I got an Airport for Christmas and preparing to install broadband service in my apartment this week. I'm not very familiar with the technical aspects of how this all works but I'm concerned with neighbors above or below me feeding off my connection with their wireless computers. Is that possible? If so, how would I go about blocking access to them?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Stealing Internet Connection??
- Thread starter Error Type -43
- Start date
- Sort by reaction score
Not unless they're clever hackers, as long as you use the WEP (encryption) settings that come with it.
I also think that with Airport you can make the network visible or not. That would make the network invisble except to those who know the name of the network (which is generally broadcast). If Airport has MAC address filtering and WEP, those help too.
Good luck...
cpjakes
Good luck...
cpjakes
The only problem I've encountered with making the network invisible (i.e. making it a closed network) is that Windows computers on my network often have trouble finding it even when I type in the name, or if they do make a connection, have trouble staying connected.
And Airport does have MAC address filtering.
Your neighbors would have to be pretty clever, but tools like Kismac can see closed networks and crack the WEP key.
Re: Stealing Internet Connection??
You are to paroniod, he's an idea.
give eash neighbour a flyer or better yet talk to them and say this.
I am getting a high speed internet connection, and have set up a wireless network, I am prepaid to let you use my internet connection for a small monthly fee.
This is good if: the net connection is unlimited
you can profit, or at least pay nothing for the net
you can afford a better connection, hence charge more, and hence everybody benifits
You are to paroniod, he's an idea.
give eash neighbour a flyer or better yet talk to them and say this.
I am getting a high speed internet connection, and have set up a wireless network, I am prepaid to let you use my internet connection for a small monthly fee.
This is good if: the net connection is unlimited
you can profit, or at least pay nothing for the net
you can afford a better connection, hence charge more, and hence everybody benifits
Yes, they can. WiFi Protected Access (WPA) hasn't been cracked yet, but the lower-level WEP (including 128-bit,) has been cracked. There are UNIX-based (and, I assume, although I haven't played with them, OS-X-based,) programs that can 'listen' to a WiFi session for less than 5 minutes (even if it's closed, WEP-protected, password protected, and not broadcasting its SSID,) and find out all they need to know to allow you to connect.
I know, because someone did this to my own network. My next door neighbor cracked my 802.11b network (running on a Linksys router; I have since upgraded to an AirPort Extreme base station,) and printed to my shared printer "GOTCHA!"
We have since decided to open up both of our networks to each other (two other neighbors within a block have joined us,) so we can all access the internet from anywhere on our end of the block (we even have WiFi going a little ways into a nearby park.) Our individual computers are protected, but for at least two of us, you could just drive by and start printing pr0n on our printers if you felt like it. (No, I'm not going to tell you where I live.)
Hopefully within a year we'll have a 5-block-radius area with continuous free WiFi coverage. Our cable and DSL providers will dislike us, but oh well. Our long-term plan is to get a T-1 or better coming into a 'neutral' area (like the non-denominational church in the middle of our neighborhood,) and use Wireless repeaters (like APEx has built-in) to give the whole neighborhood high-speed internet wirelessly.
WEP sucks. whats cool about slowing your conenction down about 25% and still not be sure if 64bit encryption is enough.
Just use MAC filtering and depending on router ( i use dlink) you can play around with privacy settings as well. That will do the trick.
Just use MAC filtering and depending on router ( i use dlink) you can play around with privacy settings as well. That will do the trick.
WEP is crackable and MAC addresses can be spoofed so a wireless connection can be hijacked if someone really wants to. It depends on if they can be bothered.
I did a test once on the train home from work. The train goes at 60mph and the journey is 30 minutes long. Under those conditions any networks picked up by macstumbler must be pretty strong and near the railway tracks. I found about a dozen networks. About 75% had WEP turned off and 20% were still broadcasting with their default SSID suggesting that they'd taken the basestation out of the box, turned it on and left it at that.
Obviously I didn't see those networks that weren't broadcasting their SSIDs but my point is that there are plenty of easier networks to freeload on and mostly I'd guess that unless someone really wants to break into YOUR network there are much easier ways of getting free internet...
FWIW I have WEP, and MAC address filtering turned on on my wireless basestation.
I did a test once on the train home from work. The train goes at 60mph and the journey is 30 minutes long. Under those conditions any networks picked up by macstumbler must be pretty strong and near the railway tracks. I found about a dozen networks. About 75% had WEP turned off and 20% were still broadcasting with their default SSID suggesting that they'd taken the basestation out of the box, turned it on and left it at that.
Obviously I didn't see those networks that weren't broadcasting their SSIDs but my point is that there are plenty of easier networks to freeload on and mostly I'd guess that unless someone really wants to break into YOUR network there are much easier ways of getting free internet...
FWIW I have WEP, and MAC address filtering turned on on my wireless basestation.
I dont quite understand wireless security and I guess I should probably take it more seriously. I thought wep just stopped people intercepting the information you sent as it was encoded? Does it infact stop people from joining your network? If not how do you stop people from joining the network?
(I dont have mac address filtering functionality on my router)
(I dont have mac address filtering functionality on my router)
In the AirPort Admin Utility you can;
- Enable encryption + passwords. Passwords can cause problems on mixed PC/Mac networks...see below.
- Password the base-station itself.
- Create a closed network (disable SSID broadcasting).
- Change the transmitter power down (all the way to 10%, if you wish)
- Create a 802.11g only network (less people have g cards).
- Add specific machines to a "safe" list.
Good luck, this is something that affects me too (someone has been stealing mine for a while, so I downloaded KisMet, played around and worked on it).
If anyone knows how to enable passwords on a mixed PC/Mac network with 128bit encryption in 802.11b/g mode, please tell me
(Linksys cards in the PC laptops)
AppleMatt
- Enable encryption + passwords. Passwords can cause problems on mixed PC/Mac networks...see below.
- Password the base-station itself.
- Create a closed network (disable SSID broadcasting).
- Change the transmitter power down (all the way to 10%, if you wish)
- Create a 802.11g only network (less people have g cards).
- Add specific machines to a "safe" list.
Good luck, this is something that affects me too (someone has been stealing mine for a while, so I downloaded KisMet, played around and worked on it).
If anyone knows how to enable passwords on a mixed PC/Mac network with 128bit encryption in 802.11b/g mode, please tell me
(Linksys cards in the PC laptops)
AppleMatt
How many people are going to go to the trouble of hacking his network? Sure all the security measures out there can be cracked but does that mean not to use them? They will make his network a less attractive target and somebody looking to gain free access will move on to an easier target--and there are enough Linksys routers running on defaults out there that it won't take long to find one.
WEP just encrypts (rather weakly as it happens) information travelling across a network. A hacker has to have the passphrase/key to join the network. There are tools to crack WEP keys and it doesn't take long at all.
MAC address filtering only allows machines with wireless cards with certain MAC address to join the network. Every network adapter has a unique MAC address so every airport (or whatever) card is uniquely identifiable. In theory. You can however also get software that tells a wireless card to say it's MAC is something else. So it's not invulnerable either
It's all about layers of security and making your network stronger than most others in your area
Re: Re: Stealing Internet Connection??
Being paranoid? I think not.
In my apartment complex I have seen two other wireless networks. In one case my laptop even hopped onto one of the other networks when it could not find my private one. I did not tell my laptop to do so, it just jumped onto the one that was available because it could not see mine at the time. Since my network is private I had to tell it to go back to my network.
For the original poster I think turning on WEP and making your network private should be sufficient.
Originally posted by manitoubalck
You are to paroniod, he's an idea.
give eash neighbour a flyer or better yet talk to them and say this.
I am getting a high speed internet connection, and have set up a wireless network, I am prepaid to let you use my internet connection for a small monthly fee.
This is good if: the net connection is unlimited
you can profit, or at least pay nothing for the net
you can afford a better connection, hence charge more, and hence everybody benifits
Being paranoid? I think not.
In my apartment complex I have seen two other wireless networks. In one case my laptop even hopped onto one of the other networks when it could not find my private one. I did not tell my laptop to do so, it just jumped onto the one that was available because it could not see mine at the time. Since my network is private I had to tell it to go back to my network.
For the original poster I think turning on WEP and making your network private should be sufficient.
Slowing my connection down about 25%?
Well from 11Mbps (I've got the original airport) wireless reduced by 25% gives me 8.25Mbps.
Considering my DSL at most maxes out at 1.5Mbps if that, I'd say there is not much loss to be worried about by using WEP.
And if I need to do big file transfers I will do a hard wire network via ethernet and get 100Mbps between my machines.
I'm currently using my neighbour's wireless connection without them knowing. Why? My mother's too cheap.
But they're old people with a DSL and are asleep almost all the time. They don't care.
But they're old people with a DSL and are asleep almost all the time. They don't care.
when i moved into my new apartemnt, i had no calb emodem connection. i was forced to dialup at 9.6k via my cellphone and bluetooth for a few weeks. once i had my cable modem installed, i turned on my airport (off to save battery since it was not in use). i discovered a neighbor had a wireless access point named "Default" which happily let me join in. Kicked myself for not doing a quick seach when I moved in... Since then Default dissapeared, and a new one appeared, password secured. I was about to cancel my cable modem before I was locked out. Oh well.
Care to back that up with specifics? The flaw in WEP is very specific to the way WEP is designed.
I have seen nothing about WPA being insecure. The only insecurity in WPA is that, like with any encryption algorithm, a weak password can make it easier to brute force. This is a fundamentally different issue than the problem with WEP, where the weakness is inherent to the protocol itself.
Maybe this is a stupid question, but how do you know someone is stealing your connection? I don't know how to check for this.