Arabic is my first language and my wifi password is a mix of symbols, letters and digits IN ARABIC. Good luck hacking it. 😂

@MyReviews_karkan

3 жыл бұрын

@Mesophyl simmer down, tiger. It was for laughs and giggles. I know language doesn't matter and I'm aware of hashing and unicode and all of that, not an expert, but I know about it. Jesus, why so serious? 😂

@theredcap_yt

3 жыл бұрын

@@MyReviews_karkan the comment was indeed necessary, think about someone who did not know about these technical details, they would have certainly found your comment "helpful" rather than a mere "joke".

@adamm5205

3 жыл бұрын

@@GooogleGoglee Stop taking my data ;)

@GooogleGoglee

3 жыл бұрын

@@adamm5205 hehehe, than stop providing it to me so easily ;-P

@joaco190

3 жыл бұрын

Thanks for the tip

As a security professional myseld, I am actually surprised that this is a good video for home users. I was expecting some cringe. Good video! The biggest boost in security for normal users is to definitely use a password manager. too many people just re-use passwords and with all the breaches over the years, if you have been using the same password's for every site, your password has been 100% pwned. Remembering passwords is a chore, let the computer handle it.

@carnuroalnanda5241

3 жыл бұрын

Thanks for the Video! Apologies for butting in, I would love your opinion. Have you researched - Mahorrla Defence Wisdom Method (just google it)? It is a good exclusive guide for securing your home from danger without the normal expense. Ive heard some amazing things about it and my mate after a lifetime of fighting got astronomical results with it.

@pete5668

2 жыл бұрын

My concern with password managers is that once a hacker guesses your master password, then they have all of your passwords, no matter how "secure" you think they might be, all in one convenient place in the password manager account.

@n3y3g04

2 жыл бұрын

storing passwords on a piece of paper is still the most secure option available, esp given the over reach of the current state that has access or backdoor to this info with a simple unwarranted request from one of the alphabet boys,

@owe9024

2 жыл бұрын

@@n3y3g04 what if the glow boys come to your house? they have it all. keepassXC is cryptographically secure, meaning even if the glow boys have your file, they cant get access to it, and anyone can audit the codebase and check for backdoors. so really, no, a piece of paper is really not more secure. unless you just want to hide it from hackers.

@n3y3g04

2 жыл бұрын

@@owe9024 If the Glowboys come to your house with a warrant, your already pwnded, any digital info is not Safe, any intel or AMD processor in the recent years provides access to system data when system is powered off. You should review Intel ME Exploits and AMDs alike Tech. The more you know.

When doing biblical studies with the girl from the park be sure to throw holy water on the router to prevent anybody from connecting to it.

Great overview. Two more tips: most routers have a "guest network" setup where you can assign a separate SSID and password for guests to use your wifi which you can configure to not be able to access the (main) local network. Any IoT device you own such as a webcam should be placed on this guest network. And - a hidden SSID avoids the problem of wardriving by neighbors or unfriendlies. You covered the most critical stuff for normies, however.

@Benjamim600

2 жыл бұрын

I'm a normie when it comes to this topic, and I just used the tips in the video to setup my router. But I have a question: Does my router have this "guest network" setup when it's configured to be an access point for another router?

@Ootgreet1

2 жыл бұрын

@@Benjamim600 Post the make and model # of your router and we can take a look at online manuals, docs, etc My tp-link router has a guest network setup with its own SSID, and password.

@Benjamim600

2 жыл бұрын

@@Ootgreet1 It's a tp-link Archer C20 Version 5. I actually managed to set a new SSID(a "guest" one) within the 2.4G frequency separated from my LAN 2.4G with the Multi SSID option. The thing is, I cannot get any internet access through this new "guest" SSID, and I have no idea why. I've been reading alot about routers and IP Adresses but I don't understand what is causing the problem.

@4x1Consciouskid

2 жыл бұрын

A de-authentication attack can reveal hidden SSIDs via device probe requests if the attacker cares enough.

@haveaniceday7950

Жыл бұрын

@@4x1Consciouskid so is hidden SSID worth it?

My favorite way is to not have wi-fi.

@ArchieHalliwell

3 жыл бұрын

Just use templeos, it is very secure network-wise

@Gabifuertes

3 жыл бұрын

@@ArchieHalliwell just don't use any computers at all

@suddenlywat

3 жыл бұрын

Yep, ethernet is better. If you really need to use devices all over your home then use powerline ethernet and secure the powerline adapters with a password.

@sfsarfe

3 жыл бұрын

@@suddenlywat i use a phone line

@richmail

3 жыл бұрын

eathernet

I remember my college had a default password on main hub, good thing there weren't anyone who was smart enough to learn how to set malware on router level

@ohheyalan123

2 жыл бұрын

CIA laughs

You are a blessing for most people Mental Outlaw. Thank you. Really, if you ever feel sad think you are the introduction to many, many people who are becoming everyday more passionate about these topics.

Dictionary in my country will be challenging if the users use the local language for passwords. Not only we have long words (compared to English words), on top of that we have 15 declinations of every noun which adds 1-4 letters to each root noun. And they occasionally modify the root as well.

@saulbadillohernandez2749

3 жыл бұрын

When using dictionary attacks the lenght doesn't affect that much and declinations and such are still pratons that can be used when you create the dictionary so yeah it might be a little tricky but if the attacker is a native speaker it can be done.

@superslimanoniem4712

2 жыл бұрын

@@saulbadillohernandez2749 it might take longer too with more permutations. So yeah, definitely annoying, especially if they don't know the language of your password, but not uncrackable.

@FullSemiAuto357

2 жыл бұрын

Donaudampfschiffahrtsgesellschaftskapitän

@hpsmash77

2 жыл бұрын

le stupid websites not allowing non-ASCI characters

@OldieBugger

2 жыл бұрын

@@superslimanoniem4712 Hey, no password is uncrackable. Some just take longer to crack than others. I'm happy enough with longer ones.

As someone getting into cybersecurity, this rundown is great, thanks

I just bash my head against the keyboard a few times. Thats the most secure way especially because if you do it hard enough you will get a concussion so you won’t remember it anyway lol.

@Prophet311

Жыл бұрын

@Comentarista bash your had into your phone. Or if you have money to burn just smash it with a hammer a few times

First, to say thank you! :-) 👍👋

HAPPY 10K!!! You might remember me as Darkly Traveling Box but I'm leaving this here as a reminder that I was her since like 7k I think.

Thanks, TP-Link, for not allowing me to disable WPS completely...

@CasualCodeChannel

3 жыл бұрын

Check if your model is supported by OpenWRT, then flash it.

@jpHasABadHandle

3 жыл бұрын

@@CasualCodeChannel It's Archer C3200, so no.

@Ant0ine64

3 жыл бұрын

Put glue in the wps button so you can't press it anymorr

@AcidiFy574

3 жыл бұрын

@i blocked ads watching this video. oh shit Well, VPN& TOR& DoH time

@randykitchleburger2780

3 жыл бұрын

Junk it baby!

Ah yes, better wireless cable management. Very important. Only thing missing is RGB lighting.

about WPS id like to thank you for alerting the viewers to turn it off in all the diagnostics ive run in many routers i saw that i managed to get their password by using pixie dust on like, 90% of them pixie dust is a method that can get the routers password by exploiting a fail that comes "built in" on the devices hardware the only 2 ways to prevent this attack is by buying an expensive router (lots of cheap routers are vulnerable to it) or by disabling WPS itself, which is the most preferrable if i would run a security check into a router, pixie dust would usually be the 1st method i would try since no matter its password security, it will give me its pin number in a matter of seconds and once someone has your pin, they will always have your password since any hacker can send the pin to the router and the router will just hand the password over to the hacker

Some of the easiest WPA2: Charter/Netgear, Phone numbers. Phone numbers are easy as they are all digits and you know their area code already. Charter/netgear, there is a word list out there with all the adverbs, nouns, numbers.

Your contempt for letter agencies is refreshing tbh, you don't see it enough on youtube (hmm wonder why)

Hi, don't you think about creating a video about your thoughts on Mac Os and on Apple devices in general?

This was very helpful, thank you! I am looking to buy a new router to replace my old one, do you have any recommendations? Preferably one with a security focus..

Thanks for the tips, thumbs up!!!

For plebs who don't know, You can host a private hotspot on your wifi network using wpa if you have some older consoles/devices that dont support wpa2 without making your entire network insecure.

@randykitchleburger2780

3 жыл бұрын

Ras Pi is great for wifi to ethernet

@wishihadablog

2 жыл бұрын

@@randykitchleburger2780 only the Pi 4 as the previous versions only support 100MBit/s ethernet

@randykitchleburger2780

2 жыл бұрын

@@wishihadablog For sure, Tried on my 3B and it's like 10Mbps. 4 easily does over 100.

@RandarTheBarbarian

2 жыл бұрын

@@wishihadablog in practical terms if we're talking about something old enough to not support WPA2 I don't think it matters if the throughput of the pi is only 100mbps... just saying

Thank you very much bro🔥🔥🔥

Great Video Brother, keep up the good work and thanks for the relevant to current scenario of cyber security videos!👍🏼 Just a few doubts and concerns I have, I hope you see and clarify the same: Okay, so say I'm going the fully wired route even for Mobiles, maybe few if unavoidable encrypted WiFi, now to mitigate ISP/Intel (yeah "GLO" folks on my Court Cases list) tracking of person's Devices MAC IDs IPs, IMEI/IMSI, Sim IDs etc on the network, 1. Should one connect another personal router/modem and bridge the Connection from ISP router disabling/turning off WiFi, DHCP, WPS, so that you're only using ISP Router 1 for source of internet(entry/exit point), but from own Router 2 only the DHCP, routing, IP Allotment, MAC Filters(Allow only listed devices/deny all else) and what not begins. 2. From Router 2 Followed onto >Network Switch/es or VPN Router/s be connected for added layers of security, so say USB port 1 is external HDD for Network File Sharing Server, Printer goes Wired to 2nd USB port in Router 3(network printer)which contains own Interface VPN! Is that safe? Other routers do I need to install OPEN-WRT DD-WRT on them if available? Does a Network Switch need OpenSource Firmware installed on it or the OG interface and firmware should be fine? (D-Link DES-1210-28P Model) 3. What are the benefits/cons(if any recurring costs) of adding a Physical Firewall device(or PfSense/OPNSense PC/low powered laptop/PiHole firewall/file&email server OS device) to this mix? 4. Will that firewall device be placed prior to the ISP router or since Optical Fibernet Connections port won't be on the Firewall Device, connected to the ISP modem/router before it goes to the network, I'm guessing the latter by logic, would highly appreciate it if you/anyone else too could please let us know your thoughts on such a setup. Let's just say for a Whistle Blower/Criminal Investigative Journalist/Reporter Level kind of Setup, what sort of a streamlined secured network setup will you implement, what OSs on Devices(PCs/laptops) ROMs for Mobiles would you suggest (could you make a video please maybe) where there will be little to NO room for chances of leaks/hacks or risks of MITM/DDoS attacks in said network setup! I'm not sure, if you'll read/answer this, but I've seen most of your videos are close/closest to the topics I'm looking for so hopefully I get to see a/some video/s on this soon! Much appreciated! Take Care and God Bless!👼🏽🕵🏼🇮🇳🗺️👍🏼🙏🏼

Question: why that specific logo? The cat with 4 eyes? 👀 👀

@wildflower2812

3 жыл бұрын

Yes why that logo

@GooogleGoglee

3 жыл бұрын

@Louis Loos could be, I was just curious :) maybe there is a different reason

hei, great video! I was wondering what if some device only supports WPS? For example wifi signal repeaters, although with those I don't think there is a pin involved since you can only press one button...

@ikazuchi-san5772

3 жыл бұрын

im not sure myself since i never messed with repeaters but if you have to use WPS on repeaters, it means your router also has to use WPS the problem is... if someone can get your routers WPS PIN... depending on your router model it can be laughable easy (i figured out i can break my home wifi using it in mere seconds) and if a hacker has the pin, even if you change passwords, the router will give him the new password, cuz he has the routers PIN code

Sec-ops is a vital part of Linux users life! Listen to the advices!

6:05 to make it even better, you can make your 5G band invisible so nobody even knows it exists while you secretly get 5x the speed lmao

Very helpful video, thank you.

@Lazabaza7752

2 жыл бұрын

Yeah, he’s helping me alot

YT needs a search comments function. Did someone already ask about the built in guest networks on wifi routers. I know they have a different range of IP addresses but don't know how good the firewall between them is. I have an airBnB. Currently they use a guest network in case they try to spread crap and periodically change the relatively simple password. My own network has a good password (s) but is my guest network letting stuff in? Just ordered a new router. Planning on connecting it by ethernet to a Raspberry Pi to create 2 new networks. One for IoT. One for Guests. Can I add a firewall to the RP?

Me: Watching Mental Outlaw KZread autoplay: Oh, you aren't watching this on purpose. You want to be redirected to coding bootcamp c++ tutorials right?

Excellent

Advanced option is to get vlan capable networking equipment and isolate your wifi in a DMZ and block all non DNS requests to your firewall from that vlan.

i am a noob, and need some help securing both machine and networks ... am able to read and follow directives.. THANK YOU IN ADVANCE

Mental Outlaw and Luke Smith are the realest....

Good video. Thanks.

Great video

I was hoping you would mention swapping out the router firmware with DD-WRT or OpenWRT + not broadcasting your SSID, and finally creating a VLAN for guests. But other then that its ok advise I guess.

@liesdamnlies3372

3 жыл бұрын

Eh, not broadcasting the SSID isn't really a security measure. Anyone sniffing packets flying around will learn your network is there and just not broadcasting its ID right quick. And then they'll, of course, have the SSID. You'd only stop the dumbest of script kiddies, and even then you're going to potentially increase power usage on all your devices. Not worth it, imo.

@Anhar001

3 жыл бұрын

@@liesdamnlies3372 sure of course, however security is a "set of things" such that there are a set of "best practices", for example not having SSH on the standard port, or not using "admin" as the username as well as many other standard techniques, does any of those things mean that it's impossible to bypass? NO what it does mean is that it "harderns" your system through a set of practices. If you noticed I not only mentioned about disabling the SSID broadcast (standard practice for security hardening) but also having a segregated vLAN, there are of course a lot more techniques you could apply but it's a very good starting point. But of course whatever security hardening measure you deploy one could argue that some determined attacker can always defeat it, but of course you have to keep things into context, as the hardening increases so does the skill level which makes it less and less likely.

@undefinedchannel9916

2 жыл бұрын

@@Anhar001 security through obscurity is not security

@haveaniceday7950

Жыл бұрын

@@liesdamnlies3372 how does it increase power usage?

I'm a little confused and looking things up on the web has shown no results. If linux has all ports closed by default how am I able to ssh into another linux computer? Shouldn't it be blocked then?

I wouldn't put the plebs on the 2.4 GHz channel, because it can actually end up slowing down the rest of the network; e.g. they drop many more packets and end up using more bandwidth than they would if you just let them use the 5 GHz channel. The 802.11ac has vastly superior QoS

@desertlightning7335

2 жыл бұрын

People really should consider having a separate, managed guest network. A lot of routers support it. You can also set certain devices to priority in most settings menus.

You know it is the last stop, the final and ultimate guide to it when mental outlaw puts emojis on the title.

Thanks man

The big problem here is wifi routers that don't have firmware updates anymore. Do you have a wifi router + adsl with openwrt support to raccomend?

@MentalOutlaw

3 жыл бұрын

yes, this is a future video i'll be making, waiting for rona lockdowns to subside so I can purchase some routers from bby

@ArthursHD

3 жыл бұрын

Most cheap IoT devices do not get updates and should not be taken seriously :)

Your voice sounds so clear in your videos, what audio equipment do you use?

@longnamedude3947

3 жыл бұрын

I'd say either a external Audio Interface or a Good Sound Card with a dedicated Mic amplifier and decent isolation, of course a high quality XLR Mic is probably the most logical choice to pair with. These days you can get a great Audio setup for your Microphone for under £70, and I mean seriously good. Price's of these types of products have dropped massively since the mid-00's

GNU/Hurd immunity.

4Chan Party Van: There's no shaggin in this wagon....

Could you please turn your videos into podcasts as well?

Damn does a physical master lock on my cat5 cable like that really work? That's tight.

@superslimanoniem4712

2 жыл бұрын

Maybe not a master lock lol. Another model is possible, though I haven't tried this innovative method.

How about hidden SSID? Does it add any layer of security or am I doing it for no reason?

Actually, the WPS PIN key space is 11,000, as the last digit is just a checksum and can be generated on the fly.

what about a dedicated router like pfsense or sophos?

"2.4 GHz pleb frequency" I giggled 😄

I do a randomly generated one of 64 bit characters including symbols. On top of that, I have a separate network for visitors and iot devices that is totally blocked from having access to my main network.

@CayoBuay

Жыл бұрын

I set my ISP modem to bridge mode, then have OPNsense as my gateway, set my routers to access point mode. My OPNsense box has 4 ports with each firewalled off from each other. The IoT/guest network is only allowed to get DNS and connect to internet but cannot do anything with other networks.

🤔🤔 I wonder if mixing and matching languages would add some extra level to passwords.

"pleb frequency" I died. :D

@greenbeginner9221

2 жыл бұрын

I'm new at this. What he mean by this?

How about using a chain of random words as a password? How sophisticated are the dictionary based cracking tools?

Hi can you create a video about self-hosting?

What I needed was the thumbnail, bye gotta try it if it doesn't work imma sue you.

How about using MAC address filtering? I had a pretty strong password that had only characters, symbols and numbers and still got hacked... but since I enabled mac filtering, no one has been able to connect to my wifi... by the way, if someone knows the shared key, is it possible to hack any strenght password with that? Cheers....

But does it make any meaningful difference to mix upper/lower/special/number, etc, when the password is sufficiently long? I mean, if I only use lower alphabets, if my password is 10-characters long, the possibility is 1/26^10. If I use all those weird things, it will be 1/(26*2+10*2)^10. The former is 7.0e-15 the latter is 2.6e-19. Isn't 7.0e-15 already too big to try with brute-force? Even if a hacker can try 10,000 per second, it still takes 10,743 years.

@MentalOutlaw

3 жыл бұрын

the thing is 10,000 per second is VERY slow in terms of pw cracking. Even in my PC which only has an i7 4790k and a gtx 970 I can do seceral million every second. Someone, or a team with a cluster of modern GPUs can do billions or even hundreds of billions.

@typingcat

3 жыл бұрын

@@MentalOutlaw For local attempts like finding the password for a ZIP file, one could do billions of trials per second, but isn't in case of finding Wi-Fi password, the speed limited by the communication speed with the router? Can a router respond to that many attempts in a second?

@MICKYLEAKSMGR-PRESIDENTCJWORLD

3 жыл бұрын

@@MentalOutlaw Much more for Intel dudes with all the computing power in the world!

@SibaNL

3 жыл бұрын

@@typingcat I think cracking happens on the local machine using recorded packets

@randykitchleburger2780

3 жыл бұрын

@@typingcat No sir. EAPOL packets are captured and that is the key exchange. It will be worked on offline

Do you even OpenWRT?

Wtf with the girl in the park analogy hahaha

My favourite thing is to switch some of my favourite words into binary

@ 13:00 ROFL, pictured the actual dumpster and flames.

Apparently you need to put a lock around your lan cables...

let's appreciate he's work he put in his videos..

Disable SSID Broadcast, if people cant see your SSID it's harder for them to guess the name as long as you don't make it obvious.

@MentalOutlaw

3 жыл бұрын

true, but that's more "security through obscurity" basic wifi analyzers can uncover a hidden ssid

@Sn0wisD34th

3 жыл бұрын

@@MentalOutlaw Fair enough, this is something additional that the normies can do to make it harder for the basic skiddie to remote to their router.

@ZaHandle

2 жыл бұрын

that’s not recommended as 1. it’s harder to connect things 2. you will look more interesting as a target

Keep it secret, keep it safe.

What's a globoy?

5:00 or you mean everytime you connect your xbox

“The spooks in her network”

OMG He said herd mentality LOL

Like Ethernet?

That white KZread make me blind xD

I never understood why coffeshops are able to provide free internet access, doesn't that grant complete untraceability for bad actors? Whose liability is it if some illegal activity is traced back to the coffee shop's IP address?

oh guys try looking at the nose on the smiley for like 2 min then look at a white wall and blink a couple of times

@desertlightning7335

2 жыл бұрын

Weird flex, but okay.

@iTzStick

2 жыл бұрын

You're goddamn right!

is he the "casually explained" guy? he sounds like him

1. Set maximum transmit power 2. Set your password to ""

@desertlightning7335

2 жыл бұрын

You forgot swapping the routers antenna for an omnidirectional one and putting it on the top of your roof. Don't forget using DDWRT and increasing the power output to that of your microwave

How about guest networks?

@randykitchleburger2780

3 жыл бұрын

All networks should have a password. Otherwise open wifi is straight up unencrypted

My router does not come with its own password sticker. And my ISP refuses to tell me what my admin credentials are. They also refuse to change my default user settings which are easy to guess if you know my router model. what do...

@user-jd3gf5xw1x

2 жыл бұрын

change the isp...? there's some shady shit going on

@scottcooper4391

Жыл бұрын

@@user-jd3gf5xw1x Or put your own router between ISP's router and your stuff.

Everyone is universally praising the video but I believe you've missed 2 very major components. IDK maybe I am just talking out of my ass so I might be wrong, but regardless - You mentioned that you can set different passwords for 5ghz wifi and 2.4ghz wifi. It could be possible that you're router is different than the ones I've used, but both broadbands connect you to the same network. That is - devices on 5ghz network will be able to see and communicate with devices on 2.4ghz network. It not a good way of protecting the network at all. The correct way of doing it is via guest network. Every single router I've owned, even the decade old ones with just 2.4ghz antennas had this feature. How this works is that you have your private network which only has your devices on it. And you setup a guest network with its own SSID and its own separate password. In fact you can have a 5ghz and a 2.4ghz network for your private network ALONG with 5ghz and 2.4ghz for your guest networks. It obviously might depend on which router you're using but your guests won't have to be on the pleb speeds at least. Security here is achieved in 2 ways (afaik at least. 3 routers I have set up guest network on handled them differently) First one is creating an entirely different network. So your private network might be on 192.168.0.xxx and your guest network might be on 192.168.1.xxx. And your router will not let the devices on guest network talk to devices on your private network. The newer TP router I have keeps both devices on the same network but won't let them talk to any other device. This is what the router says - " - Allow Guests To Access My Local Network - If enabled, guests can communicate with hosts. - Guest Network Isolation - If enabled, one guest can not communicate with another. " Another neat thing you can do is to disallow accessing the router config/admin page to just a limited set of devices by whitelisting a MAC address. The way I have set it up is to whitelist only my computer, connected via a cable to be able to access the router admin page. People on your guest devices can't access the router admin page anyway, but this is just an additional layer of security. Of course they can spoof my MAC address but its better than nothing. Welp I don't really know a lot about this. This is everything I learnt from reading the router's help articles so I might have outdated information. But one thing I can say for certain is creating separate passwords for 5ghz and 2.4ghz network will do absolutely nothing in terms of network security.

Nobody's gettings access to those ethernet ports with that padlock in the way.

My first language is Georgian, if somebody going to Hack it in Austria 😆 i would love that person, because it means he learned Georgian ❤️

Easy don't have one...

Still miss ifconfig

air cerack ng!!!!!!!!!

10:30 just HIDE your SSID

13:00 The disrespect is so casual and brutal.

dumpsterfireOS™

I change my passwords every 3 months

why the thumbnail is literally putting a lock on ethernet cables

my isp router has a really horrible password of 12345678 (I want to completely disable its wifi hince i have router)

Playback speed 1.5x

@josephbrennan370

2 жыл бұрын

🙏

F@ck, I thought not using the same password for my accounts was enough to secure my internet activity, never expected this was a rabbit hole...

If you just dont do any suspicious things, the party van will never come even if they know all about your internet history.

Are you saying that User: admin Password: admin Isn't hacker proof?

6:30 wifi exploit?

How to secure wifi? You cant, WPA2 has the KRACK vulnerability and WPA3 isn’t widely available and also has its own vulnerabilities and its brand new. Wifi isnt secure.

And there are also people who use the password as their *city* password which isn't secure lol...

Don't forget that evil twin attack.....

Will you.... will you marry me?