Is Your WIFI Secure?
Вставка
- Опубліковано 30 вер 2024
- In this video I go over some methods to further secure your wifi.
₿💰💵💲Help Support the Channel by Donating Crypto💲💵💰₿
Monero
45F2bNHVcRzXVBsvZ5giyvKGAgm6LFhMsjUUVPTEtdgJJ5SNyxzSNUmFSBR5qCCWLpjiUjYMkmZoX9b3cChNjvxR7kvh436
Bitcoin
3MMKHXPQrGHEsmdHaAGD59FWhKFGeUsAxV
Ethereum
0xeA4DA3F9BAb091Eb86921CA6E41712438f4E5079
Litecoin
MBfrxLJMuw26hbVi2MjCVDFkkExz8rYvUF
Dash
Xh9PXPEy5RoLJgFDGYCDjrbXdjshMaYerz
Zcash
t1aWtU5SBpxuUWBSwDKy4gTkT2T1ZwtFvrr
Chainlink
0x0f7f21D267d2C9dbae17fd8c20012eFEA3678F14
Bitcoin Cash
qz2st00dtu9e79zrq5wshsgaxsjw299n7c69th8ryp
Etherum Classic
0xeA641e59913960f578ad39A6B4d02051A5556BfC
USD Coin
0x0B045f743A693b225630862a3464B52fefE79FdB
Subscribe to my UA-cam channel goo.gl/9U10Wz
and be sure to click that notification bell so you know when new videos are released.
WEP: Worst Encryption Possible
Basically.
True. Butt it use to be the best at the time created
Always worked fine for me.
@@Two-Checks My man! Keep it up.
"Wired Equivalent Privacy" my 4$$
I can't imagine someone using WEP today ... I don't think any of the routers/ modems have it .
The only reason to improve my wifi security is to protect my secret pizza recipe achieved thanks to Ciro from Napoli.
I guess if you share it then your wifi is secure 🤷
You just painted a target on your home network kid.
If you make the pizza recipe open source, they can't steal it anymore
I have your IP address
@@amnottabs how'd you not get the ipizza address? Is your sauce wrong? Did you use a pinapple to hack into the network?
You forgot to mention every router owner's nightmare:
"WPS"
Who even uses that anymore lmao, it's just a vulnerability now.
@@prakharmishra3000 Normies do ;-)
@@igorthelight they removed it from the last versions of android
@@igorthelight you CAN'T use it, android removed it.
@@prakharmishra3000 android removed, but if the router still has it enabled, thus still compromised... it's game over if the attacker is using anything else or even older versions on android. I worked costumer service for a big telecom and every week I would get at least 3 or 4 cases when the costumer was pwned by this failure and about half of them didn't even knew this was a thing and were complaining about slow internet connection.but it was the company's fault as well for shipping a crappy modem with even crappier firmware which had WPS PIN(yes, PIN) enabled BY DEFAULT, and every hardreset of firmware upgrade/update you had to manually go into the settings and disable as well as replacing the password, which was a pain.
To make your network 100% secure:
1. Unplug your router
2. Carry it out to the middle of nowhere
3. Light it on fire
4. Put out with water after sufficiently burned
5. Done! Your network is 100% secure!
genuinely good advice for some
6. Buy a Zyxel router 🤣
@@N.S.A. OH CRAP IT'S YOU
@@heemajoshi847 😐
6. use TempleOS
To be honest, I'm just as surprised your channel hasn't been deleted.
that'd be one way to force us to see him exclusively on ODYESSEY/LBRY
Mental Outlaw is controlled opposition confirmed.
He's AlphaNerd on odysee
Why? UA-cam only cares if you have certain political beliefs or you question the super secure US election voting systems and rules that wasn't broken at all. ;-)
I respect what you do Mental Outlaw, making technology and security/privacy information accessible to normal people. The way I learned all of this wasn’t this digestible and accessible.
Don't forget the most important videos which are the cooking ones.
Try "TechLore" as well as "The_Hated_One"
@@AcidiFy574 they both deserve more subs.
It’s great for a normie like me. I just started using Linux because of this channel
I myself am Gang Ethernet, but useful video nonetheless
Defeat script kiddies until the next NSA leak by upgrading to a new router with a hardware backdoor!
Gotta love those odds 😂
I also like those odds.
“Practically everyone uses wifi”
_*Grins in ethernet_
Beaming EMF from the router = cringe
Using a chad wired connection and not lagging = boss
@@naoltitude9516 Soyboy vs Gigachad
Its fun when people who are either lazy or live with their parents or something defend wifi and say its just as good as ethernet
@@Ultrajamz I’ve been trying to get my grandma to switch to Ethernet but she won’t listen and refuses to use modern technology, despite the fact she ran email services in the 1980’s when no one else was doing it
@@Ultrajamz Technically wifi is actually Ethernet. It is layer2 not layer1 ;)
It stinks wpa3 ended up being a flop and isnt that secure. I have wpa2 and now just kinda feel like waiting for wpa4.
I know right. The newest standard is just trash
WPA3's weakness: With a capture of a few thousand connection attempts, an attacker can (sometimes, if AP firmware isn't up to date) estimate the probability of passwords being correct at a rate of about 50/sec.
WPA2's weakness: With a capture of a single successful connection, an attacker can (always!) brute force passwords at a rate of about 1M/sec.
Really not sure why WPA2 is considered "safer" 🤔
Wifi? Ethernet? Wake up, we must go fishing
my wifi so secure that even i can't login to the admin page.
reads the title - *NO*
lol, no consumer wifi setup is ever actually secure, even wpa3 or whatnot which was supposed to be EXTRA secure, was broken super fast, there's attacks to get around the passwords which aren't that hard to do, lol
1. You are. A script jogger
2. You probably have no idea how to perform the attacks (Ie implement it in your language of choice) all you know is run script see pretty output
But you are correct but I belive there are patches but the manufacturers should fix their implementation
Also yeah wifi isn't as secure as just running ethernet.
@@glowingone1774 He never claimed he was an expert why are you sperging about "script joggers" lmao. Most penetration testers, especially on an entry level do not need to know MUCH about programming to perform their jobs.
@@aaaa-wh3lj yeah dude seems like a gatekeeper
@@aaaa-wh3lj bruh, just bruh, you don't deserve anything more
@@glowingone1774 I like that term. Script jogger. LOL.
I once had a malware that would try common passwords to access the router configuration. Then, it would change the router's DNS to a malicious one.
Always change the default password.
Another way to secure a WiFi network is to live somewhere where there's no one near you! 😆
What’s even worse is new homes that have built-in wifi. The (edit: default) gateway login info will likely be similar or identical for all the homes in the neighborhood.
As a student in my local college studying network administration, I gotta say you're one of the few people I watch to get ideas on how to explain complicated terms to someone who doesn't know much about computers. Really really good video my man, keep up the good work!
UPLOAD EVEN MORE VIDEOS I CANT GET ENOUGH
dont ask questions just consume linux content then wait for next linux content
'How encryption looks like inside of your wi-fi'
Don't forget about the wps exploits, I learned that when I was grounded and wasn't allowed on the internet.
What password manager do you use?
I wanted to get an opensourced one but i feel very weary of keeping all my passwords in one place
I use BitWarden its open source
Keepass xc (it's fully offline)
Create a text file and store it in an encrypted archive using 7zip
keepassxc and or pass
@@CrypticConsole
ew 7zip.
Or just already have full disk encryption and store it in text files and then make a dmenu script to automate selecting and copying them onto your clipboard.
Awesome video! A few corrections:
1. WEP's chief weakness is that the IV and key are simply concatenated. RC4 is statistically more likely to output the nth byte of the key verbatim as the first byte in the cryptostream (with certain IVs), making key recovery really easy with enough captured packets. Plaintext IVs are not unique to WEP. Most protocols do this, and it's not a security shortcoming - privacy depends only on the uniqueness, not the secrecy, of IVs.
2. KRACK is an implementation bug, not a design flaw in WPA2 itself, and is fixed with fully up-to-date drivers/firmware. (Though I suppose one could argue a vulnerability affecting so many independent implementations means the protocol spec is at fault for not being explicit about that pitfall.) Fun fact: KRACK works because it causes the IV counter to be reset to 0, meaning IVs are reused (see point 1!)
3. WPA3-SAE is *awesome,* and in theory you can even get away with using a dictionary word as your SAE passphrase since an attacker would have to make a couple thousand connection attempts to guess it rather than capture a handshake and do an offline brute-force attack (as pointed out in the video). Sadly, the "Dragonfly" algorithm it's built upon has had a troubled development (issues were pointed out when it was still a draft and the author did basically nothing about them) and it has a subroutine with a password-dependent runtime, opening up a timing side-channel. Most implementations have mitigated the vulnerabilities by now, but it's still a huge, huge shame to have a security protocol with known flaws on day one.
But in spite of these issues, with a strong passphrase and updated software, WPA2 is still perfectly adequate, and WPA3 (even with its vulnerabilities unmitigated) is still leagues better than WPA2! :D
Hashes can be captured and brute forced later. No one is going to stay connected and try every possible combination.
Or just live rurally and have your network open.
Network security - a gun and a dog
antennas...
@@dxfvgyhjh ok so I need a scope to shoot from farther away
@@yevsey169 I could be behind a wall... just use an ethernet cable
@@dxfvgyhjh if you're behind a wall you didn't need the antenna in the first place
@@yevsey169 ehm.. what?
0:00 why is it not plugged in :(
My wifi is secure in the kitchen with the kids.
then those kids will watch Mental Outlaw's videos and voila!
From what I understand setting up wpa2 or 3, enterprise is much more secure. Just need to setup a radius server with a pi
Noob here: what's a "radius server"?
i was literally following his gentoo guide and now he uploaded
fml
LiFi becomes the new protocol and replace WiFi
7:57
“You’re a miner? Cool! What do you mine?”
“Passwords”
the picture of the "weirdo" is hilarious
cant people near you see the size of packets and make a guess, like halo is 1.53424 GB's and they can be like. THATS WHAT IT IS
Thank you for these helpful informative videos. Subscribed :)
I use dial up am I safe ?
7:40: "Its easy to *tap* that *wire,* I mean, that's what *wire tapping* is"
thanks man. I'll keep that in mind.
Wired Equivalent Privacy? More like Worst Encryption Possible
_Imma leave quietly, sorry about that._
Someone already said this.
if I lived alone I wouldn't even have wifi but luckily i'm trusted to maintain the router so I can keep track of these things
Damn ikaros i watched that anime like 10 years ago, such times
@@cristianjuarez1086 I created this account like 10 years ago
Ee uu hacker trying to hack my Wi-Fi
Me with my password having a password with a non ansi char like Ñ: yeah BOI this password is so stacked
WPA3 is also vulnerable, it had a vulnerability available
wired ethernet will always be better than any wifi signal path.
Bro do you have a job how do you put out so many videos
joke's on you; Arris routers tends to collapse or locks itself after the slightest amount of load so good luck trying to bruteforce your way onto my network
for those who hate password managers, you can also salt your passwords
i like to pepper mine
@@gokutoriyama3179 I'd like to think you're joking and I don't have to explain what password salting is
0:28 seems like electrical service panels aren't the only things that look like a rat's nest in America
Can you make a video about Cyber Polygon? Literally what the fuck is going on with that shit?
There is a way to connect at wifi anonymously?
ooooo I noticed a bit more humor in this one
The Comcast DVR being used as a WiFi router
OpenWRT is da way
Screw proprietary garbage
@mental Hey man, I miss Migi and the other gentoo anime meme. Can you drop me some webms? :(
lol no, it’s more open than a gloryhole at 7/11 on the weekend at 3am
This channel is so underrated.
I'm stomped on what router to get. Should I get one that can run FreshTomato?
Since no one gives a single f about me, yes it is 😂
what about wpa2-enterprice?
It's better than WPA2 but it needs additional server to use it.
For all questions -> google.com
I do not use WiFi at all.
I use cables
Love your vids! o ya Sir. As a cable guy ( EXP 3 years) buy a higher quality or make your own new coaxial cable from your 2 way splitter to your cable modem ( maybe your already have better q jumpers cables in a junk drawl or it closet or the cable company could had you some for free from their office or know a cable guy or gal friend for free!). throw away these cheap jumper cables! with the real cheap connectors!! The better Quality Jumper ( Short ex 3ft or 6 ft jumper cables) becoz these cheap connectors introduce outside signals leak in and also leak out as well! Plus the better connectors don't break like those low quality one!
SHOULD Look just like the connector input of spiller vs the 2 poor jumper cables coming output of the 2 of the splitter ( Great Brand by the way) in the video ! easily spotted by any good cable \ wifi installer or tech would see. Peace
You made it more dramatic for WPA/WPA2 than its really problematic. Person who don't understand subject would think that they are totally unprotected which is absolute bullshit.
Only specific routers are vulnerable to KRAK. Password bruteforceing is useless if you are using 'normal' password.
I LOVE THIS CHANNEL SO MUCH. Unironically virgin NSA vs Gigachad Mental Outlaw teaching the feeble masses the word of god.
2:22 :)))))
Haven’t watched the video yet, but I’ve switched from Wpa to wep encryption because my DS supports it
password manager & physical security token
done.
and get a token backup, please. And if not, don't cry if you loose access to all your passwords because you got lazy this one time at this one random bar.
Good tip> Your Wireless router or AP probably has a ''guest'' network setting, make your default password hard and set the guest one to something easier, when someone comes over you give them the guest password, activate the guest network, they use it, they go away, you turn the guest one off.
Also WiFi deauthing is a thing btw so you can disconnect devices and they have to reconnect
That's done through Management Frames so if those frames are secured (PMF) not much a MITM can do to them.
@@eternalblue4660 It can also be done through old fashioned jamming.
Also, hide ssid, whitelist, password protect router admin settings
ssid hiding doesn't do much if i remember correctly
@Fashinqu A. I suspected it wasn't enough but I'd think doing those things in addition to whatever else you could do, makes you a little bit less of an easy target compared to the 20 other wifi's broadcasting in your local area
Are you planning on making a video on Audacity going full telemetry mode?
My main issue with network encryption protocols is the fact that they don't seem to be backwards compatible. I have devices that only seem to go up to WPA2. When I go to connect to my Wi-Fi connection I do not see a WPA3 selection. If that's the case, how can I connect older hardware to newer Wi-Fi encryption protocols?
Some router can do both at the same time
But in the end, the weakest link, breaks the chain
Add New ssid for older devices
my 2020 xiaomi phone doesnt even have a wpa3 option
Are you on Windows? They relegate the send/receive of SAE frames to the driver, so driver vendors (I'm looking at you, Intel) get to omit that "feature" from the drivers for their earlier cards, so that users have to upgrade.
Every softmac device that can do WPA2 is capable of WPA3, period. wpa_supplicant will handle just fine in those situations.
You cannot use WPA3 with older devices unless the vendor releases a WPA3 firmware update for the device… which maybe never! Until ALL of your devices supports WPA3, you have to settle with WPA2/WPA3 dual mode as a compromise, with all of that is implied with WPA2 vulnerabilities. If a user insists on a pure WPA3 network, the user will be forced to immediately abandon much of their existing devices. This is unrealistic and counterproductive. In any case, WPA2 is still a very secure protocol in 2021. Just use a very long password!
I named my wifi (from my Asus Router) "FBI free login"
Make a video on status
1:40 AVM Routers at least dont do this, usually the password is on the back of the router and some random word number combination
I want to have a very long and complicated password but nobody in my house agrees. Yikes I'm really scared
Mental Outlaw
Please create a content on how to change a regular usb into a hardware wallet.
Is the security it provide inferior than brand name hardware wallet?
To answer your question, no, it's not.
Yes it is, when you use WPA2/AES, not WPA/TKIP and a *bloody long* password. Also, ensure that whatever online services you use has end to end encryption.
Not related to the video but early congrats on 100k subs! Crazy growth lately
love the channel but bruh buy some sound treatment foam the ringing is insane
otherwise, some of the best content on this bullshit platform
i got personally offended by "the ONE at your home"
I have checked and no
no captions no watch
Why is new encryption standards reliant on your channel existing?
When upload.
Techlead made a crypto coin, any thoughts about that?
My own WiFi is secure from now on, I realized I never use it so I turned it off.
Encryption definitely looks like futuristic blue lines with a lock wdym
Bruh, my isp allows only speedtests and pool range on their router.
I finally switched to linux today.
From joe it is, but alphabet inquirers definitely not.
Apple%wifi%
unrelated suggestion: would you ever consider making a video about Urbit?
using the WAP encryption 😳
Wireless
Access
Point
@@InventorZahran i'm thinking about the other acronym... xd
WPA3 is also vulnerable crap
and now we wait for the audacity trainwreck vid
no
Yes
no
I love wps
our router was provided by our isp and is running their proprietary firmware, and if i change that i would void its warranty which is bad bc their routers suck and this is our 4th one now
so no
then buy your own router?
@@user-mx4vd4ow2e im broke and not the only person using it, otherwise i wouldve done that ages ago, hell, i was genuinely trying to when we still had an older model that was both slower and more unreliable
@@coolbean9880 just use an old pc and pfsense
@@coolbean9880 a router doesnt cost that much lol
Are you NSA agent
yes
no
disable TKIP and disable PMKID
Mental (and others), can you recommend a good standard router that's relatively inexpensive and also has FOSS firmware support? You covered this in a previous video but your router has < 4 stars on Amazon so I'm a little wary.
amazon reviews aren't something to go by, in my experience