Kicking someone off my network?

Discussion in 'Mac Basics and Help' started by DarkVictory, Dec 25, 2009.

  1. DarkVictory macrumors member

    Joined:
    May 5, 2009
    #1
    I have a macbook and was wondering if there is a way to tell who is using my WiFi besides myself, and also is there a way to kick someone off of it?
     
  2. spinnerlys Guest

    spinnerlys

    Joined:
    Sep 7, 2008
    Location:
    forlod bygningen
    #2
    Protect your Wifi via WPA2 or WEP password.
    And/or use MAC addresses to narrow down the specific computers that are allowed on your network.
     
  3. Eraserhead macrumors G4

    Eraserhead

    Joined:
    Nov 3, 2005
    Location:
    UK
    #3
    WPA2 is the only thing that is secure if they make any serious attempt at hacking, but even WEP will stop people with no expert knowledge from accessing your internet connection.
     
  4. DarkVictory thread starter macrumors member

    Joined:
    May 5, 2009
    #4
    On my PC I could open up my Norton and see what devices were using my Wifi. Is there someway I could check that same thing on my macbook?
     
  5. Ride9650 macrumors 6502

    Joined:
    Jun 29, 2007
    #5
    Generally, in a router's admin site, it will list the number of devices connected and their IP address, aside from that and MAC address filtering, there isn't really any way to check for other users on your network.
     
  6. cmaier macrumors G3

    Joined:
    Jul 25, 2007
    Location:
    California
    #6
    Doesn't really take expert knowledge to defeat wep. There are several software programs that do all the work for ya.

    Always use WPA, turn off SSID broadcast, and filter MACs.
     
  7. Eraserhead macrumors G4

    Eraserhead

    Joined:
    Nov 3, 2005
    Location:
    UK
    #7
    ^^ You can break WPA with several programs too. The thing is your average user won't be able to "hack" your network like you can with an unprotected network.
     
  8. roadbloc macrumors G3

    roadbloc

    Joined:
    Aug 24, 2009
    Location:
    UK
    #8
    Encrypt your network with a WPA/2 passcode and add MAC address protection for your networking hardware.
     
  9. Eraserhead macrumors G4

    Eraserhead

    Joined:
    Nov 3, 2005
    Location:
    UK
    #9
    MAC address protection doesn't add any real protection to your network - it just makes it harder for legitimate users. (source)
     
  10. cmaier macrumors G3

    Joined:
    Jul 25, 2007
    Location:
    California
    #10
    It adds just as much protection as WEP - in other words, it stops casual freeloaders and novice attackers. It's a deterrent that someone like a freeloading neighbor will probably not overcome.
     
  11. Eraserhead macrumors G4

    Eraserhead

    Joined:
    Nov 3, 2005
    Location:
    UK
    #11
    True, except that getting a new user to type in a password isn't that much of a pain, but getting them to find out their MAC address and then adding it to the list is much more difficult.
     
  12. Turd Pherguson macrumors newbie

    Joined:
    Jan 21, 2010
    Location:
    Poo York
    #12

    Can you explain how to turn off SSID broadcast and filter MACs? Or do you have a link to something that can explain and/or show me what I need to do to boot these unwanted visitors off my network and my shared list on my Mac's sidebar? A device that goes by the name poopbutt has been poaching my network and my big question is, can poopbutt see my files or even have access to them? Poopbutt is making me paranoid.
     
  13. cmaier macrumors G3

    Joined:
    Jul 25, 2007
    Location:
    California
    #13
    Assuming you are using a router, you do it from your router setup. Typically you open a web browser and go to http://192.168.1.1 and log in with a password. There's usually a security tab or page you can go to. Let me know if you can get that far.
     
  14. Turd Pherguson macrumors newbie

    Joined:
    Jan 21, 2010
    Location:
    Poo York
    #14
    Okay, I was able to log into my router set up, and I found the section of the setup that enables or disables SSID broadcasting, and it is currently enabled. So I'm assuming its as simple as just disabling it and saving the changes. The same goes for the Wireless MAC filter, it is currently disabled, and it should be enabled. correct? What does disabling SSID broadcast and MAC filter actually do and how does it keep my setup more secure? Thanks for your help by the way, I'm learning some new stuff here.
     

    Attached Files:

  15. scissorband macrumors member

    Joined:
    Jan 16, 2010
    #15
    When you click on your Airport icon, you see the different networks around you, right? Well disabling broadcasting your SSID will make your SSID not show up on that list. But if someone wants to they can still see it with other software even if you don't broadcast it.

    MAC filtering allows certain people with the correct MAC address on their wireless card to connect to your router, but you can spoof MAC addresses easily, again with software.

    WPA2 Personal is enough, IMO. Just make sure it is a strong password and also make sure your router password is strong too. If you need any more security than that, then whoever wants to get in that badly will probably get in through other methods.
     
  16. cmaier macrumors G3

    Joined:
    Jul 25, 2007
    Location:
    California
    #16
    WPA2 will work fine. While MAC can be spoofed, it's unlikely that someone just leaching your connection will know how (or will know what MAC to even spoof to), so I use all three protections (no SSID broadcast, MAC filter, WPA2 password). While each of these is defeatable by someone who really wants to break in, it's more than good enough against neighbors who just want to leach off your connection.
     
  17. Turd Pherguson macrumors newbie

    Joined:
    Jan 21, 2010
    Location:
    Poo York
    #17

    Great, thank you! I agree, if someone wants in that badly then they will probably figure out a way. The three methods of defense that "cmaier" mentioned will most likely do the job for everyone else out there and it will give me some peace of mind with it. Thanks for your help!
     
  18. flynz4 macrumors 68040

    Joined:
    Aug 9, 2009
    Location:
    Portland, OR
    #18
    Thank you for the reference.

    I have been using WPA-2 with a strong (>20b) passkey along with MAC address filtering. I have been using this technique both at home... as well as during very frequent travel with a variety of friends using a travel router (Airport Express).

    MAC address filtering does add a significant level of user complexity in setting up new connections for my friends when they want to share my connection. Based on the references you posted, I can now see that this complexity adds no significant security value to my already very secure network (based on WPA-2 with a very complex passcode).

    I am going to turn off MAC Address Filtering... another urban myth debunked.

    Currently, to add a new computer to my travel router... I must:

    1 - Have my friends open their network properties (various methods depending on OS)... and retrieve their MAC address.
    2 - Spell it out for me while I type it into a text file that I keep of various MAC addresses
    3 - Log into my router
    4 - Navigate to the MAC address filter page... and cut/paste the new MAC address into the router table
    5 - Wait while the router reboots
    6 - Recite the complex pass code as my friend types it into the laptop

    By getting rid of the MAC address filter, the complexity of steps 1-5 are no longer needed. I get essentially the same level of security with just my WPA-2 complex passcode -- which while complex and secure, is still quick and easy for my friends to use as they connect to my network.

    Thanks again.

    /Jim
     
  19. Turd Pherguson macrumors newbie

    Joined:
    Jan 21, 2010
    Location:
    Poo York
    #19
    I have a question, or concern after mulling over some of the posts in here regarding the possibility of someone poaching my network or accessing my files by using software to defeat WPA encryption, MAC Filter, and SSID broadcasting.
    This is probably an obvious or stupid question, but if someone does go to all that trouble to use my network or hack into my files are there any defenses for those situations or any way of detecting that individual? Would they be visible without having to install some fancy software just enough so you know they are on your network or in your files?

    If my router wasn't password protected at all prior to setting up WPA, could someone have obtained the necessary information to undo the WPA security I just set up?

    Finally, if you do learn someone has defeated your defenses, then what? Unplug your router?

    Thanks,
    Turd Pherguson
     
  20. Sydde macrumors 68020

    Sydde

    Joined:
    Aug 17, 2009
    #20
    I have had my airport on "closed network" for almost as long as I have had it. Seems like the first security step. But now I get to thinking, what if you could get it to broadcast the wrong ID? Say your network is named "HannibalsKitchen", then you tell it to ID itself as "CleanYourDogsTurdsOffMyLawn". At least that would slow down the intruders a little. We need to have a router that can present a spoof network that intruders could enter but not find anything on.
     
  21. notjustjay macrumors 603

    notjustjay

    Joined:
    Sep 19, 2003
    Location:
    Canada, eh?
    #21
    So how about you set up your real network to the usual security settings, WPA, MAC filtering, and don't broadcast SSID... then buy a second wireless router, leave it unconnected to anything, and give it a decoy setup (complete with its own WPA password and filtering if you like).

    All this wireless security reminds me of the joke about outrunning your friend instead of outrunning the bear. As long as your network is more secure than the guy down the street, anyone cruising the neighborhood isn't going to pay you any particular mind.

    My current Airport status shows 14 wireless networks listed, 3 of which are unprotected (and one of those still named "linksys").
     

Share This Page