I found out my wife gave our tenant the wireless encrypted password and ssid so he can use his laptop via our wireless Linksys router. I was pissed, but it's already been done. What steps can i take, if any to prevent any hacking? I playing devil's advocate and assuming this may happen. He's a nice college kid, but you never know. Am i vulnerable only with my wireless laptop or is my hardwired pc vulnerable too? Would disabling ssid broadcast help?
Change the password, and use WPA2 encryption, if available. WPA is also good, but WEP is broken.
Assuming your hardwired PC is on the same LAN and file sharing is enabled, then yes, the hardwired PC is also vulnerable, to an extent. Disabling the SSID broadcast doesn't buy you anything. Change the password and keep it safe.
If he can get onto your wireless network, he can "see" your computers. Whether he can get into your computers to do evil and nefarious things (by accident, of course) really depends on how you have you computers configured. The hardwired PC can be software firewalled fairly easily. The laptop should have similar protection, especially if you're using it at various hot spots, where the other patrons can do as much damage as the nice college kid.
Some routers have provisions for a "guest" wireless connection, which allows only access to the internet. They would never see your computers on the network.
Incidentally, if the kid is clueful enough to ask for the WPA key, he just might know something about computers. Asking him to help secure your network is a bit dangerous, but if his intentions are honorable, it won't hurt to ask (and then double check his advice).
Also, the main risk is not trashing your computers. It's his monopolizing all your bandwidth doing filesharing and downloading.
Thanks for you replies. Doesn't the tenant need a password to access the internet though? He told my wife he couldn't connect to the internet so she gave him the password.I have the Linksys WRT54G. I think there is WPA2 encryption availability. I thought i read that WPA2 encrytpion has limitations. yes? I'll check into the guest wirelss connection.
Yes, i meant to say the LAN password, not my personal login password.Sorry. I guess that was my concern that once he had my LAN password, he might be able to acess info from my laptop or PC. But i'll change the security to WPA2 as you recommended. Thanks.
The password he has is the WPA shared key( same as (LAN?).I re-set the security this morning to WPA 2 Personal When he logged into his laptop (his personal password) he then used the WPA shared key password my wife provided to access the internet. Sorry, i'm not too computer savvy, but appreciate eveyone's help.
Do you object to the tenant using the network? If so, just change the password and be ready for the argument and complaints.
Are you ok with the tenant using it? If so make sure you have an appendix to your tenancy agreement covering use of the broadband. Then if they 'hack' or break the T&C you can kick them out.
What exactly are you worried about? That he might hack your computers and steal your bank details? or that he might tell all his mates who will camp outside your house and steal bandwidth ?
Your lodger is "inside" your network so the entire lot is 'compromised'. However if you have user-level security on all your PCs (ie you have to logon with passwords, you're using OSX, Linux or XP, and your shared and private document directories are all properly secured with user-level passwords) and you have kept your security patches up to date then you should be relatively safe unless the student is a real cracker.
Disabling SSID achieves as much for wifi security as painting your front door green and pretending its a big leaf achieves for home security.
Yes, it would help. Linksys calls it "access point isolation" which is really "client isolation". It's available in various WRT54G mutations, but not all of them, usually on the: wireless -> advanced wireless settings page:
Linksys defines it as:
Creates a separate virtual network for your wireless network. When this feature is enabled, each of your wireless client will be in its own virtual network and will not be able to communicate with each other. You may want to utilize this feature if you have many guests that frequent your wireless network.
However, before taking the plunge, it's best to check the online emulators at:
to see if "AP Isolation" is available.
You can also setup a VLAN with various alternative firmware, but most also include "AP Isolation" as a feature. Note that the "AP Isolation" doesn't isolate the wired users, just the wireless users.
I played slum lord for many years. First for my fathers 13 unit apartment building. Later for various house rentals and investments. You're just asking for trouble with a verbal agreement. The courts tend to favor tenant rights over landlords. Any disagreement might end up in the courts where the tenant is likely to win. Your only protection is a piece of paper that limits your exposure. The courts might enforce a verbal agreement, which means that literally anything your tenant claims will be considered as a binding contract. However, if you have a piece of paper (rental agreement) it outweighs a verbal agreement.
I suggest you purchase the Nolo Press Landlords book (this one for Calif):
and RTFM before you make any mistakes.
Also, my favorite trick was to look at the vehicle the prospective tenant is driving. If the car looks like a garbage dump, that's what your house will look like shortly.
Most jurisdictions have an implied tenancy agreement that forms automatically as soon as money is exchanged for tenancy.
Depending on the laws in your particular jurisdiction, once the second rent payment is made (which establishes a paper trail confirming the amount and frequency) there may be no difference at all if a contract is signed or not.