Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

rrm74001

macrumors 6502
Original poster
I got this email from the manager of my dorm:

This is a reminder that wireless routers of any kind are not permitted anywhere in the ***** *****. If you have one please disable it immediately because these are causing the internet for the entire building to stop working and it is very frustrating to residents who do not have internet access. This entire building does not have wireless capabilities. Every apartment is equipped with a modem for Ethernet internet access. We pay a lot of money to have Ethernet in every apartment so by using wireless routers when we don’t have wireless internet you’re not only stealing wireless from someone not affiliated with this building you’re wasting our money that pays the internet bill every month, and you’re causing the internet to go down to the entire building. ***** is working hard to identify where these wireless routers are in the building and disabling them as they find them, but they need your help. If you have one please stop using it, or if you know someone that has one please tell them to stop using it. If you have questions about this please direct them to the IT department by calling (***) ***-****.

Is there really a way for them to detect if I am using a wireless router in my dorm room? I am using an Airport Express and it is convenient because it allows me to plug my printer into the USB so my printer does not take up space on my desk. And I have a Playstation 3 in the common room with NetFlix. So do you think I should unplug it? Or are they bluffing? 😀
 
That is ridiculous.

Frankly there reasoning does not make any sense whatsoever, sorry to hear you're dealing with all that.
 
I think they're bluffing, one thing you could do if you want to keep your wifi, hide your SSID on the router and use a channel that is not used where you live. (use iStumbler or similar to find out what's common). They can find you if they really want.
I thinks they really want to crack down on people sharing the bill (i.e. you and your neighbors getting one connection between the two of you). So don't tell anyone you know you are using wifi.

The other solution would be using Ethernet over power adaptors:
http://www.ehow.com/how_4662693_use-ethernet-over-power-outlets.html
http://computer.howstuffworks.com/power-network.htm

FL.
 
Well... In my days of undergrad, I worked as the HelpDesk coordinator for a Pac-10 University. You would simply not believe the number of idiots who would buy a wireless router, plug in the LAN cable into one of the host slots and proceed to start assigning IP addresses to other clients on the network. We're talking 3-4 per month. They could shut down a dorm in a matter of minutes.

We would probe the network for OS information and when a BSD/Other device appeared, we would simply give them a call and ask what version of BSD they were running. When they were unable to answer, we'd block their port and would seize the router.

I'm 95% sure the wireless component is not what they're talking about; it's simply the real possibility of a rogue router bringing down the network. However, as long as you're not an idiot - they most likely won't bother you. Keep your essid hidden and well encrypted.
 
Yeah, they can tell if you are running a switch or router on their network. In Cisco's IOS, for example, there is a command called BPDU guard which can detect when an intelligent device, such as a switch or router, is plugged into a switchport and shut down that port. As a network admin, this is a good thing, since a rogue switch or router can cause problems with Spanning Tree, DHCP, etc. In a corporate environment, this would help prevent someone from plugging in a rogue wireless AP somewhere and snooping your network. As was stated earlier, this is probably to protect the network, not to prevent wireless use.
 
You can get little fobs that detect wireless signals, some even display how strong the signal is the closer you get to it afaik. I doubt they're doing that anyway.

Just have it turned on when you use it and keep it close to your chest I guess.

Edit: just read above post, seems maybe they can do it through their system management..
 
As was stated earlier, this is probably to protect the network, not to prevent wireless use.

The wording suggests that they aren't technically apt enough to go to such great lengths. 🙄

A hidden SSID should suffice, as well as an unconnected ethernet cable on hand to ward off any suspicion. If the router (and SSID) are left hidden but unencrypted, there is nothing stopping you from denying ownership and claiming that knowledge of the hidden network came from rumor.
 
any school running decent network equipment w/proactive monitoring at the access layer will eventually find out. you can hide your SSID but with netstumbler, airjack, or airmagnet - given time will find your device.
 
The wording suggests that they aren't technically apt enough to go to such great lengths. 🙄

A hidden SSID should suffice, as well as an unconnected ethernet cable on hand to ward off any suspicion. If the router (and SSID) are left hidden but unencrypted, there is nothing stopping you from denying ownership and claiming that knowledge of the hidden network came from rumor.

I was just saying it was indeed possible for them to tell if someone was running unauthorized network equipment. As you said, though, if they were running this kind of stuff, it would have already stopped working. Most of the options like BPDU guard and port security are pretty much instant.
 
any school running decent network equipment w/proactive monitoring at the access layer will eventually find out. you can hide your SSID but with netstumbler, airjack, or airmagnet - given time will find your device.

I spent 3 1/2 years at an university dormitory that doesn't allow wireless routers (or any routers for that matter). Yet, I had an AirPort Express all those years because they put the ethernet port in such a inconvenient place (literally opposite the power plugs). I hide the SSID, encrypt it, and only I, my roommate and any girlfriend I happen to have at the time, are allowed to use it. I change the SSID and password whenever the identity of either my roommate or my girlfriend changes 😀

Never caught, never got a complaint.
 
I am not so worried about them finding the wireless signal of my router. I have the SSID hidden and a 32 alpha-numeric-symbolic random WPA2-Personal encryption password. I suppose they could use a WiFi sniffer and walk around the building trying find where the signal is strongest and find my router that way. But I do not see them doing that. Plus I set the radius of the signal to 10% so it does not reach much farther than my room.

What I am worried about though is them finding my router REMOTELY. Like do my packets somehow indicate that I am using a router? Or can they detect what kind of hardware is connected to my modem remotely?

Maybe I should not even risk it because they claim that they will turn off my internet for the rest of the semester if I do not comply...

I cant even use my computer on my bed!
 
I highly doubt that they're going to put that much effort into it. Most likely, they'll use a lot of nasty language and as long as you aren't doing bad things (torrenting, DMCA or equivalent violations, foreign traffic, etc...) I wouldn't have bothered you when I ran the HellDesk. It just depends on the university.

If you are really concerned, build yourself a little linux box and use that to set up a WAP. They won't see any thing except your linux box pulling traffic. At my school, you could buy a POS surplus machine that would serve this purpose wonderfully. You could even get by with running monowall off a floppy. You have lots of options...
 
I know it may not be the cool and popular thing to say
But I would recommend following the school's policies instead of trying to find ways to circumvent them
Whether you feel they are not fair, unjustified or just plain silly, it still doesn't give you the right to violate the rules
You agree to certain limits when you choose to attend the school
At such time you are no longer willing to uphold that agreement, you should re-evaluate your choice of school
 
What I am worried about though is them finding my router REMOTELY. Like do my packets somehow indicate that I am using a router? Or can they detect what kind of hardware is connected to my modem remotely?

Maybe I should not even risk it because they claim that they will turn off my internet for the rest of the semester if I do not comply...

I cant even use my computer on my bed!

As I said earlier, routers and other intelligent networking devices are detectable if they have the right equipment, IOS setup, and they are actually monitoring it. Like I said, though, if they haven't done it by now, I would think they aren't doing anything like that. Or maybe they just are being nice by giving you warning.

One question for you: Do you just have ethernet jacks in the room to plug into, or do they give you an actual modem? Most of the stuff I have been talking about would basically involve an ethernet cable connected to an enterprise level switch and a big network. If they give you something like a cable modem, I'm not too sure what they can and can't detect.
 
As I said earlier, routers and other intelligent networking devices are detectable if they have the right equipment, IOS setup, and they are actually monitoring it. Like I said, though, if they haven't done it by now, I would think they aren't doing anything like that. Or maybe they just are being nice by giving you warning.

One question for you: Do you just have ethernet jacks in the room to plug into, or do they give you an actual modem? Most of the stuff I have been talking about would basically involve an ethernet cable connected to an enterprise level switch and a big network. If they give you something like a cable modem, I'm not too sure what they can and can't detect.

There are no ethernet jacks in my room. There is a phone line that connects to my modem, and then from the modem I connect to my AirPort Express via ethernet and then I connect to the AirPort Express. I am pretty sure I am still going through my schools network though.

I have had this wireless router running in my room (along with many other people in my dorm using their own router) for over 8 months now and they have not said anything at all. Now all of a sudden I am "bringing down the internet for the entire building"...

I know it may not be the cool and popular thing to say
But I would recommend following the school's policies instead of trying to find ways to circumvent them
Whether you feel they are not fair, unjustified or just plain silly, it still doesn't give you the right to violate the rules
You agree to certain limits when you choose to attend the school
At such time you are no longer willing to uphold that agreement, you should re-evaluate your choice of school

Well...now that we got that out of the way...
 
There are no ethernet jacks in my room. There is a phone line that connects to my modem, and then from the modem I connect to my AirPort Express via ethernet and then I connect to the AirPort Express. I am pretty sure I am still going through my schools network though.

That completely throws out what I said above. That setup sounds really strange.
 
Okay 1 more question for you guys. I turned on internet sharing and set it up so that devices that connect to my MacBook Pro via Airport will share internet with my ethernet connection. Is my MacBook going to be viewed as a router if they are monitoring?
 
Okay 1 more question for you guys. I turned on internet sharing and set it up so that devices that connect to my MacBook Pro via Airport will share internet with my ethernet connection. Is my MacBook going to be viewed as a router if they are monitoring?
You clearly don't know enough about networking to avoid getting caught. To your question: Of course, your computer is a router if you have Internet sharing enabled. That's what a router does.
 
We actually had a thread similar to this not too long ago.

https://forums.macrumors.com/threads/833193/

Also:

http://www.nessus.org/whitepapers/wap-id-nessus.pdf

Edit: Relevant link from that thread: http://www.sflow.org/detectNAT/

Thanks that helped alot. It seems like the problem has to do with people hooking their routers up wrong:

https://forums.macrumors.com/threads/833193/

I was doing it right all along because I have been using bridge mode on my AirPort Express so I was not causing any problems 😀.
 
As I said earlier, routers and other intelligent networking devices are detectable if they have the right equipment, IOS setup, and they are actually monitoring it. Like I said, though, if they haven't done it by now, I would think they aren't doing anything like that. Or maybe they just are being nice by giving you warning.
I agree on this, but if we look at the wording of the letter of the OP, it clearly states wireless routers, not "any router" so even if they could detect a router (which we've come to the conclusion, with the setup is not possible/unlikely), they can't dismiss it on those basis alone. (since it might be a normal wired router).. just my 2cts

FL.
 
Actually, the more that I think about it, I am using more of a wireless bridge than I am a wireless router. Do you think they consider them to be the same thing?
 
I imagine them using the term "wireless router" meaning any device sharing their internet connection remotely.

Also in all reality they could just start capturing simple packet traces from said equipment and cross reference MAC address's to determine what types of devices. Will they do this, doubt it.

Most often they send these letters to see if they can scare the majority of users to stop, if they don't, well consider the warning. As usual in life, the majority ruins it for the minority.

Bridge is the best way as all traffic passes with the last devices MAC address.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.