How can I tell if someone is using my wireless net?


I recently moved to East Tennessee from the Mississippi Gulf Coast after
losing everything -- except the clothes we had on -- to Hurricane Katrina.
Insurance company paid off and we are replacing some of our stuff -- I have
replaced my desktop and laptop and am setting up home network.
I'm using a Motorola SBG900 modem with built-in access point. Desktop is
hardwired through Ethernet connection but the laptop connects through
wireless.
When I first fired up the SBG900 and my laptop, the laptop found six
wireless networks -- mine and five others that I assume belong to people in
my apartment complex. None of the five was secure so I tried connecting --
connected to every one of them. I figured I was doing something wrong by
stealing their service so I disconnected and left them alone.
But -- I secured mine with WEP (or maybe it was WAP, I don't recall).
Before I secured my network, I noticed the wireless light on the modem
blinking but I was not connected -- I suspect someone else was connected to
mine. With my network secured, I have not noticed the wireless light
blinking unless I am connected.
Now, here's my question: Is there any application out there to warn me that
someone has connected to my wireless network or that someone has cracked my
security key? I have situated the access point so I can't see the lights
without crawling under the table -- I'd like something that will run in the
background and give me a screen pop when my access point is connected.
Thanks.
My security key is garbled letters and numbers that I make up and change
every two weeks.
And I'm a real novice at this stuff -- I just put the CD in the tray and
follow the prompts.
Thanks
Reply to
Joe S.
Loading thread data ...
Why not set the MAC filters --- allow only certain MAC addresses to access the network.
Reply to
John
It might be broadcasts or drive by Netstumbler users there were flashing the lights.
Yep. AirSnare.
formatting link
Reply to
Jeff Liebermann
Because MAC addresses are incredibly easy to spoof. Just sniff the traffic for a valid MAC address and tweak the attackers MAC address to be the same.
formatting link
formatting link
Reply to
Jeff Liebermann
If you do all the standard security stuff - you will stop 99% of casual logon attempts.
Disable SSID Use WPA security Use MAC filtering Change all default passwords Disable DHCP Use static IP addresses Check your router logs for other pc's connected
If someone really wants to hack in using wireless sniffers, etc - they can. You would have to use some additional security like client level authentication, VPN, etc. ... which is probably overkill in your case.
Reply to
riggor99999
Except that you'd stop the same number of attempts by only implementing WPA and changing the passwords, the others are pointless. Disabling DHCP is even extremely annoying. It simplifies things for me _and_ my legitimate users.
Reply to
Derek Broughton
We are talking about the one laptop in an apartment complex with many wireless access points and clients. By changing the default tcp/ip address scheme, by using static addresses, by using MAC address filtering, by using WPA and by disabling SSID broadcast ... he stops 99% of the casual users trying to access his network for free. This is much more of a comfort thing - doing all you can...
Reply to
riggor99999
It's pointless effort. _Even_ with a single user on your wireless network, DHCP simplifies things. With DHCP it's just a matter of turning on your computer. Without it, you need to be comfortable with changing your network settings. Turning off DHCP will do _nothing_ to improve your security. Giving people "security" instructions that they will later find were nothing more than placebos will, in the long run, make them less comfortable rather than more.
btw, you never even mentioned "changing the default tcp/ip address scheme" in your original post. If you mean getting off the 192.168.0.x subnet that most (if not all) routers default to, I agree it's a good idea. It's not, though, a security issue, and can generally be handled by the router.
Reply to
Derek Broughton
Trivial to discover, just increases the chance of others nearby stamping on your transmissions due to not knowing you were there.
Ok
Trivial to circumvent such that it's not worth using. If it's to stop causal stumblers from connecting, then WPA will prevent that already.
How is that a security measure? Pointless and can be easily circumvented. See above.
Pointless unless you have also set up filters/rules to limit by IP address. See above.
David.
Reply to
David Taylor
No, the point is that by *just* enabling WPA (or WEP for that matter), he will eliminate probably 100% of the casual users[1] and he'll have security too!
[1] where casual user is defined as someone who just wants to go into Windows to connect using the wizard.
You've missed the point because anyone with a sniffer will get around MAC filtering, waste of time, and *if* they crack WPA will then see the IP scheme in use anyway so going static has done nothing for security.
Then again, we're still waiting for details of this new super efficient WPA crack...
David.
Reply to
David Taylor
True. I guess I wasn't clear, setting the MAC filters in addition to the normal security, WEP, etc., should be sufficient. We're not talking about military level security here, it's his home wireless ...
Reply to
John
True. I guess I wasn't clear, setting the MAC filters in addition to the normal security, WEP, etc., should be sufficient. We're not talking about military level security here, it's his home wireless ...
Reply to
John
While I implent many of the trivially deafeated steps ,(They won't stop a determined hacker, but it's one more step they have to go through) probably the most important measure you can take is the implementation of WPA (WPA2 if possible) with a sufficiently random full length key. WPA crakers use a dictionary brute force approach, and this can be made computationally infeasable by impleneting sufficient randomness and key length. If you don't have the means to generate such a PSK, visit
formatting link
Doc
Reply to
Doc
Still have a hate on for GRC? I thought the tit-for-tat feud between you two was over ....
Reply to
riggor99999
[POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]
Really Bad Idea(tm) to use a passkey generator of dubious merit/heritage.
Instead, download and use Password Safe (free and open source), created by one of the real giants of cryptography and subjected to serious peer review.
Reply to
John Navas
I get a substantial number of calls from friends and paying customers dealing with a simple problem. They have a visiting customer or relative with a laptop (usually the college brat home for the holidaze). They want to connect to the wireless network. However, because someone created the obstacle course from hell to get into the wireless, they can't figure out what to change, what to do, or how to get the visitor online. I've lost count of how many times this has happened. Do that a few times and all the security falls apart.
Another problem is the visitor with a WEP only laptop. The home or office network uses WPA, but very few support both WEP and WPA simultaneously. So, the network gets downgraded to WEP to accommodate the visitors. If they run into the ASCII to HEX WEP key conversion problem, they may turn off encryption completely.
So, setup the wireless obstacle course. I'll be interested to know how long it lasts in its maximum security configuration.
Reply to
Jeff Liebermann
[POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]
MAC filters are pointless.
Reply to
John Navas
[POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]
No hate. I just know Steve Gibson for who and what he is.
Reply to
John Navas
Frankly, I'd trust Gibson ...
before...
Sorry, but most of us wouldn't really have a clue who is and isn't a real giant of cryptography. I certainly don't know who Bruce Schneier is (not that that means anything). Steve Gibson probably _isn't_ such a giant but he's got a pretty good track record of keeping computer systems safe (He does love to blow his own horn, but he hasn't steered me wrong yet).
How do you tell that a program available from Sourceforge has a better "merit/heritage"? Anybody can start a Sourceforge project. Interestingly, many of the Sourceforge links appear to be broken - as if nobody is actively maintaining it now that it's been released as open source.
Reply to
Derek Broughton
But the MAC address is the first and easiest thing to both sniff and change. Easier than WEP, there's nothing to "decode" just sniff, view and set locally.
Done.
David.
Reply to
David Taylor

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.