Solved G-Data (Im At Risk)

Status
Not open for further replies.

OutOfBounds

Level 2
Thread author
Verified
Dec 22, 2016
92
hi my Norton antivirus has only got 3-days left so I thought I would give G-Data a 30-day trial

Everything is ok except I get this error telling me my internet connection is not secure which I find strange as I have got it set to WPA2-PSK.
 

Attachments

  • 2018-03-25_13-57-03.jpg
    2018-03-25_13-57-03.jpg
    54.5 KB · Views: 518
  • 2018-03-25_13-57-50.jpg
    2018-03-25_13-57-50.jpg
    112.7 KB · Views: 509
D

Deleted Member 3a5v73x

Either your WLAN credentials are too weak (include numbers and symbols in pswd to make it stronger), or you have default access settings in your local router (e.g. you have TP-Link and someone within your network could login into at 192.168.0.1 with default admin/admin credentials and change serious settings.)
 
Upvote 0

Mahesh Sudula

Level 17
Verified
Top Poster
Well-known
Sep 3, 2017
818
It just says that your password is weak...just ignore it and all goes well...Remember all of the WPA-2 encryptions can be cracked..except CCMP.
Just go to admin settings on your router and change the pswd to combination of alpha numerals and symbols;)
WPA2 -PSK (Pre Shared Key) is easiest to crack
Source : I am a Pen tester and from my experience - KALI LINUX:cool: .Disable WPS on your router!
SAFE !
 
Last edited:
Upvote 0

Mahesh Sudula

Level 17
Verified
Top Poster
Well-known
Sep 3, 2017
818
Important thing is WPS though may be physically turned off..it still works automatically after rebooting in background..
Reason is most of routers are based on WPS setup...though its a major vulnerability..list includes almost all the big names including Cisco and TP-Link.
To be on the safe side just keep the passwd tough and differently ...include SYMBOLS--> Very Important .Change pswd regularly atleast every 3-6 months.
 
Upvote 0
D

Deleted member 65228

If you have a weak password for your network then you will be vulnerable to potential attackers.

The weaker the password, the easier it would be for an attacker to succeed with a brute-force attack. Regardless of your password strength, a brute-force attack will always be successful, however if you have a strong password, brute-forcing can take an extremely unrealistic time-frame (e.g. months, years even) with on-going and demanding system resources, and thus the likelihood is anyone who ever does attempt to brute-force the password will eventually give up pre-success with the operation.

I recommend you change your password to have a minimum of around 12 characters, combining both lower/upper case and special characters, as well as numbers. You should also refrain from relying on any personal information for the password, as well as numbers in a sequence (e.g. 123).

If you decide to write down your password on paper, write it in the incorrect sequence so anyone who ever gains access to the note will be unable to make use of it. You can also store the paper somewhere safe and out of the way.

G-DATA are only looking out for you.
 
Upvote 0
F

ForgottenSeer 58943

WiFi strength is based on a rainbow table hash from the SSID name and Password. You should never use something simple as the SSID name as there are pre--cracked tables available already for all of the standard manufacturer default names and common ones like 'My Home', etc.

A proper SSID name would look something like this: 565uS6dd2GV9_optout_nomap It is recommended to use a Keygen to generate the SSID name, and append _optout_nomap at the end which disables Microsoft WiFi Sense and Google Spying.

Avoid the use of symbols in your SSID as some devices won't properly recognize symbols and will error out on connection. Your password should be strong. This, combined, will result in an extremely difficult to brute force table. However you STILL should change your SSID Password every 3 months at the least, but no longer than every 6 months. I personally change mine every 3 months.

SSID: 565uS6dd2GV9_optout_nomap
Password: n7@6N$7yQ9;hnN+f

Would be an example of a good secure SSID and Password. Disable WPS, UPnP, enable HTTPS admin access on local lan only, disable WAN admin access and you should be good. If you want to ramp up the security on cheap consumer routers then put all of your SSID's in guest-mode, this will create a sort of simplistic VLAN segregation keeping your wireless away from your internal network.
 
Upvote 0
F

ForgottenSeer 58943

Why so much hassle? just use mac filtering...even if they get the credentials, they won't be able to connect.

Mac filtration can be easily bypassed, especially on cheap consumer routers who don't authenticate clients and client numbers especially since you aren't doing radius auth. Loss of credentials is dangerous. Once your credentials are compromised then you can quite easily be pineapple attacked or any number of methods in use.
 
Upvote 0
F

ForgottenSeer 58943

It's funny to enable Mac filtration on cheap consumer routers. Sniff Mac addresses, then spoof a mac and connect it to a router with mac filtration so there are 2, 3 even 4 clients all using the same mac address. That's another area where cheap routers fail, they don't have proper authentication in many cases. Mac filtration, SSID hiding and standard SPI FW inspection aren't considered valid security measures in the modern age unless they are part of an overall security profile. With multiple macs being the same ARP collisions are inevitable, but functionality won't be destroyed, especially with just one mirrored mac.

You 'may' have a consumer router that does some base level mac validation (doubt it). Easiest way to test this is to turn on mac filtration, set a specific mac address as 'permitted' by your router. Then change the mac address on another device to spoof the primary allowed mac device and you'll usually find the device is allowed by the router.

How to Change a Computer's Mac Address in Windows

Corporate/Enterprise/Prosumer gear does Device ID, Mac Validation, Rad Authentication, etc. So when you combine mac filtration with mac validation or rad auth, then you have a good level of security from mac filtration.

The best defense for consumers is a strong SSID+Password, disabling extraneous services, prohibiting admin access from WAN, enabling admin access on specific internal IP address, and changing router login credentials to non-default (both username and password). Above that, placing your SSID's into guest restricted zones will serve you well for security.

The reason having a good strong SSID and Password is that many WiFi attacks rely on the attacker finding your rainbow table. Once that is found it's game over for you controlling your WiFi, which includes MiTM, DNS Redirection, etc.. An attacker can pineapple your network and MiTM all of your traffic. We've seen a wide range of these types of WiFi attacks, and most recently the use of the ever prevalent Xfinity SSID's used to MiTM targeted networks.
 
Last edited by a moderator:
Upvote 0
D

Deleted member 178

You 'may' have a consumer router that does some base level mac validation (doubt it). Easiest way to test this is to turn on mac filtration, set a specific mac address as 'permitted' by your router. Then change the mac address on another device to spoof the primary allowed mac device and you'll usually find the device is allowed by the router.
Sniff my Mac adress first, then we talk.
I know the tools needed for it but those are above the skillset of 99.9% of people, and i doubt your neighbors would be able to do it.
Then he has to get my wifi credentials even simple one, which again isn't in the field of most people.
And even he could do all these, you have tools to monitor new machines connecting to your network.

So chance of being compromised, almost none.
 
Last edited by a moderator:
Upvote 0

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
@Umbra MAC Addresses are a waste of time to setup, because you have to know all the MAC addresses, then allow each one. Depending on the household, users may have multiple PCs, Laptops, TVs, Phones, Tablets and sometimes Guest devices. Most routers don't come with guest network support, at least with my ISP. If you've never created a guest network, it might take some time to get it up and running, or you have to go out and buy a router than supports it.

@OutOfBounds, did you change your Router Password / Wi-Fi network passphrase? Reconnect to the Wi-Fi network and let G-Data scan your network for any success?

Found this posted in 2010, may be relevant. - Change Passphrase to at least 20 characters.
Other quirks bugged us. We couldn't use the program without getting a scary warning that the WPA2-PSK wireless network we were accessing was "unsecure," because G-Data deemed the passphrase used on it too short. When clicking "Why are these wireless networks unsecure," G-Data acknowledged that we're using the best security available... but that our passphrase needed to be at least 20 characters long. Talk about overkill for your typical home user.
Source: G-Data Internet Security 2011
 
Upvote 0
F

ForgottenSeer 58943

Sniff my Mac adress first, then we talk.
I know the tools needed for it but those are above the skillset of 99.9% of people, and i doubt your neighbors would be able to do it.
Then he has to get my wifi credentials even simple one, which again isn't in the field of most people.
And even he could do all these, you have tools to monitor new machines connecting to your network.

So chance of being compromised, almost none.

Mac address filtration was all fine in dandy under the OSI and LL model. Now devices readily expose your MAC address without any special hardware, and even some cheap routers reveal the control frame of devices polling for available WiFi. So any random attacker just has to look at the mac broadcast address, spoof it in 2 seconds and bypass local mac filtration on the network. No special gear is required in most cases. Even cheap security devices like a $99 Fingbox do this for you. No pineapple or extensive setup/knowledge required at all. Below is an example of my neighbor in the next house turning on his hotspot and my local monitoring systems picking it up and identifying the device including the mac broadcast. Let's assume he had mac filtration on, I could simply use that same mac address and hop right into his network. But having a very strong SSID+Password would pretty much eliminate the risk, not MAC filtration.

34fMcL.png


There has been an industry push for MAC address randomization, but that hasn't turned out exactly as expected either..

Shielding MAC addresses from stalkers is hard and Android fails miserably at it
 
Upvote 0
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top