Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
checking for wifi leechers
- Thread starter gelatin
- Start date
- Sort by reaction score
WPA is pretty strong, so I wouldn't worry. But if you still want to be sure, then check the logs stored in your router. Check how many IPs where issued and to which MAC addresses.
As far as I know, WPA is very hard to crack.
To check if anyone is leeching, you can either ping them using the Network Utility (ping an IP address above or below yours. Ex.: if your router's IP address is 10.0.1.1, and your IP address is 10.0.1.2, ping 10.0.1.3. ), or you can use the "netstat" command in the Network Utility or Terminal.
That's what I do, and it's semi-effective.
Your network router should have an option to look at the DNS addresses that were given out along with the Mac address of the computer that asked for it.
That's not a good idea at all, because they could static assign themselves an IP at the other end of the subnet.
If you have a Netgear (I'm basing this off a WGR614, but I assume they're all similar) just login to your router's admin thing and go to the Attached Devices section. That'll show everything on your network, wired and wireless. But if you're using WPA and have a halfway decent password, you should be OK
I don't know if this is universally available across brands, but my Belkin pre-n has a setting to allow me to specify which MAC addys to either specifically allow or block wirelessly. Very handy. I also only allow a very small range of assignable IP's and block my SSID, which, just to give drive-bys and what few folks in my neighborhood may even have a computer a pause, is called "VIRUSTESTNET".
Hate to break it to you, but MAC address filtering is useless. It's very easy to obtain a valid MAC by sniffing packets (since a computer's MAC is attached to every packet, all someone needs to do is sniff all packets from a computer sent to your access point) and then it's just as easy to spoof that MAC. And if someone's spoofing your MAC on a Mac, then they're not going to worry about the VIRUSTESTNET SSID
Hiding the SSID doesn't do a thing either since there are ways to sniff those out too. The best way to secure a wireless network is encryption. WPA or better. WEP is just as useless as MAC filtering. And WPA is useless as well if you're not using a long, random password with it since although it can't be cracked, it's still susceptible to brute force attacks.
I use WPA and leave my SSID broadcasted. No point in not broadcasting when it's so easy to find anyways, and I have WPA. Not broadcasting just makes more work for me when I have to connect, since I would have to type in the network name and can't just choose it from the list. What can I say? I'm lazy
Hate to break it to you, but MAC address filtering is useless. It's very easy to obtain a valid MAC by sniffing packets (since a computer's MAC is attached to every packet, all someone needs to do is sniff all packets from a computer sent to your access point) and then it's just as easy to spoof that MAC. And if someone's spoofing your MAC on a Mac, then they're not going to worry about the VIRUSTESTNET SSID
The best way to secure a wireless network is encryption. WPA or better. WEP is just as useless as MAC filtering. And WPA is useless as well if you're not using a long, random password with it since although it can't be cracked, it's still susceptible to brute force attacks.
I use WPA and leave my SSID broadcasted. No point in not broadcasting when it's so easy to find anyways, and I have WPA. Not broadcasting just makes more work for me when I have to connect, since I would have to type in the network name and can't just choose it from the list. What can I say? I'm lazy
All true, I shoulda gone on to say that just like locks on a door, all of it is to keep the random but mostly honest jerk out. I have no misconceptions about a dedicated, skilled attack. That being said, everything I do is just for that purpose, and in my neighborhood, that's gonna be more than good enough - I'm 50, and one of the youngest people on the block. Not what you'd call a target-rich environment.
I didn't mention WPA cuz I consider that a default setting anymore for me, don't even think about it anymore!
Like yg17 said, just use a really long random password for WPA with mixed letters and numbers, and you'll be alright.
In my neighborhood, every other SSID is "linksys", free of encryption and with the default password on the router! Unless you want to steal a particular person's identity, or monitor their traffic, there is just no incentive where I live to bother trying to break even WEP.
In my neighborhood, every other SSID is "linksys", free of encryption and with the default password on the router! Unless you want to steal a particular person's identity, or monitor their traffic, there is just no incentive where I live to bother trying to break even WEP.
For some people, the quest to break it is enough incentive. I'd never use WEP.
Which would be better, having a WEP key or blocking it by putting in a specific MAC address to the router?
At least WEP would encrypt your traffic, but they both can be cracked in seconds by someone who knows what they're doing. Use WPA with a good password. It's secure.....
Agreed. But if your router or computer doesn't support WPA, then I'd used MAC filtering, WEP, hiding the SSID, and only leasing as many IPs as computer your own.
out of curiosity, can somebody trying to break in easily tell whether you have WEP as opposed to WAP?
That's really easy to see; just try to join a given network. And then it will clearly display whether they're using WEP or WPA.
True...but still crackable. And limiting the number of IPs that can be leased won't do a thing either. All a cracker would need to do is disable DHCP on their computer and assign themselves an IP in the subnet...that's what I do on my network, just so my port forwarding doesn't break everytime my router's DHCP server decides to hand out new IPs. I could tell my router to only lease out 192.168.1.2-192.168.1.4 for the 3 computers on the network, but I still have 192.168.1.5-192.168.1.254 available for static IP assignment. And there's no way, at least on the cheap, home routers, to block those.
Plus, they don't even need an IP to sniff out packets. Once they crack your WEP key (in a matter of minutes) they can view everything sent to and from your computers. And if you're logging into things and not using SSL, all your passwords are sent over the air in clear text for a hacker to take and have fun with. People think that the only reason hackers crack WEP keys and spoof MACs is to get free internet. I'm sure they have adequate internet access at home, they're probably looking for personal information that's being transmitted.
When it comes down to it, the difference between MAC filtering and WEP is the difference between leaving your car door unlocked and locking your doors, but leaving the window wide open.
I agree with you 100%. But if by chance WPA is not an option (and on many older routers it's not), putting as many barriers up as possible may be the only option. I'd rather put 5 plastic locks on my door than leave it wide open. Anything you can do to slow down an intruder is better than nothing.