Get Proton Mail for FREE: davidbombal.wiki/protonvpn1 Big thanks to Proton for Sponsoring the video! Disclaimer: This video is for educational purposes only. // Wifi Myths PDF // PDF: davidbombal.wiki/wifimyths // Alfa ADAPTORS // Alfa Long-Range USB Adapter: amzn.to/3yFs99E Alfa WUS036AXML: amzn.to/4c3rlJV // David's SOCIAL // Discord: discord.com/invite/usKSyzb X: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal RUclips: www.youtube.com/@davidbombal // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 00:00 - Busting Wi-Fi myths 01:42 - Brilliant sponsored segment 04:05 - Wi-Fi myth #1: Hiding your Wi-Fi name/SSID will protect you 04:21 - Finding hidden Wi-Fi names/SSIDs demo 10:36 - Using Wifite to attack the network 11:44 - Finding hidden Wi-Fi names/SSIDs summary 12:43 - Wi-Fi myth #2: MAC address filtering/whitelisting will protect you 13:12 - Connecting to a hidden network demo 15:30 - Testing on another router 21:20 - How two devices can interfere 22:13 - Wi-Fi myths summary 22:58 - How to properly protect your Wi-Fi 24:11 - Conclusion myth busting myth myths wifi wifi myths cybersecurity myths kali linux kali wifi kali alfa alfa network alfa network adapter wifi password wpa wpa2 hashcat linux Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #wifi #wpa2 #hashcat
Thank you David. I believe majority of your viewers are network engineers/architect, can you please create a video on how can they ride the wave of AI? what should be a transition path for an engineer/architect (with experience of transitional routing, switches, data center, wan/lan etc)? I will really appreciate it.
and as for protonmail, they "caant" decrypt your messages, but theyre HUGE fans of working with law enforcement. thye WILL NOT "go get a warrant" they are law enforcement fetishists. this is well documented. good for basic stuff, a trap for hackers or anyone else that runs foul of an establishment tyrant
Hello! My name is Chisenga or Chi Chie for short. I have just hopped onto the cybersecurity/hacking train. I was looking for solutions to the question explained below when i bumbped into your RUclips Chaneel. I have just finished setting up my virtual machine. I am running kali on vmware. I was running updates for kali when i noticed my antivirus(on the host machine) blocking some downloads and access to certain websites. Do you know how I can Fix this?
Personal cyber security is somewhat like home security. You can install locks on your doors, security cameras, alarms, a fence around your house, and that will deter most intruders most of the time. Ultimately though, someone with the right talent, determination, and resources can find a way through or around those obstacles in time. Especially since cyber security is a dynamic field. Fortunately, chances are the people you really have to worry about have other plans and priorities.
DAVE!!... i know its prolly silly, but imagine this, or a collab with LPL... Okay nothing on port 88, some firewall weakness on port 5055, easy hack on port 5555, back to port 88... port is open,... and we're IN.. , very poor, and as always... have a nice day. HAH
Everything that is NOT WPA3 is vulnerable, does not matter the settings. If you're still on WPA2, the only thing you can do is disable WPS asap and use a very strong password, is the only mitigation you can do. Password hashes can still be gathered but cracking them is another story if is a strong password.
Well, you can also a) turn on device isolation where devices cannot communicate with other devices on the same network and b) configure the router so that the guest/iot networks have internet access at best, with no access to the primary network. Of course, if your access point or router supports it, you can break up the IOT/Guest networks into multiple IOT/Guest networks.. For example, my access point supports 8 SSID's, so I could use one WPA3 for my primary, then create another 6 and split up the WPA2 devices onto different SSIDs, thus making it sort of "better" in case someone targets ONE of my SSID's.
I have setup several enterprise wireless networks. In high security environments, I use radius with certificate authentication and an internal PKI protected by an HSM. Since the same certificate is used for VPN access, I use Key Attestation to store the client certificates in the TPM. This is not hard to do and really raises the bar to keep hackers out.
Put guests and IOT on a network, or preferably two networks that are both isolated from other devices, and from your primary network. Each network SSID should have a unique password to it, preferably a different network name and password. If your router supports [WPA2/WPA3] settings, set it to that setting. Note that some routers will have a [WPA/WPA2], [WPA2 only], [WPA2/WPA3] and [WPA3 only] setting- so choose the settings that are the highest for the devices you plan on putting on that network. For example, since my main network only has newer devices that support WPA3, I select [WPA3 only] setting. As my guest networks are a mix of WPA2/WPA3, i select [WPA2/WPA3]. None of my IOT devices support WPA3, so for that network, I select [WPA2 only] although [WPA2/WPA3] is just as valid. On the guest and IOT networks, the option to isolate devices from each other is selected, and neither of those two networks have access to the primary network; those networks only have internet access - PERIOD. If need be, in the future, if IOT devices start supporting WPA3, I will be putting such devices on an IOT network that is set for WPA3. The main reason NOT to segregate IOT from GUEST network is in case I need to add in a custom firewall rule to allow device or devices to internal resources or other specific network rules can also be put in place as need be, I can; but for now, it's essentially internet only. My older tablet is on the GUEST, where as my newer tablet is on the primary network;
I can't tell whether Bombal is doing the world a great service or disservice with these demos. I guess it depends on who's watching and for what purpose.
3:35 Most easy fix is to just use PGP encryption in your email (Proton uses it also) that way you need to both accept eachothers public key's to send messages
Thanks David for great video! - Don't have your kids gaming pc on same VLAN as your corporate computer. - Only access your router on secure VLAN or VPN
I really miss those videos. Having courses hell and University semesters -not related to IT topics- since 8 months, now almost finished, I can resume watching my lovely daily Bombal’s videos❤.
It was learned some years ago that even fibre cable can be tapped. The light gives off vibrations which can be read by a transducer. Just when you think you are safe, you are not. Wherever there is a will, there will always be a way...
There are security benefits to hiding the SSID. As you said, just by making it a 2 step prose's. Anyone doing a "drive-by hacking" is unlikely to target you. 75% of security is to say to your thief/attacker: target someone else, my place is not worth your time. But as in physical security, when you are the primary target you need better defense that obscurity
You know David, you are one of the only one that i can trust & believe when it comes to sponsors. I'm always very skeptical when it comes to promotions and before you verified a interview with proton mail i heard about the journalist that got arrested and i got distrustful until you had that interview. You are a living legend David! It's crazy how i trust you more then anyone in my daily life.
I think other Email Services initially also did that privacy security. once they get a lot of customers, then let's say they are "tempted" to do something for their customers. When many people have entrusted many things to the email service system they use, there is an intrigue to change the new user agreement to the user. where changes to the user agreement are made long and difficult for ordinary users to understand. as far as I have understood.. I hope I'm wrong.. so can Proton guarantee it?
It is. WPA3 only mode (often called “WPA3 SAE” is the only way to be secure. On mixed mode you are vulnerable because an attacker can choose the weaker encryption WPA2 and obviously they would.
Hackers often go for the lowest hanging fruit. The more steps you take to prevent them, the better. Hiding your SSID won't stop them but it's still recommended. You could get lucky and they'll choose the next person instead 🤷♂
Thank you David. I believe majority of your viewers are network engineers/architect, can you please create a video on how can they ride the wave of AI? what should be a transition path for an engineer/architect (with experience of transitional routing, switches, data center, wan/lan etc)? I will really appreciate it.
Atta kers can always imitate your Mac address, send death pkts, then try and capture the handshake. Mac addresses can be found by company, manufacturer, etc.
When I talk to some "IT Managers" (who have obtained an email diploma) and they talk about "The Security" or "100% Security" I already know that they don't know what they are talking about. There is only a "Security Level" depending on how much you want to spend in money, time and hassle in using a system. If there's a door someone can get in. ....but I've also seen people install an expensive security door made of Unobtanium into a house made entirely of plaster sheets that a 10 year old can punch through.
WPA3 is the way to go but problem is the older networking devices can't be upgraded to make use of the new standard. For now a super long password is one way to make things harder for the hacker till you can use WPA3. WPA3 isn't perfect either but still better than WPA2.
Your router has to support it; or access point. Most decent consumer wifi routers have a "Guest" network- which is where I'd start. Look for two sets of settings; one that sets the clients so that the clients on that network do not have access to the primary network ( called different things by different brands of routers ), and another feature that isolates clients on the same network ( on a netgear, it's often called "Wireless Client Isolation" ). Some wifi routers support a third network; some don't. some support 4 networks; some access points will support up to 8 SSIDs, but usually that requires the use of VLAN's.. Sorry I can't recommend a video; learned things on my own since, well, forever..
Hi David, I have a question. Which laptop is better for cybersecurity; Windows or MacBooks? My professor told me get a windows laptop for cybersecurity, he didn’t tell me the reason! So can you please help me out on this question. Thank you!
A VPN can protect you from a lot of Hazzard.... If you use a VPN on your device and your router you can hide both your IP address and your Mac address... To make it even harder for the hacker combine that double VPN with alternating proxy chains and write two little scripts to continuously change VPN servers on your device and router... Nothing can guarantee your security only slow the spies and hackers down..
I noticed there were some check boxes to the left hand side of each device in your tp-link router. Did you try selecting those and clicking save with whitelist also selected for you MAC Filtering?
Apple also seems to claim it's better in security. Yet they released a processor that has a permanent exploit that cannot be patched out. I have an issue trusting apples advice with their claims vs what reality is.
Hey David did you notice that awus036nha (ar9271) cannot scan all channels? It's missing channel 12, 13 cause a crda setup to china. Can you make a short video where explain how to fix that? Is relatively easy and similar to the unlock procedure for tx-power... Thanks.
For a time, I thought "AP Isolation" was a good measure too, if you don't need devices "seeing" each other, however, that only works within the same network. You should test that setting too if mitigates what you tested here. Thanks for the advices!
I have a question, when two device with same mac address is connected to WiFi shouldn't they both be able to ping other devices? because unlike Ethernet which echo answer is returned to specific port on WiFi both device should be able to receive echo reply because it is transmitted through WiFi and both device assuming are in range of AP should get the transmitted radio wave. i am missing something obviously because ping failed can anyone correct me?
Hi sir, I am unable to access my apache2 server from other devices and it only working for local device and have use all the methods mentioned on the internet to correct it. I even used chat gpt and reinstalled the Kali Linux as well. Kindly help me with the issue by either providing me with other server I can use or with a method the fix the issue. Thankyou
Hello pleade make full video tutorial for DIY WiFi Pineapple MK7 with some TP-Link router that support WiFi Pineapple MK7 firmware with OpenWRT for 2.4G and 5Ghz.
I’m 52, about to be 53, and I currently make really good money. I like my job but would like to do more. I love the aspect of being an ethical hacker. Currently learning networking. I’m not necessarily thinking about quitting the work I do but the thought of being an ethical hacker gets me excited. Maybe as a side hustle? Is this a crazy idea? Is it unrealistic due to my age and/or current position?
It all depends on your personal skills, and the field that you've been in for some years. It's never too late to start, just be open to new opportunities and get familiar with the topic. Learning is the key to success, and never give up trying. The day that you give up trying is the day that you lose. There will be some motivational highs and lows.
What if you deauth router? Becouse its also give its name away but then next to client in notes is displayed eapol whats the diffrence beetewn doing thes whings
Security would be different when all these programs weren't invented yet, like kali which basically bundles every tool you would need, wifite etc.. OG's had to make those programs themselves.. but they ARE here now
Really appreciate your videos. I have a question about my WiFi security cameras. Several of my neighbors can see my video feed even while I'm playing back recordings off the micro-sd card installed in the cameras. I've changed my cable/modem router and password and changed the password for the router admin settings still my neighbors can see both my teckin cameras and my blink cameras through there cell phones and of course won't tell me how. I access my cameras through apps on my android phone. I also have the fling app that tells me who is on my WiFi network and no one is there. I'm confused about how they all are watching, any help would be extremely helpful thanks.
@@y0nd3r I purchased a 8mp 4 IP camera system that is a wired poe with a NVR and yet not even with the Ethernet cable installed on my NVR "So my system isn't even hooked up to the Internet" once again my neighbors can see my cameras video footage. Who could I hire to help me secure my home NVR and ip camera system.
@@davidsharp6939 That's what I'm trying to figure out. The PFSense thing looks too confusing and is also a subscription cost, which I am not interested in. Maybe the Dream Machine? How do you know they can see your security footage?
When I connected free Wi-Fi network with iPhone, Safari warned posibility of attacking. Some black hat did as this video. Please tell us how to get the evidence identifying the black hat!!!
If your router supports multiple SSID's ( multi-SSID ), then it should be relatively easy. Most wifi routers nowadays support a guest network, often with two features- one that blocks access to the primary network, and one that isolates wireless clients from each other. For most, just repurpose GUEST for IOT, and find & set those two settings. If your router does not support a guest network, it's time for an upgrade.
@@MrPir84free Well I checked in my router for guest network, but there is no such option. I found a option, naming partition network. I think it will do the same thing. Devices that join on that SSID will not be able to communicate with each other. Will this do the job?
Use a legit firewall and WPA3 APs. Segment your network with VLans; no crappy IOT stuff on your important networks, i.e., network you do your banking on. Have a dedicated AP for guest. Never give your critical APs WiFi passwords out to anyone. Ensure you do your chores: reboot your hardware monthly, and check for software updates for your network hardware weekly.
Is there such as thing as 4G or cellular network security (i.e could your phone be hacked by someone via the 4G network you're connected to)? May sound dumb, but IT info online is trash and superficial, and we the lay people are misinformed.
Get Proton Mail for FREE: davidbombal.wiki/protonvpn1
Big thanks to Proton for Sponsoring the video!
Disclaimer: This video is for educational purposes only.
// Wifi Myths PDF //
PDF: davidbombal.wiki/wifimyths
// Alfa ADAPTORS //
Alfa Long-Range USB Adapter: amzn.to/3yFs99E
Alfa WUS036AXML: amzn.to/4c3rlJV
// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
X: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
RUclips: www.youtube.com/@davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
00:00 - Busting Wi-Fi myths
01:42 - Brilliant sponsored segment
04:05 - Wi-Fi myth #1: Hiding your Wi-Fi name/SSID will protect you
04:21 - Finding hidden Wi-Fi names/SSIDs demo
10:36 - Using Wifite to attack the network
11:44 - Finding hidden Wi-Fi names/SSIDs summary
12:43 - Wi-Fi myth #2: MAC address filtering/whitelisting will protect you
13:12 - Connecting to a hidden network demo
15:30 - Testing on another router
21:20 - How two devices can interfere
22:13 - Wi-Fi myths summary
22:58 - How to properly protect your Wi-Fi
24:11 - Conclusion
myth busting
myth
myths
wifi
wifi myths
cybersecurity myths
kali linux
kali wifi
kali
alfa
alfa network
alfa network adapter
wifi password
wpa
wpa2
hashcat
linux
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#wifi #wpa2 #hashcat
Thank you David. I believe majority of your viewers are network engineers/architect, can you please create a video on how can they ride the wave of AI? what should be a transition path for an engineer/architect (with experience of transitional routing, switches, data center, wan/lan etc)? I will really appreciate it.
and as for protonmail, they "caant" decrypt your messages, but theyre HUGE fans of working with law enforcement. thye WILL NOT "go get a warrant" they are law enforcement fetishists. this is well documented. good for basic stuff, a trap for hackers or anyone else that runs foul of an establishment tyrant
Hello! My name is Chisenga or Chi Chie for short. I have just hopped onto the cybersecurity/hacking train. I was looking for solutions to the question explained below when i bumbped into your RUclips Chaneel. I have just finished setting up my virtual machine. I am running kali on vmware. I was running updates for kali when i noticed my antivirus(on the host machine) blocking some downloads and access to certain websites.
Do you know how I can Fix this?
Thanks again for the detailed video and pdf. Just a small thing, In the description looks that is Brilliant the sponsor. (Brilliant sponsored segment)
Encrypted email works good unless they open it on a Windows PC was snapshot...
Personal cyber security is somewhat like home security. You can install locks on your doors, security cameras, alarms, a fence around your house, and that will deter most intruders most of the time. Ultimately though, someone with the right talent, determination, and resources can find a way through or around those obstacles in time. Especially since cyber security is a dynamic field. Fortunately, chances are the people you really have to worry about have other plans and priorities.
That’s so true lol, well said, I loved the analogy ❤.
so we are mostly just protecting ourselves against script kiddies
if you dont have a home defense firearm, none of this tech nonsense matters.
DAVE!!... i know its prolly silly, but imagine this, or a collab with LPL... Okay nothing on port 88, some firewall weakness on port 5055, easy hack on port 5555, back to port 88... port is open,... and we're IN.. , very poor, and as always... have a nice day. HAH
@@mos8541 huh? explain pls
the best security is have nothing to secure, just turn off the wifi and go live in the woods
sounds appealing in so many ways 😉
😂😂😂
Until bears buy wifi adapters 😂
You wouldn't last 3 days in the woods
Use treefi and touchgrass as your firewall. @@jeremylemans3005
Everything that is NOT WPA3 is vulnerable, does not matter the settings. If you're still on WPA2, the only thing you can do is disable WPS asap and use a very strong password, is the only mitigation you can do. Password hashes can still be gathered but cracking them is another story if is a strong password.
Well, you can also a) turn on device isolation where devices cannot communicate with other devices on the same network and b) configure the router so that the guest/iot networks have internet access at best, with no access to the primary network. Of course, if your access point or router supports it, you can break up the IOT/Guest networks into multiple IOT/Guest networks.. For example, my access point supports 8 SSID's, so I could use one WPA3 for my primary, then create another 6 and split up the WPA2 devices onto different SSIDs, thus making it sort of "better" in case someone targets ONE of my SSID's.
Wpa3 is vulnerable, just Google wpa3 vulnerabilities.
I have setup several enterprise wireless networks. In high security environments, I use radius with certificate authentication and an internal PKI protected by an HSM. Since the same certificate is used for VPN access, I use Key Attestation to store the client certificates in the TPM. This is not hard to do and really raises the bar to keep hackers out.
Very good
put this on my desktop as a short cut have a feeling ill be watching it over a few times love all the videos you provide us thank you
Put guests and IOT on a network, or preferably two networks that are both isolated from other devices, and from your primary network. Each network SSID should have a unique password to it, preferably a different network name and password. If your router supports [WPA2/WPA3] settings, set it to that setting. Note that some routers will have a [WPA/WPA2], [WPA2 only], [WPA2/WPA3] and [WPA3 only] setting- so choose the settings that are the highest for the devices you plan on putting on that network. For example, since my main network only has newer devices that support WPA3, I select [WPA3 only] setting. As my guest networks are a mix of WPA2/WPA3, i select [WPA2/WPA3]. None of my IOT devices support WPA3, so for that network, I select [WPA2 only] although [WPA2/WPA3] is just as valid. On the guest and IOT networks, the option to isolate devices from each other is selected, and neither of those two networks have access to the primary network; those networks only have internet access - PERIOD. If need be, in the future, if IOT devices start supporting WPA3, I will be putting such devices on an IOT network that is set for WPA3. The main reason NOT to segregate IOT from GUEST network is in case I need to add in a custom firewall rule to allow device or devices to internal resources or other specific network rules can also be put in place as need be, I can; but for now, it's essentially internet only. My older tablet is on the GUEST, where as my newer tablet is on the primary network;
Thank you for providing such an easy walk-through and clear explanation! The extra tips at the end are exactly what everyone should be doing.
I can't tell whether Bombal is doing the world a great service or disservice with these demos. I guess it depends on who's watching and for what purpose.
3:35 Most easy fix is to just use PGP encryption in your email (Proton uses it also) that way you need to both accept eachothers public key's to send messages
Thanks David for great video!
- Don't have your kids gaming pc on same VLAN as your corporate computer.
- Only access your router on secure VLAN or VPN
I really miss those videos. Having courses hell and University semesters -not related to IT topics- since 8 months, now almost finished, I can resume watching my lovely daily Bombal’s videos❤.
Only thing that will protect you properly is to go fetch that cable
It was learned some years ago that even fibre cable can be tapped. The light gives off vibrations which can be read by a transducer. Just when you think you are safe, you are not. Wherever there is a will, there will always be a way...
There is a reason that Wired Equivalent Privacy got its name. Quantum networks are being developed to keep bits on a cable from being intercepted.
Fact : WPS will be the downfall of your network infrastructure.
There are security benefits to hiding the SSID.
As you said, just by making it a 2 step prose's. Anyone doing a "drive-by hacking" is unlikely to target you.
75% of security is to say to your thief/attacker: target someone else, my place is not worth your time.
But as in physical security, when you are the primary target you need better defense that obscurity
Thanks so much I appreciate you the way you change many people life through education
Thank you :)
You know David, you are one of the only one that i can trust & believe when it comes to sponsors.
I'm always very skeptical when it comes to promotions and before you verified a interview with proton mail i heard about the journalist that got arrested and i got distrustful until you had that interview.
You are a living legend David! It's crazy how i trust you more then anyone in my daily life.
I think other Email Services initially also did that privacy security. once they get a lot of customers, then let's say they are "tempted" to do something for their customers. When many people have entrusted many things to the email service system they use, there is an intrigue to change the new user agreement to the user. where changes to the user agreement are made long and difficult for ordinary users to understand. as far as I have understood.. I hope I'm wrong.. so can Proton guarantee it?
Great class on basic attacks to WF networks when ISSD is hidden. As always, super neat content, David. Thanks!
David Bombal: "WiFi Security Myths - Don't believe that these will protect you!"
Every Tinfoil Hat crushed!
david make a video on setting up a vlan for setting up your iot devices on another network
Thanks for the video, is WAP2/WAP3 vulnerable like your demonstration or does the WAP3 side of the selection increase protection difficulty?
It is. WPA3 only mode (often called “WPA3 SAE” is the only way to be secure. On mixed mode you are vulnerable because an attacker can choose the weaker encryption WPA2 and obviously they would.
Thank you for the information
You're welcome!
Hackers often go for the lowest hanging fruit. The more steps you take to prevent them, the better. Hiding your SSID won't stop them but it's still recommended. You could get lucky and they'll choose the next person instead 🤷♂
Used this to find all the hidden networks at my college back in the day, super easy to find hidden networks.
This was an assignment not malicious lol
Thanks David for your valuable lessons.
You're welcome!
Thank you David. I believe majority of your viewers are network engineers/architect, can you please create a video on how can they ride the wave of AI? what should be a transition path for an engineer/architect (with experience of transitional routing, switches, data center, wan/lan etc)? I will really appreciate it.
Such a wonderful explanation David.
Can u plz tell us how to overcome these problems?
What if the Wi-Fi network has been configured to prevent new device connections? please answer
Atta kers can always imitate your Mac address, send death pkts, then try and capture the handshake. Mac addresses can be found by company, manufacturer, etc.
My view is that these methods help as part of a defense-in-depth strategy.
When I talk to some "IT Managers" (who have obtained an email diploma) and they talk about "The Security" or "100% Security" I already know that they don't know what they are talking about.
There is only a "Security Level" depending on how much you want to spend in money, time and hassle in using a system. If there's a door someone can get in.
....but I've also seen people install an expensive security door made of Unobtanium into a house made entirely of plaster sheets that a 10 year old can punch through.
WPA3 is the way to go but problem is the older networking devices can't be upgraded to make use of the new standard. For now a super long password is one way to make things harder for the hacker till you can use WPA3. WPA3 isn't perfect either but still better than WPA2.
Nice video David. You never spoke about WP3 encryption. Is there a way to crack it ?
Is this video totally about WiFi handshake capturing with Alfa WiFi adapter ( in hands on demo )
👍🏼
Wish I could use wpa3… most the device on the network doesn’t support it :(
This is a real problem agreed. WPA3 was finalized in 2019 and 5 years later the device support is woeful still.
Does protected management frames prevent wpa2 deauth?
yes it does, however compatibility issue may arise on older devices
David, do you have, or can you direct me to, a good beginner video that explains how to add a LAN for IOT devices?
Your router has to support it; or access point. Most decent consumer wifi routers have a "Guest" network- which is where I'd start. Look for two sets of settings; one that sets the clients so that the clients on that network do not have access to the primary network ( called different things by different brands of routers ), and another feature that isolates clients on the same network ( on a netgear, it's often called "Wireless Client Isolation" ).
Some wifi routers support a third network; some don't. some support 4 networks; some access points will support up to 8 SSIDs, but usually that requires the use of VLAN's..
Sorry I can't recommend a video; learned things on my own since, well, forever..
@@MrPir84freeso my ISP 's dirt cheap 10$ router will probably not have guest sub netting capabilities
Hi David, I have a question. Which laptop is better for cybersecurity; Windows or MacBooks? My professor told me get a windows laptop for cybersecurity, he didn’t tell me the reason! So can you please help me out on this question. Thank you!
Biggest myth: Your VPN will protect You
It will hide your real IP address and keep your ISP from tracking you for ad sales. Just need a legit vpn like Mullvad or Proton.
If you connect to an open WiFi or a free one that sniffs all the traffic, yes, it will protect you.
Word lmfao
Mullvad is OK, don't use honeypots.
A VPN can protect you from a lot of Hazzard.... If you use a VPN on your device and your router you can hide both your IP address and your Mac address... To make it even harder for the hacker combine that double VPN with alternating proxy chains and write two little scripts to continuously change VPN servers on your device and router... Nothing can guarantee your security only slow the spies and hackers down..
Thankyou for this video. This was a real eye opener and thank-you for your tips on how to try to mitigate the issue.
WifiAnalyzer for android will show you which room your neighbors hidden access points in...
Great video david ive been learning this subject for the last 4 years now ever since my neighbour hacked my wifi
Thank you for explaining this... Love from India ❤
You're welcome! Glad you liked it!!
I noticed there were some check boxes to the left hand side of each device in your tp-link router. Did you try selecting those and clicking save with whitelist also selected for you MAC Filtering?
I know about those myths and I was kind of expecting a lot more than the two myths for Wi-Fi networks.
Apple actually recommends against hiding SSID on their website.
Apple also seems to claim it's better in security. Yet they released a processor that has a permanent exploit that cannot be patched out. I have an issue trusting apples advice with their claims vs what reality is.
Sir, can you make a video on how to detect keyloggers and hidden malware
Hey David did you notice that awus036nha (ar9271) cannot scan all channels? It's missing channel 12, 13 cause a crda setup to china. Can you make a short video where explain how to fix that? Is relatively easy and similar to the unlock procedure for tx-power... Thanks.
Nice advice on network segmentation. Thanks for the video!
Top Way to Protect Your Wifi: Just use ethernet and usb to ethernet adapters. Without a wireless signal, how is one gonna attack you?
For a time, I thought "AP Isolation" was a good measure too, if you don't need devices "seeing" each other, however, that only works within the same network. You should test that setting too if mitigates what you tested here. Thanks for the advices!
Different routers and access points call the feature different things; Netgear, at least mine, calls the feature "Wireless Client Isolation"..
Yes because the client isolation is layer 2, not 3. A firewall can do the same thing on layer 3.
About that Proton ad/demo... Can you do another demo video on how to crack that password?
I have a question, when two device with same mac address is connected to WiFi shouldn't they both be able to ping other devices? because unlike Ethernet which echo answer is returned to specific port on WiFi both device should be able to receive echo reply because it is transmitted through WiFi and both device assuming are in range of AP should get the transmitted radio wave. i am missing something obviously because ping failed can anyone correct me?
Hiding your SSID is just a stop for newbie hackers that don’t know better. Out of sight out of mind.
If you think you have been hacked, where can you get help? Example I see strange I.P addresses connected to my WiFi.
@David can you make a video about Piggybacking (data transmission) and how to prevent?
Hi sir,
I am unable to access my apache2 server from other devices and it only working for local device and have use all the methods mentioned on the internet to correct it. I even used chat gpt and reinstalled the Kali Linux as well.
Kindly help me with the issue by either providing me with other server I can use or with a method the fix the issue.
Thankyou
But can attackers spoof Mac addresses and corresponding IP addresses concurrently if Arp binding is enabled?
why are you using virtualbox
Hello pleade make full video tutorial for DIY WiFi Pineapple MK7 with some TP-Link router that support WiFi Pineapple MK7 firmware with OpenWRT for 2.4G and 5Ghz.
I’m 52, about to be 53, and I currently make really good money. I like my job but would like to do more. I love the aspect of being an ethical hacker. Currently learning networking.
I’m not necessarily thinking about quitting the work I do but the thought of being an ethical hacker gets me excited. Maybe as a side hustle?
Is this a crazy idea? Is it unrealistic due to my age and/or current position?
It all depends on your personal skills, and the field that you've been in for some years. It's never too late to start, just be open to new opportunities and get familiar with the topic. Learning is the key to success, and never give up trying. The day that you give up trying is the day that you lose. There will be some motivational highs and lows.
What if you deauth router? Becouse its also give its name away but then next to client in notes is displayed eapol whats the diffrence beetewn doing thes whings
Thanks fro debunking those myths!
please how can i know wifi adaptor that support monitor mode and package injection? please give me a link for a good WIFI adaptor
David should make a show called My IT busters XD (myth)
Setting the IT in my Brain not the H 😝 Great work David!
I really love your accent, it's awesome.
Sir please tell us about wpa3 Is there any known vulnerabilities that we can use to hack
If you have the password to the network none of that matters
Why would the attacker have it
disable wifi entirely
Back in the day my asus router to say in the settings that having a nameless network ( hidden) was a security risk …
Thank you for this informative video. Very much appreciated.
Very informational video
Glad you liked it
Security would be different when all these programs weren't invented yet, like kali which basically bundles every tool you would need, wifite etc.. OG's had to make those programs themselves.. but they ARE here now
Gmail should have that like Proton mail!!
What about IPS's centralize router ?
So, what you are saying is that if I hide the SSID, I'm totally safe .... or did you mention something about that like 200 times ? :D
Secure email is an oxymoron.
Is there a Brute force way to crack passwords? Most of attacks in wifite don't seem to work for isp routers.
Really appreciate your videos. I have a question about my WiFi security cameras. Several of my neighbors can see my video feed even while I'm playing back recordings off the micro-sd card installed in the cameras. I've changed my cable/modem router and password and changed the password for the router admin settings still my neighbors can see both my teckin cameras and my blink cameras through there cell phones and of course won't tell me how. I access my cameras through apps on my android phone. I also have the fling app that tells me who is on my WiFi network and no one is there. I'm confused about how they all are watching, any help would be extremely helpful thanks.
Did you ever figure this out?
@@y0nd3r I purchased a 8mp 4 IP camera system that is a wired poe with a NVR and yet not even with the Ethernet cable installed on my NVR "So my system isn't even hooked up to the Internet" once again my neighbors can see my cameras video footage. Who could I hire to help me secure my home NVR and ip camera system.
@@davidsharp6939 That's what I'm trying to figure out. The PFSense thing looks too confusing and is also a subscription cost, which I am not interested in. Maybe the Dream Machine?
How do you know they can see your security footage?
Hiding SSID is like using Blur/Mosaic to censor.
It's True that it does not protect against you but it protects agaist the annoying Neightboor trying to get your wifi
We are not going to make it.
When I connected free Wi-Fi network with iPhone, Safari warned posibility of attacking. Some black hat did as this video. Please tell us how to get the evidence identifying the black hat!!!
Hi David
Please make a video for bitlocker
What is a reality is that all wifi are trash in term of security. Any sniffer can do the job
Cant just overload wpa 3
I wish there was a video with Turkish subtitles
One more tip: disable WPS.
If someone knows your IPs, ssid and password. can do something even though you are far from your router (for example in another country) ?
Do what exactly?
How to put IOT devices on other netwrok? I have only one router.
If your router supports multiple SSID's ( multi-SSID ), then it should be relatively easy. Most wifi routers nowadays support a guest network, often with two features- one that blocks access to the primary network, and one that isolates wireless clients from each other. For most, just repurpose GUEST for IOT, and find & set those two settings.
If your router does not support a guest network, it's time for an upgrade.
@@MrPir84free Well I checked in my router for guest network, but there is no such option.
I found a option, naming partition network. I think it will do the same thing.
Devices that join on that SSID will not be able to communicate with each other.
Will this do the job?
I hacked the CIA with my Flipper Zero.
How about the myth that WEP is secure?
Use a legit firewall and WPA3 APs. Segment your network with VLans; no crappy IOT stuff on your important networks, i.e., network you do your banking on. Have a dedicated AP for guest. Never give your critical APs WiFi passwords out to anyone. Ensure you do your chores: reboot your hardware monthly, and check for software updates for your network hardware weekly.
What about IEEE 802.1?
Is there such as thing as 4G or cellular network security (i.e could your phone be hacked by someone via the 4G network you're connected to)? May sound dumb, but IT info online is trash and superficial, and we the lay people are misinformed.
Thanks for posting
Dropbox is a no go zone, too bad.
My wifi is 100% unhackable....i don't have wifi
Nice one, David 👍
wifi pineapple video will this come?
I can make videos about the Hak5 pineapple if you want me to :)
Mate, just keep releasing videos of literally anything🤣
We'll keep watching regardless@@davidbombal
@davidbombal I wait impatiently