Get Proton Mail for FREE: davidbombal.wiki/protonvpn1 Big thanks to Proton for Sponsoring the video! Disclaimer: This video is for educational purposes only. // Wifi Myths PDF // PDF: davidbombal.wiki/wifimyths // Alfa ADAPTORS // Alfa Long-Range USB Adapter: amzn.to/3yFs99E Alfa WUS036AXML: amzn.to/4c3rlJV // David's SOCIAL // Discord: discord.com/invite/usKSyzb X: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal RU-vid: www.youtube.com/@davidbombal // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 00:00 - Busting Wi-Fi myths 01:42 - Brilliant sponsored segment 04:05 - Wi-Fi myth #1: Hiding your Wi-Fi name/SSID will protect you 04:21 - Finding hidden Wi-Fi names/SSIDs demo 10:36 - Using Wifite to attack the network 11:44 - Finding hidden Wi-Fi names/SSIDs summary 12:43 - Wi-Fi myth #2: MAC address filtering/whitelisting will protect you 13:12 - Connecting to a hidden network demo 15:30 - Testing on another router 21:20 - How two devices can interfere 22:13 - Wi-Fi myths summary 22:58 - How to properly protect your Wi-Fi 24:11 - Conclusion myth busting myth myths wifi wifi myths cybersecurity myths kali linux kali wifi kali alfa alfa network alfa network adapter wifi password wpa wpa2 hashcat linux Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #wifi #wpa2 #hashcat
Thank you David. I believe majority of your viewers are network engineers/architect, can you please create a video on how can they ride the wave of AI? what should be a transition path for an engineer/architect (with experience of transitional routing, switches, data center, wan/lan etc)? I will really appreciate it.
and as for protonmail, they "caant" decrypt your messages, but theyre HUGE fans of working with law enforcement. thye WILL NOT "go get a warrant" they are law enforcement fetishists. this is well documented. good for basic stuff, a trap for hackers or anyone else that runs foul of an establishment tyrant
Hello! My name is Chisenga or Chi Chie for short. I have just hopped onto the cybersecurity/hacking train. I was looking for solutions to the question explained below when i bumbped into your RU-vid Chaneel. I have just finished setting up my virtual machine. I am running kali on vmware. I was running updates for kali when i noticed my antivirus(on the host machine) blocking some downloads and access to certain websites. Do you know how I can Fix this?
Personal cyber security is somewhat like home security. You can install locks on your doors, security cameras, alarms, a fence around your house, and that will deter most intruders most of the time. Ultimately though, someone with the right talent, determination, and resources can find a way through or around those obstacles in time. Especially since cyber security is a dynamic field. Fortunately, chances are the people you really have to worry about have other plans and priorities.
DAVE!!... i know its prolly silly, but imagine this, or a collab with LPL... Okay nothing on port 88, some firewall weakness on port 5055, easy hack on port 5555, back to port 88... port is open,... and we're IN.. , very poor, and as always... have a nice day. HAH
3:35 Most easy fix is to just use PGP encryption in your email (Proton uses it also) that way you need to both accept eachothers public key's to send messages
Hackers often go for the lowest hanging fruit. The more steps you take to prevent them, the better. Hiding your SSID won't stop them but it's still recommended. You could get lucky and they'll choose the next person instead 🤷♂
Atta kers can always imitate your Mac address, send death pkts, then try and capture the handshake. Mac addresses can be found by company, manufacturer, etc.
There are security benefits to hiding the SSID. As you said, just by making it a 2 step prose's. Anyone doing a "drive-by hacking" is unlikely to target you. 75% of security is to say to your thief/attacker: target someone else, my place is not worth your time. But as in physical security, when you are the primary target you need better defense that obscurity
Thank you David. I believe majority of your viewers are network engineers/architect, can you please create a video on how can they ride the wave of AI? what should be a transition path for an engineer/architect (with experience of transitional routing, switches, data center, wan/lan etc)? I will really appreciate it.
It is. WPA3 only mode (often called “WPA3 SAE” is the only way to be secure. On mixed mode you are vulnerable because an attacker can choose the weaker encryption WPA2 and obviously they would.
Apple also seems to claim it's better in security. Yet they released a processor that has a permanent exploit that cannot be patched out. I have an issue trusting apples advice with their claims vs what reality is.
Really appreciate your videos. I have a question about my WiFi security cameras. Several of my neighbors can see my video feed even while I'm playing back recordings off the micro-sd card installed in the cameras. I've changed my cable/modem router and password and changed the password for the router admin settings still my neighbors can see both my teckin cameras and my blink cameras through there cell phones and of course won't tell me how. I access my cameras through apps on my android phone. I also have the fling app that tells me who is on my WiFi network and no one is there. I'm confused about how they all are watching, any help would be extremely helpful thanks.
Hi sir, I am unable to access my apache2 server from other devices and it only working for local device and have use all the methods mentioned on the internet to correct it. I even used chat gpt and reinstalled the Kali Linux as well. Kindly help me with the issue by either providing me with other server I can use or with a method the fix the issue. Thankyou
Hey David did you notice that awus036nha (ar9271) cannot scan all channels? It's missing channel 12, 13 cause a crda setup to china. Can you make a short video where explain how to fix that? Is relatively easy and similar to the unlock procedure for tx-power... Thanks.
What if you deauth router? Becouse its also give its name away but then next to client in notes is displayed eapol whats the diffrence beetewn doing thes whings
Use a legit firewall and WPA3 APs. Segment your network with VLans; no crappy IOT stuff on your important networks, i.e., network you do your banking on. Have a dedicated AP for guest. Never give your critical APs WiFi passwords out to anyone. Ensure you do your chores: reboot your hardware monthly, and check for software updates for your network hardware weekly.
Hello pleade make full video tutorial for DIY WiFi Pineapple MK7 with some TP-Link router that support WiFi Pineapple MK7 firmware with OpenWRT for 2.4G and 5Ghz.
If your router supports multiple SSID's ( multi-SSID ), then it should be relatively easy. Most wifi routers nowadays support a guest network, often with two features- one that blocks access to the primary network, and one that isolates wireless clients from each other. For most, just repurpose GUEST for IOT, and find & set those two settings. If your router does not support a guest network, it's time for an upgrade.
@@MrPir84free Well I checked in my router for guest network, but there is no such option. I found a option, naming partition network. I think it will do the same thing. Devices that join on that SSID will not be able to communicate with each other. Will this do the job?
Longer passwords, complex, or passphrases works better. Like Wd6g[.k%G$4bYJ9]hs=8qy or "unsnap driving bolt defender" or "unsnap-driving-bolt:defender" are infinitely a better password than say Superman So, yes, a stronger password is significantly better, the longer it is the better as well. That random password was 22 characters long, but would be hard to memorize and put in every time. The password phrase has a chance of being remembered; or easier to enter even though it's longer. There are even random passphrase generators on the web nowadays. Just try to use different passphrases for different purposes, just like you should for passwords.
A VPN can protect you from a lot of Hazzard.... If you use a VPN on your device and your router you can hide both your IP address and your Mac address... To make it even harder for the hacker combine that double VPN with alternating proxy chains and write two little scripts to continuously change VPN servers on your device and router... Nothing can guarantee your security only slow the spies and hackers down..
Everything that is NOT WPA3 is vulnerable, does not matter the settings. If you're still on WPA2, the only thing you can do is disable WPS asap and use a very strong password, is the only mitigation you can do. Password hashes can still be gathered but cracking them is another story if is a strong password.
Well, you can also a) turn on device isolation where devices cannot communicate with other devices on the same network and b) configure the router so that the guest/iot networks have internet access at best, with no access to the primary network. Of course, if your access point or router supports it, you can break up the IOT/Guest networks into multiple IOT/Guest networks.. For example, my access point supports 8 SSID's, so I could use one WPA3 for my primary, then create another 6 and split up the WPA2 devices onto different SSIDs, thus making it sort of "better" in case someone targets ONE of my SSID's.
It was learned some years ago that even fibre cable can be tapped. The light gives off vibrations which can be read by a transducer. Just when you think you are safe, you are not. Wherever there is a will, there will always be a way...
I think other Email Services initially also did that privacy security. once they get a lot of customers, then let's say they are "tempted" to do something for their customers. When many people have entrusted many things to the email service system they use, there is an intrigue to change the new user agreement to the user. where changes to the user agreement are made long and difficult for ordinary users to understand. as far as I have understood.. I hope I'm wrong.. so can Proton guarantee it?
I have setup several enterprise wireless networks. In high security environments, I use radius with certificate authentication and an internal PKI protected by an HSM. Since the same certificate is used for VPN access, I use Key Attestation to store the client certificates in the TPM. This is not hard to do and really raises the bar to keep hackers out.
Put guests and IOT on a network, or preferably two networks that are both isolated from other devices, and from your primary network. Each network SSID should have a unique password to it, preferably a different network name and password. If your router supports [WPA2/WPA3] settings, set it to that setting. Note that some routers will have a [WPA/WPA2], [WPA2 only], [WPA2/WPA3] and [WPA3 only] setting- so choose the settings that are the highest for the devices you plan on putting on that network. For example, since my main network only has newer devices that support WPA3, I select [WPA3 only] setting. As my guest networks are a mix of WPA2/WPA3, i select [WPA2/WPA3]. None of my IOT devices support WPA3, so for that network, I select [WPA2 only] although [WPA2/WPA3] is just as valid. On the guest and IOT networks, the option to isolate devices from each other is selected, and neither of those two networks have access to the primary network; those networks only have internet access - PERIOD. If need be, in the future, if IOT devices start supporting WPA3, I will be putting such devices on an IOT network that is set for WPA3. The main reason NOT to segregate IOT from GUEST network is in case I need to add in a custom firewall rule to allow device or devices to internal resources or other specific network rules can also be put in place as need be, I can; but for now, it's essentially internet only. My older tablet is on the GUEST, where as my newer tablet is on the primary network;
WPA3 is the way to go but problem is the older networking devices can't be upgraded to make use of the new standard. For now a super long password is one way to make things harder for the hacker till you can use WPA3. WPA3 isn't perfect either but still better than WPA2.
Your router has to support it; or access point. Most decent consumer wifi routers have a "Guest" network- which is where I'd start. Look for two sets of settings; one that sets the clients so that the clients on that network do not have access to the primary network ( called different things by different brands of routers ), and another feature that isolates clients on the same network ( on a netgear, it's often called "Wireless Client Isolation" ). Some wifi routers support a third network; some don't. some support 4 networks; some access points will support up to 8 SSIDs, but usually that requires the use of VLAN's.. Sorry I can't recommend a video; learned things on my own since, well, forever..
Thanks David for great video! - Don't have your kids gaming pc on same VLAN as your corporate computer. - Only access your router on secure VLAN or VPN
I really miss those videos. Having courses hell and University semesters -not related to IT topics- since 8 months, now almost finished, I can resume watching my lovely daily Bombal’s videos❤.
Hi David, I have a question. Which laptop is better for cybersecurity; Windows or MacBooks? My professor told me get a windows laptop for cybersecurity, he didn’t tell me the reason! So can you please help me out on this question. Thank you!
When I connected free Wi-Fi network with iPhone, Safari warned posibility of attacking. Some black hat did as this video. Please tell us how to get the evidence identifying the black hat!!!
I have a question, when two device with same mac address is connected to WiFi shouldn't they both be able to ping other devices? because unlike Ethernet which echo answer is returned to specific port on WiFi both device should be able to receive echo reply because it is transmitted through WiFi and both device assuming are in range of AP should get the transmitted radio wave. i am missing something obviously because ping failed can anyone correct me?
I’m 52, about to be 53, and I currently make really good money. I like my job but would like to do more. I love the aspect of being an ethical hacker. Currently learning networking. I’m not necessarily thinking about quitting the work I do but the thought of being an ethical hacker gets me excited. Maybe as a side hustle? Is this a crazy idea? Is it unrealistic due to my age and/or current position?
It all depends on your personal skills, and the field that you've been in for some years. It's never too late to start, just be open to new opportunities and get familiar with the topic. Learning is the key to success, and never give up trying. The day that you give up trying is the day that you lose. There will be some motivational highs and lows.
When I talk to some "IT Managers" (who have obtained an email diploma) and they talk about "The Security" or "100% Security" I already know that they don't know what they are talking about. There is only a "Security Level" depending on how much you want to spend in money, time and hassle in using a system. If there's a door someone can get in. ....but I've also seen people install an expensive security door made of Unobtanium into a house made entirely of plaster sheets that a 10 year old can punch through.
Is there such as thing as 4G or cellular network security (i.e could your phone be hacked by someone via the 4G network you're connected to)? May sound dumb, but IT info online is trash and superficial, and we the lay people are misinformed.
Security would be different when all these programs weren't invented yet, like kali which basically bundles every tool you would need, wifite etc.. OG's had to make those programs themselves.. but they ARE here now
This is something people were doing 15years ago. Show us a proper WiFi attack on a computer or phone connected to WiFi, like a man in the middle one. Say for example on your own device in a coffee shop. You will not be able to!
You know David, you are one of the only one that i can trust & believe when it comes to sponsors. I'm always very skeptical when it comes to promotions and before you verified a interview with proton mail i heard about the journalist that got arrested and i got distrustful until you had that interview. You are a living legend David! It's crazy how i trust you more then anyone in my daily life.