A stranger is connecting to my wireless network

Discussion in 'Mac Basics and Help' started by wafflesnsegways, May 7, 2008.

  1. wafflesnsegways macrumors newbie

    Joined:
    May 7, 2008
    #1
    I've got an old Airport Express, which looks kind of like the A/C brick and sits in a wall socket. It's got a WPA password which shouldn't be possible to guess.

    Today, I opened up a finder window, and I saw "Brian Severson's Computer" in the sidebar. I don't know who this person is or how they connected to my network. WPA security can be broken through, but it sounds like it takes some determination. I live in a dense area, with a handful of open, if slow, wifi points around, so I'm concerned that someone is breaking onto my network because they want to do something illegal.

    My question is: how do I keep them off? I've already changed the WPA password and turned on MAC address filtering. What else should I be doing? How can I know if they try again?
     
  2. Jiddick ExRex macrumors 65816

    Jiddick ExRex

    Joined:
    May 14, 2006
    Location:
    Roskilde, DK
    #2
    If you have turned on MAC adress filtering you should be fine. That means that only the computers with MAC adresses that you allow can get access.
     
  3. officerdick macrumors regular

    Joined:
    May 4, 2006
    #3
    instead of just securing with a password, you can make a whitelist of MAC addresses, so only you're computers can jump on. Have you tried checking the Airports client table, it would say there if someone is on. Change the password to, to something that isn't in the dictionary, os x has a fine password generator.
     
  4. notsofatjames macrumors 6502a

    notsofatjames

    Joined:
    Jan 11, 2007
    Location:
    Wales, UK
    #4
    MAC address filtering should have solved your problem, but since you've already enabled it, I'd double check your allowable addresses, and delete any ones that arent yours. Also make sure you change your routers default password, to stop someone going in and adding themselves to your MAC list.
     
  5. oblomow macrumors 68020

    oblomow

    Joined:
    Apr 14, 2005
    Location:
    Netherlands
    #5
    MAC filtering may sound like a good and safe solution, however it's actually quite easy to 'spoof' the MAC address of a legitimate machine on you network.
    So if someone is really up to no good, MAC filtering won't stop him.
     
  6. NP3 macrumors regular

    Joined:
    Jul 12, 2003
    Location:
    Los Angeles
    #6
    if someone was good enough to get past your WPA password, make sure all your computers are locked up tight with firewalls and little snitch.

    I don't know what type of housing you live in...

    but if you're in an apartment (or share internet), and you have your airport set to DISTRIBUTE IP address, not as a bridge.

    If its a bridge (i'm assuming your version does this), then the person's name will pop up because they're on your subnet...but not running off your airport.
     
  7. chas0001 macrumors 6502a

    chas0001

    Joined:
    Sep 18, 2006
    Location:
    Alicante, SPAIN
    #7
    As an added security measure you can also give your wireless network an obscure name and ensure that you do not broadcast it. This can be done using the Airport Utility and the 'Create a closed network' option.
     
  8. tominated macrumors 68000

    tominated

    Joined:
    Jul 7, 2006
    Location:
    Queensland, Australia
    #8
    i saw something somewhere you could set something up so anything that doesn't use a mac address you specify will have it's images inverted and/or blurred. It was so cool, if you can find it, it might deter intruders
     
  9. MacAodh macrumors regular

    Joined:
    Apr 3, 2006
    Location:
    Dublin, Eire
    #9
    Stupid question, no one in your house has a second hand computer by any chance?
     
  10. wafflesnsegways thread starter macrumors newbie

    Joined:
    May 7, 2008
    #10
    No, we've got one cable modem with one airport express plugged into it.

    I thought Little Snitch told you when apps on your computer tried to phone home. How would I use it here?

    Actually, someone does. But it would have shown up earlier, right? I'll double check, but I don't think this is what's going on.
     
  11. merl1n macrumors 65816

    merl1n

    Joined:
    Mar 30, 2008
    Location:
    New Jersey, USA
    #11

    It's not that he has access to your computer, but you have access to his. This could be occurring because he is on the same subnet as you with your ISP, he has file sharing turned on and he has no password protection.
     
  12. soms macrumors 6502

    soms

    Joined:
    Dec 10, 2007
    Location:
    Seattle
    #12
    Correct. I have this problem as well, situation being: I connect to my schools network when on campus and see connected Mac's. I then go home an connect to my own wifi with encryption, but I still see those Mac's. Sounds like he's not connecting to your network, instead you are seeing his open sharing Mac.
     
  13. notjustjay macrumors 603

    notjustjay

    Joined:
    Sep 19, 2003
    Location:
    Canada, eh?
    #13
    Yup. Leopard shows the names of computers it finds on the Finder window sidebar. It might not have even come from your network (in fact it probably didn't). At one point your laptop connected to another network -- say at school, work, the coffee shop, hotel, etc. -- and Leopard found that computer.

    Reboot and I bet it'll go away, never to return.
     
  14. Eraserhead macrumors G4

    Eraserhead

    Joined:
    Nov 3, 2005
    Location:
    UK
    #14
    If he can break WPA it'll be trivial to break MAC filtering...

    I've never seen that, but TBH its more likely than WPA being hacked.
     
  15. NP3 macrumors regular

    Joined:
    Jul 12, 2003
    Location:
    Los Angeles
    #15
    Its another layer of protection--little snitch watches outbound and inbound. So if 'brian' happened to get past your firewall and wanted to set up some sort of funky ftp, etc. file transfer, little snitch would pop up.

    for example, I have little snitch set on my own machine with no rules regarding the open services--so for things like ftp, even though i have it set to allow password protected logins, it still tells me when they're happening. Color me paranoid *shrug*.
     
  16. Consultant macrumors G5

    Consultant

    Joined:
    Jun 27, 2007
    #16
    Next time, if you see the person, disconnect modem, then you'll know whether it's your ISP or your wifi.

    But typically in these cases, it's typically a computer from one of your roommates.

    A hacker will not announce their presence with Bonjour service on.
     
  17. wafflesnsegways thread starter macrumors newbie

    Joined:
    May 7, 2008
    #17
    This sounds like the most likely explanation. Because really, with free wifi floating around my neighborhood, why would somebody bother? And why would they leave file sharing on?

    Or it could have been someone who just wanted to see if he could do it.

    Still, at the time, it was strange. My initial reaction was, "Holy crap! Something horrible is going on!"
     
  18. soms macrumors 6502

    soms

    Joined:
    Dec 10, 2007
    Location:
    Seattle
    #18
    :D yea it kind of defeats the purpose if you leave evidence of who "hacked" your network. like someone said above, try restarting a few times and see if it goes away.
     
  19. JNB macrumors 604

    JNB

    Joined:
    Oct 7, 2004
    Location:
    In a Hell predominately of my own making
    #19
    As has been stated, you see them, not necessarily them seeing you. Here's who I see from my hotel right now...
     

    Attached Files:

Share This Page