gatorcellman
join:2004-11-28
Saint Augustine, FL
| Is it possible to lock out an unsecured wireless network?
I have set up my wireless network to run through openDNS so I config "parental restrictions" lets just say. This is for a teen in the family.
The problem that I have is that there are several unsecured wireless networks in the area that he just connects to when he doesn't like the restrictions on my network.
So my question is, is there any way for me to lock out those networks so that he cannot connect to them? I know I can prevent them from automatically connecting, but I want to lock them out. I've even gone as far as to hack into their routers and set up MAC address filtering. For some reason though, this isn't working!
For what it's worth, running XP Pro SP3. Any suggestions on this would be greatly appreciated! |
|
SoonerAl
Old Enough To Know Better
Premium,MVM
join:2002-07-23
Norman, OK
1 edit | No that really is not possible. I would look at using some sort of parental controls to limit his/her account to when they can log on to the PC and when they can use the internet. Many ISPs make parental control software available for free to their customers. Both Win 7 and Vista have basic parental controls built in to the OS.
Make sure their account is a limited/standard user account and that the admin account(s) are protected by a strong password. You might look at the free from MSFT SteadyState tool (runs on Vista and XP and possibly Win 7) to further lockdown the PC and user accounts.
Here is an old thread, among many, on this very subject...
»Hiding unsecured wireless networks
One of my comments...
»Re: Hiding unsecured wireless networks
--
"When all else fails, read the instructions..."
MS-MVP Windows Desktop Experience |
|
stevech0
join:2006-09-17
San Diego, CA
 ·RoadRunner Cable
 ·VoicePulse
| reply to gatorcellman
this might work:
Change your WiFi router to use an unusual LAN address such as 192.168.222.1 for the gateway.
Change the laptop's WiFi TCP settings to not use DHCP and give it a fixed static IP address in that LAN, say 192.168.222.101. This means "get address automatically" is turned off.
Hopefully the kid doesn't know how to undo this. Or give the kid a non-admin login on the laptop.
Better yet, tell the kid what REAL consequences he/she will endure if they do not comply with your no-foreign-WiFi directions.
Kids today don't fear consequences because most parents don't follow through consistently. |
|
gatorcellman
join:2004-11-28
Saint Augustine, FL
| Ahhh, the static ID thing might do the trick! Luckily, I'm one of the unusual parents that actually has more geek in him than the child! His tech level isn't that high.
Well as far as parenting rules go, I'm actually probably too strict and I agree with your advice. However, to keep friction levels down to the tolerable, I'd rather he just think that things aren't working anymore and leave it at that. I don't think he knows I'm the one that locked down the router dns... I think he just thinks it's our ISP....LOL. Anyway, I degress....
I'll try out the static IP and make sure I assign it one that is a different sequence from the other routers.....good tip! |
|
Anonymous_
Anonymous
Premium
join:2004-06-21
127.0.0.1
clubs:
1 edit | reply to gatorcellman
just take the mouse or power cable with you problem solved |
|
switchman
join:1999-11-06
Grand Prairie, TX
1 edit | reply to gatorcellman
Tell your neighbors to secure theirnetwork and help them. If they are not open, you can't get in. |
|
tipstir
join:2004-11-14
Enfield, CT
·Cox HSI
1 edit | reply to gatorcellman
Need to run third-party wireless client software manager that supports it own encryption like EAS-TL on now secured connections. I also use proxy connection though some of those can be really slow if you run the software from proxyway.com which they have all favors of it the freeware version is pretty fast, but after you wait for it to connect to the servers. But mostly I use Juniper OCA on all my wireless laptop, but the one I use when I travel to hotels suites that have 7-9 access points or repeaters that are not secured but wide open. |
|
No_Strings
Premium,Mod
join:2001-11-22
The OC
Host:
Wireless Networking
All Things Unix
Cox HSI
Qwest
Efficient
| What the heck are you talking about?
EAS-TL? If you mean EAP-TLS or EAP-TTLS, adding authentication at the client level does nothing to protect against connection to an open network.
The only thing third party client software would add to this discussion is cost. |
|
tipstir
join:2004-11-14
Enfield, CT
·Cox HSI
| You can have software encryption from your wireless laptop. On those open networks, you can use: proxy software, key scrambler to mask encrypt your key that you type out.
Juniper software wireless software client does lock down the laptop using these two encryption methods.
pairwire cipher: AES-COMP
group cipher: AES-COMP |
|
No_Strings
Premium,Mod
join:2001-11-22
The OC | Encryption has nothing to do with authentication, so you continue to add confusion. Does Juniper prevent connecting to an open network? That's the question at hand.
The proxy software suggestion is valid. |
|
lordfly
join:2000-10-12
Homestead, FL
 ·AT&T Southeast
1 edit | reply to gatorcellman
Simple method. Give the wireless adapter on the teen's computer a fixed IP address on your network. Make sure your private network is different than any of your neighbors. That way even if the computer connects to a different network, then it won't route so it won't work.
Also, make sure the teen does not have administrator rights. |
|
Mem
join:2002-01-03
USA
·AT&T Southeast
| The static IP may not work if the open router has enabled a function like "Any IP" on most ZyXel routers which allow a computer to connect when the IP of the computer and the router are not in the same subnet. 
Probably not likely though... |
|
stevech0
join:2006-09-17
San Diego, CA
·RoadRunner Cable
·VoicePulse
| reply to lordfly
said by lordfly  :Simple method. Give the wireless adapter on the teen's computer a fixed IP address on your network. Make sure your private network is different than any of your neighbors. That way even if the computer connects to a different network, then it won't route so it won't work. Also, make sure the teen does not have administrator rights. That's what was said about 5 posts earlier. |
|
cacroll
Eventually, Prozac becomes normal
Premium
join:2002-07-25
Martinez, CA
| reply to switchman
said by switchman :Tell your neighbors to secure their network, and help them.
That's got my vote - - if you can contact them.
If they are providing service to the OPs kid, they are likely providing service to a few others. Explain to them what an uncontrolled wardriver might do, and that they are the ones who the FBI will be calling on, if there is trouble.
--
Cheers,
Chuck
MS-MVP 2005-2009 [Windows - Desktop Experience]
Nitecruzr Dot Net |
|
lordfly
join:2000-10-12
Homestead, FL
·AT&T Southeast
| reply to stevech0
said by stevech0 :said by lordfly :Simple method. Give the wireless adapter on the teen's computer a fixed IP address on your network. Make sure your private network is different than any of your neighbors. That way even if the computer connects to a different network, then it won't route so it won't work. Also, make sure the teen does not have administrator rights. That's what was said about 5 posts earlier. oops. That is what happens when I don't read the entire thread completely. I must have just missed it. At least I am confirming that this is probably the best solution other than using group policy. |
|
tipstir
join:2004-11-14
Enfield, CT
·Cox HSI
1 edit | reply to No_Strings
said by No_Strings :Encryption has nothing to do with authentication, so you continue to add confusion. Does Juniper prevent connecting to an open network? That's the question at hand. The proxy software suggestion is valid. Juniper suppose to have that protection. If not someone going to have to tell me otherwise. So much for that software. Yes Proxy software can give you some protection while at hotels that use open uncured network. There is software that suppose to to protect you called ? I'll have to find the link again the software is not for free though.
Here's a like from the USAF about this same issue for those who care to read it..
»www.af.mil/news/story.asp?id=123035765 |
|
tipstir
join:2004-11-14
Enfield, CT
·Cox HSI
1 edit | reply to gatorcellman
the Evil Twin and potential Man-in-the-Middle Security Attacks.
LucidLink Wireless Client makes it easy to access Wi-Fi networks. It can be used to connect to home networks, office networks, or public hotspots. This client is easy to install, easy to use, and it solves an array of problems Wi-Fi users face connecting to different wireless networks. The LucidLink Client automatically detects network security settings, alerts users to incompatible settings and provides instructions for resolving them, ensuring that users establish connectivity rather than being left to wonder what is wrong. It detects and warns against suspected security problems such as the Evil Twin and potential Man-in-the-Middle Security Attacks. Supports networks secured with LucidLink Wireless Security, WEP, WPA-PSK, and open (unsecured) networks.
This one is freeware found on their site: »www.lucidlink.com/ |
|
stevech0
join:2006-09-17
San Diego, CA | Re: the Evil Twin and potential Man-in-the-Middle Security Attac
LucidLink doesn't seem relevant to the OP's goal. |
|
No_Strings
Premium,Mod
join:2001-11-22
The OC
Host:
Wireless Networking
All Things Unix
Cox HSI
Qwest
Efficient
1 edit | Agreed.
tipstir ,
Spend more time reading and less time posting.
edit (and I'll spend more time proofreading my posts.) |
|
jubangy
Premium
join:2005-03-26
Erie, PA | reply to gatorcellman
Re: Is it possible to lock out an unsecured wireless network?
»www1.k9webprotection.com/
Free for home use, and it will not matter which ap the laptop connects to as it filters the web as well as other features like internet timer and such. |
|
