As a security professional myseld, I am actually surprised that this is a good video for home users. I was expecting some cringe. Good video! The biggest boost in security for normal users is to definitely use a password manager. too many people just re-use passwords and with all the breaches over the years, if you have been using the same password's for every site, your password has been 100% pwned. Remembering passwords is a chore, let the computer handle it.

Arabic is my first language and my wifi password is a mix of symbols, letters and digits IN ARABIC. Good luck hacking it. 😂

Great overview. Two more tips: most routers have a "guest network" setup where you can assign a separate SSID and password for guests to use your wifi which you can configure to not be able to access the (main) local network. Any IoT device you own such as a webcam should be placed on this guest network. And - a hidden SSID avoids the problem of wardriving by neighbors or unfriendlies. You covered the most critical stuff for normies, however.

When doing biblical studies with the girl from the park be sure to throw holy water on the router to prevent anybody from connecting to it.

My favorite way is to not have wi-fi.

I remember my college had a default password on main hub, good thing there weren't anyone who was smart enough to learn how to set malware on router level

Dictionary in my country will be challenging if the users use the local language for passwords. Not only we have long words (compared to English words), on top of that we have 15 declinations of every noun which adds 1-4 letters to each root noun. And they occasionally modify the root as well.

You are a blessing for most people Mental Outlaw. Thank you. Really, if you ever feel sad think you are the introduction to many, many people who are becoming everyday more passionate about these topics.

As someone getting into cybersecurity, this rundown is great, thanks

HAPPY 10K!!! You might remember me as Darkly Traveling Box but I'm leaving this here as a reminder that I was her since like 7k I think.

Some of the easiest WPA2: Charter/Netgear, Phone numbers. Phone numbers are easy as they are all digits and you know their area code already. Charter/netgear, there is a word list out there with all the adverbs, nouns, numbers.

Your contempt for letter agencies is refreshing tbh, you don't see it enough on youtube (hmm wonder why)

I just bash my head against the keyboard a few times. Thats the most secure way especially because if you do it hard enough you will get a concussion so you won’t remember it anyway lol.

Thanks, TP-Link, for not allowing me to disable WPS completely...

about WPS id like to thank you for alerting the viewers to turn it off in all the diagnostics ive run in many routers i saw that i managed to get their password by using pixie dust on like, 90% of them pixie dust is a method that can get the routers password by exploiting a fail that comes "built in" on the devices hardware the only 2 ways to prevent this attack is by buying an expensive router (lots of cheap routers are vulnerable to it) or by disabling WPS itself, which is the most preferrable if i would run a security check into a router, pixie dust would usually be the 1st method i would try since no matter its password security, it will give me its pin number in a matter of seconds and once someone has your pin, they will always have your password since any hacker can send the pin to the router and the router will just hand the password over to the hacker

Ah yes, better wireless cable management. Very important. Only thing missing is RGB lighting.

First, to say thank you! :-) 👍👋

6:05 to make it even better, you can make your 5G band invisible so nobody even knows it exists while you secretly get 5x the speed lmao

For plebs who don't know, You can host a private hotspot on your wifi network using wpa if you have some older consoles/devices that dont support wpa2 without making your entire network insecure.

Question: why that specific logo? The cat with 4 eyes? 👀 👀

Mental Outlaw and Luke Smith are the realest....

Sec-ops is a vital part of Linux users life! Listen to the advices!

Actually, the WPS PIN key space is 11,000, as the last digit is just a checksum and can be generated on the fly.

Thanks for your sharing

The big problem here is wifi routers that don't have firmware updates anymore. Do you have a wifi router + adsl with openwrt support to raccomend?

I was hoping you would mention swapping out the router firmware with DD-WRT or OpenWRT + not broadcasting your SSID, and finally creating a VLAN for guests. But other then that its ok advise I guess.

Love your stuff!

Great Video Brother, keep up the good work and thanks for the relevant to current scenario of cyber security videos!👍🏼 Just a few doubts and concerns I have, I hope you see and clarify the same: Okay, so say I'm going the fully wired route even for Mobiles, maybe few if unavoidable encrypted WiFi, now to mitigate ISP/Intel (yeah "GLO" folks on my Court Cases list) tracking of person's Devices MAC IDs IPs, IMEI/IMSI, Sim IDs etc on the network, 1. Should one connect another personal router/modem and bridge the Connection from ISP router disabling/turning off WiFi, DHCP, WPS, so that you're only using ISP Router 1 for source of internet(entry/exit point), but from own Router 2 only the DHCP, routing, IP Allotment, MAC Filters(Allow only listed devices/deny all else) and what not begins. 2. From Router 2 Followed onto >Network Switch/es or VPN Router/s be connected for added layers of security, so say USB port 1 is external HDD for Network File Sharing Server, Printer goes Wired to 2nd USB port in Router 3(network printer)which contains own Interface VPN! Is that safe? Other routers do I need to install OPEN-WRT DD-WRT on them if available? Does a Network Switch need OpenSource Firmware installed on it or the OG interface and firmware should be fine? (D-Link DES-1210-28P Model) 3. What are the benefits/cons(if any recurring costs) of adding a Physical Firewall device(or PfSense/OPNSense PC/low powered laptop/PiHole firewall/file&email server OS device) to this mix? 4. Will that firewall device be placed prior to the ISP router or since Optical Fibernet Connections port won't be on the Firewall Device, connected to the ISP modem/router before it goes to the network, I'm guessing the latter by logic, would highly appreciate it if you/anyone else too could please let us know your thoughts on such a setup. Let's just say for a Whistle Blower/Criminal Investigative Journalist/Reporter Level kind of Setup, what sort of a streamlined secured network setup will you implement, what OSs on Devices(PCs/laptops) ROMs for Mobiles would you suggest (could you make a video please maybe) where there will be little to NO room for chances of leaks/hacks or risks of MITM/DDoS attacks in said network setup! I'm not sure, if you'll read/answer this, but I've seen most of your videos are close/closest to the topics I'm looking for so hopefully I get to see a/some video/s on this soon! Much appreciated! Take Care and God Bless!👼🏽🕵🏼🇮🇳🗺️👍🏼🙏🏼

You know it is the last stop, the final and ultimate guide to it when mental outlaw puts emojis on the title.

"2.4 GHz pleb frequency" I giggled 😄

Thank you very much bro🔥🔥🔥

Advanced option is to get vlan capable networking equipment and isolate your wifi in a DMZ and block all non DNS requests to your firewall from that vlan.

Your voice sounds so clear in your videos, what audio equipment do you use?

Hi, don't you think about creating a video about your thoughts on Mac Os and on Apple devices in general?

Thanks for the tips, thumbs up!!!

I'm a little confused and looking things up on the web has shown no results. If linux has all ports closed by default how am I able to ssh into another linux computer? Shouldn't it be blocked then?

4Chan Party Van: There's no shaggin in this wagon....

This was very helpful, thank you! I am looking to buy a new router to replace my old one, do you have any recommendations? Preferably one with a security focus..

Damn does a physical master lock on my cat5 cable like that really work? That's tight.

Good video. Thanks.

"pleb frequency" I died. :D

hei, great video! I was wondering what if some device only supports WPS? For example wifi signal repeaters, although with those I don't think there is a pin involved since you can only press one button...

How about using a chain of random words as a password? How sophisticated are the dictionary based cracking tools?

I do a randomly generated one of 64 bit characters including symbols. On top of that, I have a separate network for visitors and iot devices that is totally blocked from having access to my main network.

But does it make any meaningful difference to mix upper/lower/special/number, etc, when the password is sufficiently long? I mean, if I only use lower alphabets, if my password is 10-characters long, the possibility is 1/26^10. If I use all those weird things, it will be 1/(26*2+10*2)^10. The former is 7.0e-15 the latter is 2.6e-19. Isn't 7.0e-15 already too big to try with brute-force? Even if a hacker can try 10,000 per second, it still takes 10,743 years.

🤔🤔 I wonder if mixing and matching languages would add some extra level to passwords.

What I needed was the thumbnail, bye gotta try it if it doesn't work imma sue you.

i am a noob, and need some help securing both machine and networks ... am able to read and follow directives.. THANK YOU IN ADVANCE

Do you even OpenWRT?

Could you please turn your videos into podcasts as well?

Great video

I wouldn't put the plebs on the 2.4 GHz channel, because it can actually end up slowing down the rest of the network; e.g. they drop many more packets and end up using more bandwidth than they would if you just let them use the 5 GHz channel. The 802.11ac has vastly superior QoS

GNU/Hurd immunity.

Very helpful video, thank you.

Like Ethernet?

Excellent

what about a dedicated router like pfsense or sophos?

My favourite thing is to switch some of my favourite words into binary

Who tf goes for bible study in girls apartment 😂😂😂

How about hidden SSID? Does it add any layer of security or am I doing it for no reason?

“The spooks in her network”

How about using MAC address filtering? I had a pretty strong password that had only characters, symbols and numbers and still got hacked... but since I enabled mac filtering, no one has been able to connect to my wifi... by the way, if someone knows the shared key, is it possible to hack any strenght password with that? Cheers....

Just as a bot of advice. If u are rver in thailand and hitting on a gal and worried she is a lady boy try this trick. Find a way to talk about her age. Usually say she looks 10 years younger than what she looks. Shell ofc say ut being sweet blah nlah and say she is older. Pretend to be confused and ask her to prove it. Generally they will show u their id. If the last name abbreviation next to the actual name is 2 xharacters its a guy and 3 its a girl. Might have teversed but legally they cant change that only get surgery. Hope this helps ;)

let's appreciate he's work he put in his videos..

Hi can you create a video about self-hosting?

Everyone is universally praising the video but I believe you've missed 2 very major components. IDK maybe I am just talking out of my ass so I might be wrong, but regardless - You mentioned that you can set different passwords for 5ghz wifi and 2.4ghz wifi. It could be possible that you're router is different than the ones I've used, but both broadbands connect you to the same network. That is - devices on 5ghz network will be able to see and communicate with devices on 2.4ghz network. It not a good way of protecting the network at all. The correct way of doing it is via guest network. Every single router I've owned, even the decade old ones with just 2.4ghz antennas had this feature. How this works is that you have your private network which only has your devices on it. And you setup a guest network with its own SSID and its own separate password. In fact you can have a 5ghz and a 2.4ghz network for your private network ALONG with 5ghz and 2.4ghz for your guest networks. It obviously might depend on which router you're using but your guests won't have to be on the pleb speeds at least. Security here is achieved in 2 ways (afaik at least. 3 routers I have set up guest network on handled them differently) First one is creating an entirely different network. So your private network might be on 192.168.0.xxx and your guest network might be on 192.168.1.xxx. And your router will not let the devices on guest network talk to devices on your private network. The newer TP router I have keeps both devices on the same network but won't let them talk to any other device. This is what the router says - " - Allow Guests To Access My Local Network - If enabled, guests can communicate with hosts. - Guest Network Isolation - If enabled, one guest can not communicate with another. " Another neat thing you can do is to disallow accessing the router config/admin page to just a limited set of devices by whitelisting a MAC address. The way I have set it up is to whitelist only my computer, connected via a cable to be able to access the router admin page. People on your guest devices can't access the router admin page anyway, but this is just an additional layer of security. Of course they can spoof my MAC address but its better than nothing. Welp I don't really know a lot about this. This is everything I learnt from reading the router's help articles so I might have outdated information. But one thing I can say for certain is creating separate passwords for 5ghz and 2.4ghz network will do absolutely nothing in terms of network security.

is he the "casually explained" guy? he sounds like him

How about guest networks?

Apparently you need to put a lock around your lan cables...

Disable SSID Broadcast, if people cant see your SSID it's harder for them to guess the name as long as you don't make it obvious.

1. Set maximum transmit power 2. Set your password to ""

Thanks man

Keep it secret, keep it safe.

Wtf with the girl in the park analogy hahaha

@ 13:00 ROFL, pictured the actual dumpster and flames.

What's a globoy?

oh guys try looking at the nose on the smiley for like 2 min then look at a white wall and blink a couple of times

OMG He said herd mentality LOL

let's appreciate him he put effort into his videos

I never understood why coffeshops are able to provide free internet access, doesn't that grant complete untraceability for bad actors? Whose liability is it if some illegal activity is traced back to the coffee shop's IP address?

My first language is Georgian, if somebody going to Hack it in Austria 😆 i would love that person, because it means he learned Georgian ❤️

That white KZbin make me blind xD

my isp router has a really horrible password of 12345678 (I want to completely disable its wifi hince i have router)

why the thumbnail is literally putting a lock on ethernet cables

If you just dont do any suspicious things, the party van will never come even if they know all about your internet history.

5:00 or you mean everytime you connect your xbox

Are you saying that User: admin Password: admin Isn't hacker proof?

Nobody's gettings access to those ethernet ports with that padlock in the way.

10:30 just HIDE your SSID

Wiked smaaat !😂

And there are also people who use the password as their *city* password which isn't secure lol...

How to secure wifi? You cant, WPA2 has the KRACK vulnerability and WPA3 isn’t widely available and also has its own vulnerabilities and its brand new. Wifi isnt secure.

my wifi password is password. How ridiculous right.

I am having error,how to configure in linux mint?

What do you mean by "party van"? I'm sorry I'm uncultured

13:00 The disrespect is so casual and brutal.

Easy don't have one...

Don't forget that evil twin attack.....

F@ck, I thought not using the same password for my accounts was enough to secure my internet activity, never expected this was a rabbit hole...

ok but why tf is the routers letting someone probe for passwords 80k times a second? Most websites, and like every phone/tablet ever, only let you guess x number of times before it locks you out for x amount of time. Why would routers not also include this basic security feature.