected into said very small packets. There's no direct vulnerability here, but it could allow some indirect attacks against the network, at least if it connects to the internet. Either way, this is a very sophisticated attack that would be beyond the reach of even amateur crackers (let alone script kiddies) even supposing that you had the right tools (which as I understand it are not yet complete).

Where WEP horribly fails compared to WPA is that it uses a highly flawed method to derive the RC4 traffic keys from the WEP key. In short, it allows an attacker to fully reverse the WEP key just by sniffing traffic over a relatively short amount of time (usually just a few minutes). WPA replaces that flawed method with TKIP, for which there are not any known attacks.

WEP's authentication schemes -- Open System and Pre Shared Key -- are both also quite flawed. PSK moreso than open system. This is mostly moot, though, since both auth methods merely require knowledge of the WEP key, which can be trivially cracked, per above. In contrast, WPA uses the same auth methods as WPA2: WPA-Personal and WPA-Enterprise. More on that later.

WPA2 uses CCMP, which is entirely different from both WPA and WEP. CCMP is based on AES-128 encryption, and is very strong. The message integrity method is also improved over TKIP, preventing the sort of injection attack theoretically possible with WPA. There are some theoretical crypto attacks against AES in general, but nothing that would allow actual cracking except maybe by three-letter agencies (who knows?)

For authentication, WPA and WPA2 both allow for either WPA-Personal, or WPA-Enterprise.

WPA-Personal uses a single 256-bit key shared with all devices to authenticate them. The key can be entered directly in hex, or generated by a hashing algo from a password. The strength of this system depends on the strength of the password and the trustworthiness of the users. Weak passwords can be bruteforced -- very quickly if you use a common SSID name, which enables the use of rainbow tables. Dishonest or incompetent users can of course leak the key.

WPA-Enterprise is basically just EAP authentication with a RADIUS server. Since RADIUS is open-ended, you could be authenticating against just about anything using just about any kind of credentials. It could use something as simple as user/pass auth or something as complicated as two-factor auth using a smart card/RSA frob/biometrics.

So depending on how you personally implement them, both WPA-Personal and WPA-Enterprise can be anywhere from extremely weak to extremely strong.

In the end analysis:

  • If WPA2 is available, use that. If your router supports "mixed mode" (a.k.a. CCMP +TKIP, AES + TKIP, WPA + WPA2), only clients which actually use WPA/TKIP will be vulnerable to the theoretical injection attack, so it's not really dangerous to leave on. However, if you aren't using it, go ahead and disable it.
  • If only WPA is available, don't freak. Practically speaking, you're still secure against all but sophisticated crackers, and even then there are a lot of mitigating factors about what harm could actually be acomplished. Either way, no sensitive traffic can be decrypted, nor can your network be used by an unauthorized attacker. Upgrade to WPA2 when you can, but don't feel like you have to rush out and do it now.
  • If only WEP is available, buy a new router. Do it right now. WEP is completely, 100% insecure no matter what you do.
  • MAC filtering is largely pointless. WPA/WPA2 are all vastly greater barriers to unauthorized access than MAC filtering. And as for WEP, it's a given that anyone who can crack WEP can also get around MAC filtering.
  • SSID hiding is also mostly pointless. It's trivial to reveal hidden SSIDs with common tools and no knowledge. Moreover, when you take a device out of range of your hidden SSID, it will constantly try to reconnect to it. That is, it can't tell if an AP with that SSID is in range or not precisely because the AP doesn't broadcast its SSID. This matters because every time it does so, it broadcasts the name of your SSID to everyone within earshot. In a sense, this is worse than having your AP broadcast a SSID, since your AP at least stays in once place and can thus only be heard by people near your house. Your laptop or cellphone goes all over the place. Admittedly, this is a minor point and would only matter with a determined hacker, but the tools for doing this exist and don't require any particularly special knowledge to use.

_________________
Sail forth! steer for the deep waters only!
Reckless, O soul, exploring, I with thee, and thou with me;
For we are bound where mariner has not yet dared to go,
And we will risk the ship, ourselves and all.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Jul 14, 2011 2:50 pm 
Offline
Commence Primary Ignition
User avatar

Joined: Thu Sep 03, 2009 9:59 am
Posts: 15740
Location: Combat Information Center
I'm glad to know that. After reading this, I checked my router and thankfully its set to WPA/WPA-2. I'm not sure if, or how, I could set it to WPA-2 only but at least I'm not using WEP.

_________________
"Hysterical children shrieking about right-wing anything need to go sit in the corner and be quiet while the adults are talking."


Top
 Profile  
Reply with quote  
PostPosted: Thu Jul 14, 2011 3:37 pm 
Offline

Joined: Fri Sep 04, 2009 11:58 am
Posts: 1596
Stathol wrote:
Really smart stuff


Thanks for this. I will be doing a bit of minor router configuring tonight.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 22 posts ] 

All times are UTC - 6 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 96 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group