I have a macbook and was wondering if there is a way to tell who is using my WiFi besides myself, and also is there a way to kick someone off of it?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Kicking someone off my network?
- Thread starter DarkVictory
- Start date
- Sort by reaction score
Protect your Wifi via WPA2 or WEP password.
And/or use MAC addresses to narrow down the specific computers that are allowed on your network.
And/or use MAC addresses to narrow down the specific computers that are allowed on your network.
WPA2 is the only thing that is secure if they make any serious attempt at hacking, but even WEP will stop people with no expert knowledge from accessing your internet connection.
On my PC I could open up my Norton and see what devices were using my Wifi. Is there someway I could check that same thing on my macbook?
Generally, in a router's admin site, it will list the number of devices connected and their IP address, aside from that and MAC address filtering, there isn't really any way to check for other users on your network.
Doesn't really take expert knowledge to defeat wep. There are several software programs that do all the work for ya.
Always use WPA, turn off SSID broadcast, and filter MACs.
^^ You can break WPA with several programs too. The thing is your average user won't be able to "hack" your network like you can with an unprotected network.
It adds just as much protection as WEP - in other words, it stops casual freeloaders and novice attackers. It's a deterrent that someone like a freeloading neighbor will probably not overcome.
True, except that getting a new user to type in a password isn't that much of a pain, but getting them to find out their MAC address and then adding it to the list is much more difficult.
Can you explain how to turn off SSID broadcast and filter MACs? Or do you have a link to something that can explain and/or show me what I need to do to boot these unwanted visitors off my network and my shared list on my Mac's sidebar? A device that goes by the name poopbutt has been poaching my network and my big question is, can poopbutt see my files or even have access to them? Poopbutt is making me paranoid.
Assuming you are using a router, you do it from your router setup. Typically you open a web browser and go to http://192.168.1.1 and log in with a password. There's usually a security tab or page you can go to. Let me know if you can get that far.
Okay, I was able to log into my router set up, and I found the section of the setup that enables or disables SSID broadcasting, and it is currently enabled. So I'm assuming its as simple as just disabling it and saving the changes. The same goes for the Wireless MAC filter, it is currently disabled, and it should be enabled. correct? What does disabling SSID broadcast and MAC filter actually do and how does it keep my setup more secure? Thanks for your help by the way, I'm learning some new stuff here.
Attachments
When you click on your Airport icon, you see the different networks around you, right? Well disabling broadcasting your SSID will make your SSID not show up on that list. But if someone wants to they can still see it with other software even if you don't broadcast it.
MAC filtering allows certain people with the correct MAC address on their wireless card to connect to your router, but you can spoof MAC addresses easily, again with software.
WPA2 Personal is enough, IMO. Just make sure it is a strong password and also make sure your router password is strong too. If you need any more security than that, then whoever wants to get in that badly will probably get in through other methods.
WPA2 will work fine. While MAC can be spoofed, it's unlikely that someone just leaching your connection will know how (or will know what MAC to even spoof to), so I use all three protections (no SSID broadcast, MAC filter, WPA2 password). While each of these is defeatable by someone who really wants to break in, it's more than good enough against neighbors who just want to leach off your connection.
Great, thank you! I agree, if someone wants in that badly then they will probably figure out a way. The three methods of defense that "cmaier" mentioned will most likely do the job for everyone else out there and it will give me some peace of mind with it. Thanks for your help!
Thank you for the reference.
I have been using WPA-2 with a strong (>20b) passkey along with MAC address filtering. I have been using this technique both at home... as well as during very frequent travel with a variety of friends using a travel router (Airport Express).
MAC address filtering does add a significant level of user complexity in setting up new connections for my friends when they want to share my connection. Based on the references you posted, I can now see that this complexity adds no significant security value to my already very secure network (based on WPA-2 with a very complex passcode).
I am going to turn off MAC Address Filtering... another urban myth debunked.
Currently, to add a new computer to my travel router... I must:
1 - Have my friends open their network properties (various methods depending on OS)... and retrieve their MAC address.
2 - Spell it out for me while I type it into a text file that I keep of various MAC addresses
3 - Log into my router
4 - Navigate to the MAC address filter page... and cut/paste the new MAC address into the router table
5 - Wait while the router reboots
6 - Recite the complex pass code as my friend types it into the laptop
By getting rid of the MAC address filter, the complexity of steps 1-5 are no longer needed. I get essentially the same level of security with just my WPA-2 complex passcode -- which while complex and secure, is still quick and easy for my friends to use as they connect to my network.
Thanks again.
/Jim
I have a question, or concern after mulling over some of the posts in here regarding the possibility of someone poaching my network or accessing my files by using software to defeat WPA encryption, MAC Filter, and SSID broadcasting.
This is probably an obvious or stupid question, but if someone does go to all that trouble to use my network or hack into my files are there any defenses for those situations or any way of detecting that individual? Would they be visible without having to install some fancy software just enough so you know they are on your network or in your files?
If my router wasn't password protected at all prior to setting up WPA, could someone have obtained the necessary information to undo the WPA security I just set up?
Finally, if you do learn someone has defeated your defenses, then what? Unplug your router?
Thanks,
Turd Pherguson
I have had my airport on "closed network" for almost as long as I have had it. Seems like the first security step. But now I get to thinking, what if you could get it to broadcast the wrong ID? Say your network is named "HannibalsKitchen", then you tell it to ID itself as "CleanYourDogsTurdsOffMyLawn". At least that would slow down the intruders a little. We need to have a router that can present a spoof network that intruders could enter but not find anything on.
So how about you set up your real network to the usual security settings, WPA, MAC filtering, and don't broadcast SSID... then buy a second wireless router, leave it unconnected to anything, and give it a decoy setup (complete with its own WPA password and filtering if you like).
All this wireless security reminds me of the joke about outrunning your friend instead of outrunning the bear. As long as your network is more secure than the guy down the street, anyone cruising the neighborhood isn't going to pay you any particular mind.
My current Airport status shows 14 wireless networks listed, 3 of which are unprotected (and one of those still named "linksys").