lupodwdm
join:2003-06-16
Blairstown, NJ
| Neighbor possibly stealing my wifi
I have an unusual situation here. I beam wifi to a family member's house about a mile away from me using some high gain patch antennas. Their system has a strange glitch where it would not reliably connect to the DLink router I have set up when the password is turned on. Since they don't use the connection too much I resorted to operating with the password off and just turning the router off when they are not using it.
I've noticed over the past few months that i was seeing more traffic on the DLink router but I figured they were just using it more. I left it on for this weekend and saw a lot of usage late into the evening. When I asked them if they were using the connection at all they said they never even turned their computer on!!
I get the feeling that someone else was using the wireless link over the weekend and I want to put an end to it. Is there a way to secure the connection w/o using a password?
Thanks.
--
well....technicaly my worst nightmare is; I'm sitting in my high chair, breast feeding my own mother. Her mouth opens and my fathers face appears--Jason Panopolis |
|
Jameson
10-8
Premium
join:2004-05-28
Fallbrook, CA
clubs:  | Wow, yes most likely anyone in that 1 mile area will see it on their wireless scans. My suggestion to you is to secure it with WPA or people will just contiune to use it. |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
 ·Verizon Online DSL
 ·Skype
| reply to lupodwdm
Unencrypted APs are considered by some to be an invitation to freeload. It's probably an innocent-minded freeloader, but there is no way to be sure.
Their system has a strange glitch where it would not reliably connect to the DLink router I have set up when the password is turned on. A distant sketchy connection may have trouble with WPA (which demands reauthentication and encryption following a rotation and time method). However, it won't have problems with WEP (which encrypts using a static key).
WEP is weak and easily broken by freely available programs, but WEP is still a deterrent to simple freeloaders.
As you mentioned that you turn it on and off to control access, you could rotate the key every month or two. But keep in mind this is only a little stronger than a "keep out" sign.
HTH,
Robb
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon USA
~ Keeper of the D-Link FAQ ~ Did you Search? ~ More features, Free! Join BBR! ~ |
|
Nerdtalker
Working Hard, Or Hardly Working?
Premium,MVM
join:2003-02-18
Tucson, AZ
clubs:
| reply to lupodwdm
That's pretty much enough of an indication to at least prompt you to investigate further.
I'd start by checking the DHCP clients table for any unauthorized clients pulling IP addresses. If it's someone innocently connecting to your AP, they'll probably show up in that list. If there's nothing there, and you're still seeing traffic, you'll have to sniff wireless traffic to see whether there are indeed any unauthorized wireless clients. That's significantly more of an indication that the freeloader is knowingly stealing service (more malicious).
I'd encourage you to re-visit using WPA, even if that requires you to replace some equipment. Alternatively, you could switch to WEP, but that too is breakable by even the most unskilled hands.
If you're up to it, it might be worth looking into setting up a captive portal and some kind of login page. There's bound to be some good open source software out there that should assist you to that end.
--
"Some people never see the light till it shines thru bullet holes." -Bruce Cockburn
I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 12900+ messages currently using 406 MB. |
|
Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS | reply to lupodwdm
I don't buy the password won't work bit of your post. Tis bogus and the starting place for you to actually put in place security (including WPA of course). |
|
SoonerAl
Old Enough To Know Better
Premium,MVM
join:2002-07-23
Norman, OK
3 edits |  reply to lupodwdm
To add, if your running XP then Windows Connect Now (WCN) is a real easy way to setup encryption and propagate that to the wireless access point/router and clients. This is what I use. In my case I use a manually generated strong 63-character random ASCII WPA key. I have to manually cut-n-paste the key to my router but that is no big deal. My wireless clients get configured via a USB flashdrive...
Some WCN links...
»www.microsoft.com/windowsxp/usin···now.mspx
»www.microsoft.com/technet/commun···604.mspx
»www.microsoft.com/windowsxp/usin···e13.mspx
An on-line WPA key generator...
»www.kurtm.net/wpa-pskgen/
If you want to monitor your wireless network look at using AirSnare...
»home.comcast.net/~jay.deboer/airsnare/
Of course if your network is secured properly you will not have any unauthorized users... 
--
"When all else fails, read the instructions..." |
|
Ranger390
join:2006-03-25 | reply to lupodwdm
Is MAC address filtering an option on your router? |
|
SoonerAl
Old Enough To Know Better
Premium,MVM
join:2002-07-23
Norman, OK
|  said by Ranger390  :Is MAC address filtering an option on your router? Bad choice... 
MAC addresses are easily cloned. The best choice is to do it right and use proper security measures...
--
"When all else fails, read the instructions..." |
|
ExhaultedOne
@stigeequipment.com
| MAC address filtering coupled with changing your SSID name and hiding/not broadcasting it will help a great deal if you are not inclined to use encryption. That will thwart the greater majority of "average users" in the area. Obviously if you have a skilled power user (most likely in a 1 mile radious) that may not be enough. But its a start. |
|
ackman
join:2000-10-04
Acworth, GA
1 edit | reply to lupodwdm
So let's see if I have this straight, the concern is the neighbor stealing your wifi while you help your family member steal your internet service from your ISP over your 1 mile wifi broadcast...hmmm, sounds like a problem...
 |
|
photobum
join:2005-11-04
Fairborn, OH
| said by ackman :So let's see if I have this straight, the concern is the neighbor stealing your wifi while you help your family member steal your internet service from your ISP over your 1 mile wifi broadcast...hmmm, sounds like a problem...  |
|
roc5955
Premium
join:2005-11-26
Rosendale, NY
 ·RoadRunner Cable
| reply to lupodwdm
No, there is no way to secure the system without a password.
Just go to each of your neighbors' houses with a shotgun, and ask them, "Yew been stealin' mah, wah fi?"
If they answer yes, tell them to stop or they'll end up with their head shot off.
Or, you could password protect the router. |
|
No_Strings
Premium,Mod
join:2001-11-22
The OC
Host:
Wireless Networking
All Things Unix
Cox HSI
Qwest
Efficient
| reply to ackman
You're assuming facts not in evidence. Some ISPs allow shared connections. Previously, some posters have negotiated specific sharing provisions with their ISPs. Neither the ISP nor their acceptable use policy are mentioned.
Why blast the OP? If you have a concern, how about something like "Make sure your ISP's AUP has a provision for sharing a connection."? |
|
cmslick3
join:2004-05-24
Joliet, IL
·AT&T Midwest
| Why not just keep a log file of the connections given out by the router and start blocking those MAC addresses which do not belong to your family. You will learn very quickly if you have someone who is determined to sneak onto your OPEN wifi. Then as suggested before change the SSID to something other than default and not easily guessed and stop broadcasting it. Once you make the appropriate settings on the other end and you should be good. Also, Please PLEASE make sure you setup an ADMIN password on the router, which I assume you've already done, judging from the fact that the people connecting to your router haven't gone in and mucked with it.
Also I would check that your file sharing is turned off to the general network public... Open wifi spots are a great way to trial viruses and such... |
|
BloodRoses
Gods lend wings to tainted hearts
Premium
join:2003-03-17
clubs:
·Cox HSI
·Verizon Online DSL
| reply to roc5955
Decisions Decisions... blow my neighbors brains all over the wall, or set a password. Hmmm, I'm going to have to really think this one over.
--
Cheers,
Stephanie - www.GlitterFaerie.com |
|
JimF
join:2003-06-15
Allentown, PA
2 edits | reply to lupodwdm
I don't buy the argument that a MAC filter won't be effective. Probably less than one percent of wifi uses even know what it is. Also, the intruder would have to be able to receive the wifi signal from you family member's house to determine their MAC address. Since the family member is over a mile away, it is very unlikely that they will be able to do so. (They would at least have to be located in the narrow beam of the antenna patterns from both ends.)
But it should not be done at all unless your ISP allows it, which is also unlikely. |
|
lupodwdm
join:2003-06-16
Blairstown, NJ
| reply to lupodwdm
Wow...thanks for the help. As for the password not working, I guess you have had windows work PERFECTLY for you %100 of the time. Yea, windows NEVER screws up or glitches.
I'm going to enable MAC filtering and turn off the SSID and keep a closer eye on the connections.
Thanks all for the help.
--
well....technicaly my worst nightmare is; I'm sitting in my high chair, breast feeding my own mother. Her mouth opens and my fathers face appears--Jason Panopolis |
|
longtimelurker
@swbell.net
 from:
cahill
| reply to lupodwdm
You could block them out or you could have some fun with them like this guy did...
»www.ex-parrot.com/~pete/upside-d···net.html
Cheers |
|
moonpuppy
join:2000-08-21
Glen Burnie, MD
·Verizon Online DSL
| Oh yeah, now that is funny.  |
|
prouton
Premium
join:2004-06-25
Fullerton, CA | reply to lupodwdm
If the D-Link router in question is the DI-624 with a rev level earlier than C3, then the WPA protected connection problem is the router itself. These are notorious for constantly rebooting (about every five minutes) when WPA is turned on. |
|
