Tenant shares wireless connection.

I found out my wife gave our tenant the wireless encrypted password and ssid so he can use his laptop via our wireless Linksys router. I was pissed, but it's already been done. What steps can i take, if any to prevent any hacking? I playing devil's advocate and assuming this may happen. He's a nice college kid, but you never know. Am i vulnerable only with my wireless laptop or is my hardwired pc vulnerable too? Would disabling ssid broadcast help?

Reply to
shareyourknowledge
Loading thread data ...

Change the password, and use WPA2 encryption, if available. WPA is also good, but WEP is broken.

Assuming your hardwired PC is on the same LAN and file sharing is enabled, then yes, the hardwired PC is also vulnerable, to an extent. Disabling the SSID broadcast doesn't buy you anything. Change the password and keep it safe.

Reply to
Char Jackson

Maker and model of the wireless router?

If he can get onto your wireless network, he can "see" your computers. Whether he can get into your computers to do evil and nefarious things (by accident, of course) really depends on how you have you computers configured. The hardwired PC can be software firewalled fairly easily. The laptop should have similar protection, especially if you're using it at various hot spots, where the other patrons can do as much damage as the nice college kid.

Some routers have provisions for a "guest" wireless connection, which allows only access to the internet. They would never see your computers on the network.

Incidentally, if the kid is clueful enough to ask for the WPA key, he just might know something about computers. Asking him to help secure your network is a bit dangerous, but if his intentions are honorable, it won't hurt to ask (and then double check his advice).

Also, the main risk is not trashing your computers. It's his monopolizing all your bandwidth doing filesharing and downloading.

Reply to
Jeff Liebermann

Change the pass phrase.

Reply to
Bert Hyman

"...our wireless Linksys router."

Linksys?

Do Linksys routers have L2 isolation, like my Trendnet TEW-510APB?

Would that help in a case like this?

The TEW-510APB is an acccess point.

Reply to
Axel Hammerschmidt

Thanks for you replies. Doesn't the tenant need a password to access the internet though? He told my wife he couldn't connect to the internet so she gave him the password.I have the Linksys WRT54G. I think there is WPA2 encryption availability. I thought i read that WPA2 encrytpion has limitations. yes? I'll check into the guest wirelss connection.

Reply to
shareyourknowledge

No, he needed a password to access your LAN. Once he had access to your LAN, he automatically had access to the Internet, just like you do from your LAN.

The only WPA2 limitation I'm aware of is that some very old wireless cards don't support it, but if all of your wireless equipment does, then I would recommend it.

Reply to
Char Jackson

Yes, i meant to say the LAN password, not my personal login password.Sorry. I guess that was my concern that once he had my LAN password, he might be able to acess info from my laptop or PC. But i'll change the security to WPA2 as you recommended. Thanks.

Reply to
shareyourknowledge

First off, don't worry about him hacking you. He's got physical access anyway, so whether or not he wins this battle, if he wants to hack you, physical access always wins the war.

Second, *which* password? WEP? WPA2? Router administration? Your local computer password?

Reply to
DevilsPGD

The password he has is the WPA shared key( same as (LAN?).I re-set the security this morning to WPA 2 Personal When he logged into his laptop (his personal password) he then used the WPA shared key password my wife provided to access the internet. Sorry, i'm not too computer savvy, but appreciate eveyone's help.

Reply to
shareyourknowledge

Will do with the right firmware [eg dd-wrt].

Possibly. Perhaps creating a guest wireless subnet would be even better; I think you may be able to do this with DD-WRT.

Reply to
alexd

Depends.

Do you object to the tenant using the network? If so, just change the password and be ready for the argument and complaints.

Are you ok with the tenant using it? If so make sure you have an appendix to your tenancy agreement covering use of the broadband. Then if they 'hack' or break the T&C you can kick them out.

What exactly are you worried about? That he might hack your computers and steal your bank details? or that he might tell all his mates who will camp outside your house and steal bandwidth ?

Your lodger is "inside" your network so the entire lot is 'compromised'. However if you have user-level security on all your PCs (ie you have to logon with passwords, you're using OSX, Linux or XP, and your shared and private document directories are all properly secured with user-level passwords) and you have kept your security patches up to date then you should be relatively safe unless the student is a real cracker.

Disabling SSID achieves as much for wifi security as painting your front door green and pretending its a big leaf achieves for home security.

Reply to
Mark McIntyre

The password is to connect to your router, not to the internet. Once he's on your router he has the same internet access as your PC.

Assuming you're using WPA or WPA2 there is one shared password for all users of the router.

wpa2 is the best there currently is.

Reply to
Mark McIntyre

Which is insanely stupid, from a liability standpoint. One serious accident and any good attorney could get him more than the value of the house in a lawsuit.

Reply to
Bill Kearney

I agree. I mentioned this to her but she doesn't listen. Like i said, it's her house, but she doesn't do things in a conventional way.

Reply to
shareyourknowledge

Just trying to protect myself. That was the reason for the original post, whether he could access private info. Anyway, i have plenty of good advice from everyone. Thanks to all.

Reply to
shareyourknowledge

I agree. I mentioned this to her but she doesn't listen. Like i said, it's her house, but she doesn't do things in a conventional way.

--------------------------------------------------------------------

You "mentioned" it to her? (That's nice) Any chance of posting your address, just so the hard up can park outside your house and share bandwidth?

Reply to
Sunny

Yes, it would help. Linksys calls it "access point isolation" which is really "client isolation". It's available in various WRT54G mutations, but not all of them, usually on the: wireless -> advanced wireless settings page:

Linksys defines it as:

Creates a separate virtual network for your wireless network. When this feature is enabled, each of your wireless client will be in its own virtual network and will not be able to communicate with each other. You may want to utilize this feature if you have many guests that frequent your wireless network.

However, before taking the plunge, it's best to check the online emulators at:

to see if "AP Isolation" is available.

You can also setup a VLAN with various alternative firmware, but most also include "AP Isolation" as a feature. Note that the "AP Isolation" doesn't isolate the wired users, just the wireless users.

Reply to
Jeff Liebermann

Off topic, but maybe interesting:

I played slum lord for many years. First for my fathers 13 unit apartment building. Later for various house rentals and investments. You're just asking for trouble with a verbal agreement. The courts tend to favor tenant rights over landlords. Any disagreement might end up in the courts where the tenant is likely to win. Your only protection is a piece of paper that limits your exposure. The courts might enforce a verbal agreement, which means that literally anything your tenant claims will be considered as a binding contract. However, if you have a piece of paper (rental agreement) it outweighs a verbal agreement.

I suggest you purchase the Nolo Press Landlords book (this one for Calif):

and RTFM before you make any mistakes.

Also, my favorite trick was to look at the vehicle the prospective tenant is driving. If the car looks like a garbage dump, that's what your house will look like shortly.

Good luck.

Reply to
Jeff Liebermann

Most jurisdictions have an implied tenancy agreement that forms automatically as soon as money is exchanged for tenancy.

Depending on the laws in your particular jurisdiction, once the second rent payment is made (which establishes a paper trail confirming the amount and frequency) there may be no difference at all if a contract is signed or not.

Reply to
DevilsPGD

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.