[economistbob]

I had organized neighbors who broke WPA3 using tools, i disabled downgrade to WPA2 and they still broke it. I had one that setup an evil twin to catch my Linux login They stole the IP of one of boxes so they could get my login, and joined my network to setup the credential stealer. I caught this when my password didn't work at the ssh login. That was an apartment and they knew when I caught them.

The problem is not wardrivers. The problem is your neighbors running 24x7 cyber operations. It happens everywhere. When I moved to a house there was a persistent attacker, and finally I setup my own key and authentication infrastructure.

They broke everything.

Finally I had to go EAP TLS and rotate certificates every three months.

Evil twin attack that keeps switching sides... The first of its kind, soon to be automated into a single button if it isn't already.

Does the temporal key mechanisms prevent them from taking a key they denial of serviced their way to while I was work -- do the temporal mechanisms prevent them from sniffing all my packets when I get home. They will not use it to get data during the denial of service.... But if they can get that radius key and use it five hours later during some backups or something...

That is the question.

[StilesCrisis]

Is it possible that you have undiagnosed schizophrenia?

[mechanicalpulse]

It's possible that he's taking "hope for the best, prepare for the worst" to its logical if unhealthy extreme by interpreting every ambiguous 802.11 frame as one with ill intent. However, just because he's paranoid doesn't mean there aren't misaligned people, devices, and applications out there probing networks.

It's probably a good idea for anyone to check themselves every now and then by playing Angel's Advocate just as much as they might play Devil's Advocate, but I don't think rejecting his premises out of hand with a drive-by diagnosis is all that helpful.

[9sdf90skdjflks]

Fair enough, but in this case there are several massive red flags that OP was experiencing a variant of "targeted individual" delusion. (The confidence without evidence that their neighbor was a determined hacker group, using a complex zero-day to attack them at home personally, tie-ins to fear/belief of this being a widespread phenomenon).

I had a stretch of a year or so a decade ago where I was going through something very similar, down to the belief a hacker group was targeting my WiFi network despite the great lengths I was going to secure it during the setup process inside an RF shielded area, yet they still kept "getting in" somehow... so I recognize the signs.

If OP can re-read their comment later on in a different mindset, they may start to notice things that felt so certain at the time don't actually add up logically in retrospect, that's how I ended up breaking out of it eventually.

[mechanicalpulse]

Modern 802.11 implementations are wildly complex. The output from `iw list` on a Linux system with a modern WiFi radio, a trip through the example configuration that ships with `hostapd`, or perusing the lengthy list of standards, amendments, and extensions on Wikipedia will reveal it, too.

Given the complexity of modern 802.11 protocols and the prevalence of WiFi radios in devices of all kinds, I find it well within the realm of possibilities for anyone to observe 802.11 traffic that is sufficiently ambiguous to create the confidence necessary to be a mentally workable substitute for evidence of a targeted attack. There may be a lot of evidence that could be found to refute that very same premise, though, if one knows what to look for.

[varispeed]

This happened to someone I used to know. Rare side effect of medication.

[kyboren]

Where the fuck do you live?

Both an apartment you lived in and a house you moved to had neighbors who cracked your WPA3 network and compromised your infrastructure?

Also: You use EAP TLS on your home network but not SSH keys?

[economistbob]

Yes. In my view, the negative payoff from getting locked out of a machine due to a key file mishap is more severe than the payoff of typing passwords all the time. I also use machines of various distributions and eras, and so the configurations would all differ and create hindrances.

I realize the security relevance of that, but I do not have daily images to restore from if something happens. I got locked of a key only box one time with an error after a reboot, and never want it to happen again. It felt like being robbed.