Networking & wireless: Stopping wireless use
Stopping wireless use
by jbndhs - 1/12/05 9:24 PMI just found out that the guy next door is using my wireless router to get on the internet. It is a links router. What is the best way to hide it? I changed the SSID when I set it up. If I changed it again and didn't broadcast it would that do it? Also I could just use it as a wired router if there was a way to make it not wireless.
MAC filtering for one....
by Michael Geist - 1/13/05 2:18 AM In reply to: Stopping wireless use by jbndhsit should be in the manual.
MAC filtering.
by R. Proffitt
- 1/13/05 4:23 AM
In reply to: Stopping wireless use by jbndhs
The SSID can still be picked off the air even if your WAP doesn't broadcast. It's a feature of using AIRSNORT to sniff it from other packets that are exchanged.
Do the MAC filter and it's too difficult for most to get around.
Several options...
by chemisti - 1/14/05 5:38 PM In reply to: Stopping wireless use by jbndhs1. You can disable the "broadcast ssid" option and that will stop your router from "announcing its presence".
2. You probably have (somewhere buried in the menu structure) the ability to enter the MAC address for each device that you want to connect to your router. If you are running WinXP, perform the following steps:
a. START menu, then RUN
b. Type "CMD" - this should open a window (used to be called a DOS window.)
c. After the command prompt, type "ipconfig/all"
d. The mac address will look like this: 00-00-00-ae-1f-20
e. Most devices also have the mac address written on them somewhere - your router has one and it is on a sticker on its bottom (probably)
f. Gather all of the mac addresses for any device that you want to allow to connect to your router and enter them into the table, this will only allow "authorized" devices to connect.
(On my Linksys WRT54GS it is under the WIRELESS, WIRELESS MAC LIST menu options. There is a button called "EDIT MAC FILTER LIST")
g. Go to the internet and read up on wireless security. The fact that he connected suggests that either (a) he is very knowlegable about wireless networks and has hacked into your network, or (b) you have not activated all of the security features that are at your disposal.
Newer Linksys routers support fairly robust security features that should keep all but very determined outsiders from accessing your router.
WEP
by mrog71 - 1/19/05 4:59 AM In reply to: Stopping wireless use by jbndhsDo you have WEP enabled? That combined with MAC filtering should do it. By the way, how did you find out he was using your signal?
program to montior who is accessing your network
by onlyoscar - 1/22/05 8:15 AM In reply to: how did you find out by jbndhsAirSnare is an intrusion detection system to help you monitor your wireless network. here is the link
http://home.comcast.net/~jay.deboer/airsnare/
Progressive Security
by Inframan - 1/21/05 3:46 AM In reply to: Stopping wireless use by jbndhsIts important to get this right because if someone uses your connection to the internet for nefarious purposes the trail will lead back to your door.
It's quite possible you could turn off wireless on your router. You need to check the config via the admin program. Normally you get to this to via a browser address as specified in the manual.
BEFORE YOU DO ANYTHING ELSE:- CHANGE THE DEFAULT ADMIN PASSWORD on your WLAN Router TO SOMETHING UNIQUE TO YOU THAT YOU CAN REMEMBER.
If you leave it as the default then anyone getting in will be able to change/undo what you set.
It's fine setting MAC filtering but if someone spoofs the MAC address then adds another one of their own its unlikely you'll notice and they'll be able to freeload again.
OK - Now how do you secure it if you want to keep the wireless connectivity. There are a few things to think about that progressively increase WLAN security.
They require increasing 'tech' skill although all can be done by a thourough read of the manual.
At each stage check you can still use the WLAN from where you want to before moving on to the next. It will make troubleshooting any problems much easier.
1) Simple Physical security. Normal advise is put your WLAN Access Point (AP)in the middle of your house to reach all parts. But if you can, it's better to position the WLAN AP at the furthest point in your house from any neighbours. So if you have someone on just one side of your house then its best to put it the other side. Its best to put it at the back of the house away from a main road. This reduces the signal from your network that reaches those points. Not only does this mean higher security it minimises the risk of interference from your system with others. Obviously this idea presupposes that you can choose where to locate it because you have a handy network connection their AND you can still pick up the signal everywhere in the house you need it.
Using the admin program:
2) Change the SSID (Network name) to something that works for you rather than the default. If you leave it as the default then all anyone has to do is pick it up through their wireless lan and check the manual out on the internet to work out the default settings for your service.
3)Set WEP (Encryption) on both your Portable and your WLAN router. Preferably at least 128K encryption level where it gives you a choice. The Downside to WEP is that it slightly slows the network speed (not much on modern kit) and it CAN be broken. However to break it you need to sit and scan the network for a while but WEP does prevent all but the most determined snoopers.
4) Make sure you can connect to the WLAN as required. Once your Notebook has learnt the name of your WLAN you can then set the SSID to 'Don't Broadcast SSID' or something similar. This means that anyone scanning for networks wont see yours sticking out like a sore thumb.
5) Change from DHCP Addressing (where the router tells each PC what network address to use) to fixed IP addresses. Any snooper would have to work out what address range you are using then find one that did not conflict. If you keep the range as small as possible it will be less likely anyone can do that.
6) Finally MAC filtering. With this you configure your WLAN router to only accept traffic from the hardware address of your PC's wireless card. I've left this to last because although its not too hard to set up,once an intruder can 'see' your wlan its not too hard to find out a valid MAC address and hijack it.
If you're still worried that someone might abuse your connection then your WLAN Router probably offers logging of some kind that you could monitor and see if it is being used at times you aren't active on it.
No connected network is ever secure but if you do as many of these as you can you'll significantly reduce the chances of anyone abusing your WLAN.
Novice question
by veneva - 1/21/05 6:31 AM In reply to: Progressive Security by InframanI just bought a new computer with a wireless card. As I pulled it out of the box and turned it on, my neighbor's wireless popped up immediately. Out of curiosity I looked to see "My Network places" and without doing anything on my new computer, their computers were present...including their printers installed on my NEW machine. Everytime that I turn on my computer I have to disable their system. Two questions...
1. If I can see their computers on "my network" and could, if I wanted, enter their computers WITHOUT any special configuration of my system, can they do the same with my computer? Can they enter my computer and access files or see what I am writing? My computer automatically showed up on their "workgroup" WITHOUT MY CONFIGURATION.
2. I currently have a dial-up and am in the decision making stages for a wireless service. I work from the house frequently. My business program has a very high security firewall, but I am concerned that if I get wireless, they and maybe other neighbors might be able to do the same and enter my computer. Their signal is super strong. The other day we were without Internet service, nor phone service, land or cell, for the entire state for several hours. I had a medical emergency for a client that had to be handled in a matter of minutes. I could not make the phone call I needed nor could I access the internet from any of the 3 offices from which I work. In desperation and curiosity I tried the neighbor access and their signal was very strong. They are new neighbors...should I see what they are using and try and help them secure their system more? Plus I guess I would like to have the same company..Ha...but would the signals "fight each other?"
I have saved your previous response for security measures installation but I still have some concerns. Thanks...
Start by changing the workgroup name
by marcus_r - 1/21/05 6:52 AM In reply to: Novice question by venevaStart by changing your workgroup name. Obviously, both your machine and your neighbor's are using Microsoft's default workgroup name probably something like "Home" leading them all to believe they are part of the same network.
Once you choose a new workgroup name, all your computers will use that same wg name, that will allow them to share resources between your computers. When you install your own wireless router, you should also always require authentication on anything you share on your network in addition to using the security recommendations presented in previous posts. That will help prevent your neighbors from getting the same access to your network that you have to theirs.
WEP CAN be broken?
by Bernadou - 1/21/05 8:08 AM In reply to: Progressive Security by InframanI'm curious how an intruder would go about breaking WEP? Wouldn't they have to have plenty of time in proximity to the siginal and use some sort of WEP cracking program? Couldn't you set some sort of max WEP access tries for a particular MAC, or is this not supported by the majority of the home routers out there?
Thanks
B
No time limit... Here's why.
by R. Proffitt - 1/21/05 8:18 AM
In reply to: WEP CAN be broken? by Bernadou
The sniffer just has to listen. You won't know it's going on.
Pros and cons based on your Subject Title at ... http://www.google.com/search?q=WEP+CAN+be+broken
Bob
Stopping Wireless Trespassers
by KoolTutor - 1/21/05 6:26 AM In reply to: Stopping wireless use by jbndhsIf you're using any standard router, you can use 2 ways:
1. Use WEP(wireless encrypted privacy). This is like setting a login password so that their systems can't access your router.
2. Set your router to accept only recognised wireless cards.
Type http://192.168.0.1 (unique to some routers) and you will get in to the router admin page. (check your manual for exact instructions)
Go to the wireless section and, depending on the brand of router, configure your router to accept only the systems that belong to you.
I don't recommend not broadcasting your SSID as some XP systems you own may not "see" your router and this defeats the purpose of keeping you in and neighbours out.
All instructions should be referred to the router manuals as they are all different.
This should keep the intruder out.
WEP
by cblenkin - 1/21/05 6:26 AM In reply to: Stopping wireless use by jbndhsIf you use WEP with a custom key that should do it.
However if you did want to just use the router without the wireless option ... just take the antenna off.
Good luck with that... I would be interested in hearing how you found out he was using your signal.
Why not WPA
by josh516 - 1/21/05 9:26 PM In reply to: WEP by cblenkinYou should have suggested using WPA as this solves many of the probs with WEP, and is twice as strong (256 bit)
And with most routers you can disable the wireless by accessing the router(192.168.0.1, 192.168.2.1, ect) and disabling it.
| Forum legend: | |
 |
Locked thread |
 |
Moderator |
 |
CNET staff |
 |
Samsung staff |
 |
Norton Authorized Support team |
 |
AVG staff |
 |
Windows Outreach team |
 |
Dell staff |
 |
Intel staff |
