PDA

View Full Version : Scumbag leeching my bandwidth!!


Miner Willy
Nov 14, 2004, 04:09 AM
Well jumped on the interweb this morning to have a look at what has been happening on Mac Rumors and thought this is a bit sloooow. Anyway it wasn't just mac rumors but everything. I reset my cable box which usually sorts it, to see the wireless lan LED flickering away to itself on my router. My powerbook was actually asleep at the time and this set my alarm bells ringing. Looked at the log on my D-Link 614+ to find that "Neo" (whoever he might be) is hooking into my wireless network. Well rest assured the wireless router cable was pulled. I poked around a bit further and I found that he'd even configured my firewall to let Azureus (filesharing thing) in and out.!!

Now to be honest I don't know a great deal about all this stuff and I didn't change the default admin password for the router(which I will obviously do now) so I can understand how he go into my router.

Can anybody give me any tips on how to secure my network so I can hardwire my eMac and wireless network my powerbook quickly and easily so I don't have to enter password when I want to jump on the web. Also what's WEP about and will it help me.?


Any help would be much appreciated.

broken_keyboard
Nov 14, 2004, 04:31 AM
WEP puts a password on the network (in addition to the one that you may or may not have on the router). So anyone who tries to connect with their wireless card will have to know the password. Sounds like what you want...

If your router supports something called WAP you should use that instead, because it is a newer more secure version of WEP.

scem0
Nov 14, 2004, 04:54 AM
If you have a PC you should net send him to freak him out :p.

scem0

Falleron
Nov 14, 2004, 05:05 AM
Well jumped on the interweb this morning to have a look at what has been happening on Mac Rumors and thought this is a bit sloooow. Anyway it wasn't just mac rumors but everything. I reset my cable box which usually sorts it, to see the wireless lan LED flickering away to itself on my router. My powerbook was actually asleep at the time and this set my alarm bells ringing. Looked at the log on my D-Link 614+ to find that "Neo" (whoever he might be) is hooking into my wireless network. Well rest assured the wireless router cable was pulled. I poked around a bit further and I found that he'd even configured my firewall to let Azureus (filesharing thing) in and out.!!

Now to be honest I don't know a great deal about all this stuff and I didn't change the default admin password for the router(which I will obviously do now) so I can understand how he go into my router.

Can anybody give me any tips on how to secure my network so I can hardwire my eMac and wireless network my powerbook quickly and easily so I don't have to enter password when I want to jump on the web. Also what's WEP about and will it help me.?


Any help would be much appreciated.
WEP is what you need. Once set, any computer access your network wirelessely will need to know it. Also, turn off SSID broadcast (this is your wireless network name). I suggest you change your SSID to something new. That way, people wont know that your network is even in existance (there are ways around that, but to the majority of users this is perfect). There are a couple of other things you can do but I dont want to get to complex.

Let me know if you want more info.

Hope this helps.

Jaz
Nov 14, 2004, 06:10 AM
I do this for friends regularly. Here's all the info you need. PM me if you need more detail. Cheers and good luck! Jaz.

DO ALL OF THIS OVER A LAN CABLE PLUGGED DIRECTLY TO THE ROUTER.

DISABLE YOUR INTERNET CONNECTION MODEM (cable/adsl).
LOG ON TO THE ROUTER AND DISABLE THE WIRELESS NETWORK.
SECURE THE WIRELESS AS BELOW.
ENABLE THE WIRELESS NETWORK.
ENABLE THE INTERNET CONNECTION.

Step to secure the wireless router
Change the name/SSID of the wireles network to something generic like "shelf" or "blue" to mask its model and location/house.

Turn off SSID broadcasting to avoid broadcasting your network's existence.

Set up Wireless Encryption Protocol (WEP) for a 128 bit key so that the network is encrypted. You will enter a passphrase and this will yield a 26 digit string of numbers and letters that are required to connect to network. On your laptop the password type is 128bit Hex when Airport asks for it.

Set up Access Control on your wireless router for Trusted PC's only and add your MAC address to the list. By MAC I mean Media Access Control. You'll find it under Network Preferences>double click Airport>Airport ID. Should look like 01:A1:02:A2:03:A3. Enter it in to the Routers list for access control. This will mean that only computers with correct MAC's are allowed will get an IP address from the router. For a PC, click Start>Run>CMD then type in ipconfig /all and it show your MAC.

Change the admin password on the router to a strong password, non-dictionary word plus a number plus a character. E.g. bluemirt78#, bisqit101928!. This will prevent anyone from guessing your password.

On your machine, go to Network Prefs and for your Airport enter the name you chose for your preferred network and then the 26 digit string when it asks for it during Airport connection.

You're all set!

Miner Willy
Nov 14, 2004, 06:45 AM
Thanks for all the suggestions folks. I have been commandeered by the wife for the moment to do some much needed decorating. When I get chance tomorrow morning I will do what you have suggested. If I have any more issues I post back here.

Once again, Thanks.

winwintoo
Nov 14, 2004, 10:12 AM
It's just possible that whoever jumped on your network wasn't so much a leech as as someone trying to get your attention so you would fix your network.

There's a few clowns around me that have "default" networks running day and night and guess what - my computer looks for "default" I often use their signal 'cuz sometimes it's stronger than mine is and if they're too dumb to fix it, well.

I learned quite a bit about networks in a short time when I had to add a PC to my wireless network.

Margaret

kettle
Nov 14, 2004, 10:26 AM
Looked at the log on my D-Link 614+ to find that "Neo" (whoever he might be) is hooking into my wireless network.

"Neo", he's the "one" :rolleyes:

you should've given him a torrent to remember.

"How can he be the one if he's dead?" :D

superbovine
Nov 14, 2004, 02:20 PM
This article carefully details everything you need to do to secure you network.

http://www.securitytechnique.com/2003/11/wsc.html

andiwm2003
Nov 14, 2004, 04:27 PM
Well jumped on the interweb this morning to have a look at what has been happening on Mac Rumors and thought this is a bit sloooow. Anyway it wasn't just mac rumors but everything. I reset my cable box which usually sorts it, to see the wireless lan LED flickering away to itself on my router. My powerbook was actually asleep at the time and this set my alarm bells ringing. Looked at the log on my D-Link 614+ to find that "Neo" (whoever he might be) is hooking into my wireless network. Well rest assured the wireless router cable was pulled. I poked around a bit further and I found that he'd even configured my firewall to let Azureus (filesharing thing) in and out.!!
.

i set my airport extreme to log to my computer (pb 15", 10.3.6). but console shows no extra log for airport. how can i find the log information?

andi

RubberChicken
Nov 14, 2004, 05:02 PM
WEP is what you need. Once set, any computer access your network wirelessely will need to know it. Also, turn off SSID broadcast (this is your wireless network name). I suggest you change your SSID to something new. That way, people wont know that your network is even in existance (there are ways around that, but to the majority of users this is perfect). There are a couple of other things you can do but I dont want to get to complex.

Let me know if you want more info.

Hope this helps.

I have the same router. I had already enabled WEP and changed the admin password on the router, but I cannot see where to turn off SSID broadcasting.

Falleron
Nov 14, 2004, 05:25 PM
I have the same router. I had already enabled WEP and changed the admin password on the router, but I cannot see where to turn off SSID broadcasting.
Mine is a linksys product. I go to the access point + click "advanced" on the right hand side at the top of the web utility. I then click the "wireless" tab. This gives me all sort of customisable things. Eg. pre-amble size etc. At the bottom of that page there is an option to disabling SSID broadbcast.

PS. This is for a linksys WAP11.

Sun Baked
Nov 14, 2004, 05:28 PM
Damn, my free wireless internet doesn't work anymore... :(

I guess I'll have to get an airport card one of these days.

TIGERmac
Nov 14, 2004, 06:41 PM
While enabling WEP is better than nothing, by no means does it make your connection secure. The so called "Wired Equivalency Protection" proved to be relatively ineffective.

The good news is that there is a fix. It's called WPA, and most router manufacturers have posted firmware updates on their websites to protect older models that came with WEP.

It's a shame that router manufacturers ship their products with many security features turned off. Additionally, they fail to instruct users how to properly secure their networks. Then again, Microsoft follows the same strategy... :mad:

winwintoo
Nov 14, 2004, 06:53 PM
OK, I admit that what I know about networking you could fit inside this dot "." so please be gentle.

I started out with an Airport Extreme base station - that would have been WPA - right?

I replaced it with a Linksys because I was getting way too much interference and dropouts with the AEBS and I thought it was faulty. The Linksys seemed happy with WPA and my PowerBook as well.

Then when I tried to get the PC hooked up, the only way I could make it work was by switching to WEP. Now I'm thinking that's not such a good idea.

Is WEP a limitation of the wireless card that's in the PC do you think, or have I just got the settings all wrong and it should work with WPA.

I'm waiting to be educated here. The router comes with one page of instructions that basically tells you how to take it out of the box and plug it in to the wall - nothing about how to protect yourself and your computers.

Thanks, Margaret

Poeben
Nov 14, 2004, 10:09 PM
If you have a PC you should net send him to freak him out :p.

scem0

Not for nothing, but you can do this from Terminal. Some useful commands for those Macheads bored at work on a Windows network.

findsmb -- Lists all smb machines on your subnet

smbclient -- can be used to send net send messages, among other things. Type 'smbclient' for a list of commands. For example:


smbclient -M NETBios name -U Network Admin (enter)

Due to a problem with the server, you must restart your computer now. Don't attempt to save any work, as this will likely cause existing data to be overwritten. Thank you.

(Control+D) to send message.


This will send the message above from user 'Network Admin'. Oh yeah, don't try this at work. :P

TIGERmac
Nov 14, 2004, 10:43 PM
Is WEP a limitation of the wireless card that's in the PC do you think, or have I just got the settings all wrong and it should work with WPA.

I'm waiting to be educated here. The router comes with one page of instructions that basically tells you how to take it out of the box and plug it in to the wall - nothing about how to protect yourself and your computers.

Thanks, Margaret

Margaret,

If the network card is an older model, it likely will require WPA drivers. Whether or not the manufacturer has made them available is an entirely different issue.

A good reference for securing a wireless network (and upgrading to WPA) can be found here (http://www.pcmag.com/article2/0%2C1759%2C1277020%2C00.asp).

Good luck.

RubberChicken
Nov 15, 2004, 04:27 AM
Mine is a linksys product. I go to the access point + click "advanced" on the right hand side at the top of the web utility. I then click the "wireless" tab. This gives me all sort of customisable things. Eg. pre-amble size etc. At the bottom of that page there is an option to disabling SSID broadbcast.

PS. This is for a linksys WAP11.

Thanks, I just found it under Advanced>Performance... it's the only thing in that panel that is not listed in the help, serve me right for reading it.

Jaz
Nov 15, 2004, 05:05 AM
While enabling WEP is better than nothing, by no means does it make your connection secure. The so called "Wired Equivalency Protection" proved to be relatively ineffective.

The good news is that there is a fix. It's called WPA, and most router manufacturers have posted firmware updates on their websites to protect older models that came with WEP.

It's a shame that router manufacturers ship their products with many security features turned off. Additionally, they fail to instruct users how to properly secure their networks. Then again, Microsoft follows the same strategy... :mad:

Yeah, WEP is not great but is better than nothing. Apple is on the ball as usual. WPA is used in all Airport Extreme and for some older Airport cards.

WPA over WEP. SPI Firewall over NAT ... etc. That is the only failing of AE and Airport Express. They use NAT. If they were SPI then I would use AE but for now I am sticking with Netgear for my routing gear.

mim
Nov 15, 2004, 05:09 AM
Margaret,

If the network card is an older model, it likely will require WPA drivers. Whether or not the manufacturer has made them available is an entirely different issue.

A good reference for securing a wireless network (and upgrading to WPA) can be found here (http://www.pcmag.com/article2/0%2C1759%2C1277020%2C00.asp).

Good luck.

Even many newer PC laptops will require a firmware update to enable WPA. You will also have to install drivers for windows - however XP service pack 2 seems to include them. If you don't have XP I'm not actually sure if you can use WPA on windows...a bit of googling should sort you out though.

If you are running XP, then I fully recommend service pack 2. The WPA drivers are *much* more stable than previously (heh - be gentle with me too...it's my GF that has then windows machine :rolleyes: ).