checking for wifi leechers

Discussion in 'Mac Basics and Help' started by gelatin, Apr 25, 2007.

  1. gelatin macrumors 6502

    Joined:
    Sep 16, 2006
    #1
    now my router is wpa passworded so im not to worried but i just wanted to know how i would check if someone is leeching?
     
  2. Willis macrumors 68020

    Willis

    Joined:
    Apr 23, 2006
    Location:
    What feels like the middle of nowhere
    #2
    if its secure, you wont have to worry about it, as they cant access your network with out the password :confused:
     
  3. grapes911 Moderator emeritus

    grapes911

    Joined:
    Jul 28, 2003
    Location:
    Citizens Bank Park
    #3
    WPA is pretty strong, so I wouldn't worry. But if you still want to be sure, then check the logs stored in your router. Check how many IPs where issued and to which MAC addresses.
     
  4. mattthemutt macrumors regular

    mattthemutt

    Joined:
    Jun 13, 2004
    Location:
    Ontario, Canada
    #4
    As far as I know, WPA is very hard to crack.

    To check if anyone is leeching, you can either ping them using the Network Utility (ping an IP address above or below yours. Ex.: if your router's IP address is 10.0.1.1, and your IP address is 10.0.1.2, ping 10.0.1.3. ), or you can use the "netstat" command in the Network Utility or Terminal.

    That's what I do, and it's semi-effective.
     
  5. pilotError macrumors 68020

    pilotError

    Joined:
    Apr 12, 2006
    Location:
    Long Island
    #5
    Your network router should have an option to look at the DNS addresses that were given out along with the Mac address of the computer that asked for it.
     
  6. gelatin thread starter macrumors 6502

    Joined:
    Sep 16, 2006
  7. yg17 macrumors G5

    yg17

    Joined:
    Aug 1, 2004
    Location:
    St. Louis, MO
    #8
    That's not a good idea at all, because they could static assign themselves an IP at the other end of the subnet.


    If you have a Netgear (I'm basing this off a WGR614, but I assume they're all similar) just login to your router's admin thing and go to the Attached Devices section. That'll show everything on your network, wired and wireless. But if you're using WPA and have a halfway decent password, you should be OK
     
  8. JNB macrumors 604

    JNB

    Joined:
    Oct 7, 2004
    Location:
    In a Hell predominately of my own making
    #9
    I don't know if this is universally available across brands, but my Belkin pre-n has a setting to allow me to specify which MAC addys to either specifically allow or block wirelessly. Very handy. I also only allow a very small range of assignable IP's and block my SSID, which, just to give drive-bys and what few folks in my neighborhood may even have a computer a pause, is called "VIRUSTESTNET".
     
  9. yg17 macrumors G5

    yg17

    Joined:
    Aug 1, 2004
    Location:
    St. Louis, MO
    #10
    Hate to break it to you, but MAC address filtering is useless. It's very easy to obtain a valid MAC by sniffing packets (since a computer's MAC is attached to every packet, all someone needs to do is sniff all packets from a computer sent to your access point) and then it's just as easy to spoof that MAC. And if someone's spoofing your MAC on a Mac, then they're not going to worry about the VIRUSTESTNET SSID ;) Hiding the SSID doesn't do a thing either since there are ways to sniff those out too.

    The best way to secure a wireless network is encryption. WPA or better. WEP is just as useless as MAC filtering. And WPA is useless as well if you're not using a long, random password with it since although it can't be cracked, it's still susceptible to brute force attacks.

    I use WPA and leave my SSID broadcasted. No point in not broadcasting when it's so easy to find anyways, and I have WPA. Not broadcasting just makes more work for me when I have to connect, since I would have to type in the network name and can't just choose it from the list. What can I say? I'm lazy :D
     
  10. JNB macrumors 604

    JNB

    Joined:
    Oct 7, 2004
    Location:
    In a Hell predominately of my own making
    #11
    All true, I shoulda gone on to say that just like locks on a door, all of it is to keep the random but mostly honest jerk out. I have no misconceptions about a dedicated, skilled attack. That being said, everything I do is just for that purpose, and in my neighborhood, that's gonna be more than good enough - I'm 50, and one of the youngest people on the block. Not what you'd call a target-rich environment.

    I didn't mention WPA cuz I consider that a default setting anymore for me, don't even think about it anymore!
     
  11. thewhitehart macrumors 6502a

    thewhitehart

    Joined:
    Jul 9, 2005
    Location:
    The town without George Bailey
    #12
    Like yg17 said, just use a really long random password for WPA with mixed letters and numbers, and you'll be alright.

    In my neighborhood, every other SSID is "linksys", free of encryption and with the default password on the router! Unless you want to steal a particular person's identity, or monitor their traffic, there is just no incentive where I live to bother trying to break even WEP.
     
  12. grapes911 Moderator emeritus

    grapes911

    Joined:
    Jul 28, 2003
    Location:
    Citizens Bank Park
    #13
    For some people, the quest to break it is enough incentive. I'd never use WEP.
     
  13. Andrew D. macrumors 6502

    Joined:
    Apr 17, 2007
    Location:
    Chicago, IL
    #14
    Which would be better, having a WEP key or blocking it by putting in a specific MAC address to the router?
     
  14. yg17 macrumors G5

    yg17

    Joined:
    Aug 1, 2004
    Location:
    St. Louis, MO
    #15
    At least WEP would encrypt your traffic, but they both can be cracked in seconds by someone who knows what they're doing. Use WPA with a good password. It's secure.....
     
  15. grapes911 Moderator emeritus

    grapes911

    Joined:
    Jul 28, 2003
    Location:
    Citizens Bank Park
    #16
    Agreed. But if your router or computer doesn't support WPA, then I'd used MAC filtering, WEP, hiding the SSID, and only leasing as many IPs as computer your own.
     
  16. Macky-Mac macrumors 68030

    Macky-Mac

    Joined:
    May 18, 2004
    #17
    out of curiosity, can somebody trying to break in easily tell whether you have WEP as opposed to WAP?
     
  17. devilot Moderator emeritus

    devilot

    Joined:
    May 1, 2005
    #18
    That's really easy to see; just try to join a given network. And then it will clearly display whether they're using WEP or WPA.

    Picture 1.png
     
  18. yg17 macrumors G5

    yg17

    Joined:
    Aug 1, 2004
    Location:
    St. Louis, MO
    #19
    True...but still crackable. And limiting the number of IPs that can be leased won't do a thing either. All a cracker would need to do is disable DHCP on their computer and assign themselves an IP in the subnet...that's what I do on my network, just so my port forwarding doesn't break everytime my router's DHCP server decides to hand out new IPs. I could tell my router to only lease out 192.168.1.2-192.168.1.4 for the 3 computers on the network, but I still have 192.168.1.5-192.168.1.254 available for static IP assignment. And there's no way, at least on the cheap, home routers, to block those.

    Plus, they don't even need an IP to sniff out packets. Once they crack your WEP key (in a matter of minutes) they can view everything sent to and from your computers. And if you're logging into things and not using SSL, all your passwords are sent over the air in clear text for a hacker to take and have fun with. People think that the only reason hackers crack WEP keys and spoof MACs is to get free internet. I'm sure they have adequate internet access at home, they're probably looking for personal information that's being transmitted.

    When it comes down to it, the difference between MAC filtering and WEP is the difference between leaving your car door unlocked and locking your doors, but leaving the window wide open.
     
  19. grapes911 Moderator emeritus

    grapes911

    Joined:
    Jul 28, 2003
    Location:
    Citizens Bank Park
    #20
    I agree with you 100%. But if by chance WPA is not an option (and on many older routers it's not), putting as many barriers up as possible may be the only option. I'd rather put 5 plastic locks on my door than leave it wide open. Anything you can do to slow down an intruder is better than nothing.
     

Share This Page