What, Me Worry?

I had a panic attack last night. I was in the midst of upgrading the firewall from OpenBSD 3.1 to 3.3 when I noticed that there were two messages on the console showing that someone had logged in as root (for the non-techie audience: the super-duper administrative account on Unix-based operating systems) from an IP address I was unfamilar with about 45 minutes earlier. “A cracker!” I thought. “I’ve been hacked!”.On a whim, I decided to determine what I could about the IP address. It resolved to an SBC ADSL connection, and when I hit it with a web browser, a Linksys wireless router admin authentication window popped up. Rather odd.Hearing my cusses of dismay from another room, Jennifer asked was was wrong. After I explained what I had found, she suggested I should disconnect the cable from the firewall to the cable modem to prevent the cracker from doing any additional damage. I did so and changed the root password while I was at it. I promptly found that the two terminal windows on my laptop that I had been using to manually merge old and new configuration files had lost their connection. The gears in my head started spinning furiously and the pieces started to fall into place. Putting two and two together literally, I realized that I, in fact, was the proported hacker!A few weeks ago I had used my laptop to connect to an open WiFi network near the train station while I waited for the next train after my dentist appointment. I hadn’t used it since then to connect to my own WiFi access point which requires explicitly setting the network name and WEP encryption key. If my laptop had connected to my own access point, which is inside the firewall, it wouldn’t have been affected by disconnecting the firewall from the Internet. As it turned out, I hadn’t changed the laptop’s wireless profile since my dentist appointment. So instead of connecting to my own access point, my laptop had found my neighbor’s open Linksys! Changing wireless profiles on the laptop promptly allowed me to re-establish the SSH connections to my firewall.*whew*

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s