Safe Speed Forums

Looks like I need to check out our home wireless network security and set it as high as possible ,so any help welcome from those in the know.
Last night mrs B decided to play on the laptop .I'd had some problems getting the router and the wifi to keep talking ,eventually sorted that out with no security ,tried various security settings and in the end settled for WEP with one of the suggested security keys .That seemed to work OK,then tried without avail to get WPA to stay working .Last night she complained that although the laptop said she was connected -FF said not .Turned out that it was connected/locked to another network ,also set to WEP etc.Also noted that another IP address ( mine =192.168.2.2,hers 2.3) something like 2.4 was showing up on the client list .reset router ,and restricted router MAC address filtering to our two IP addresses. Scanned network from laptop to find that the other network had now reverted to WPA/WPA2 FSK .
Have now got security up and seemingly solid on WPA2-FSK with AES, using a strong passkey,with MAC address filtering and limiting admin to one PC only.Apart from ping blocking/ESSID Broadcast disable ( network name not shown) -anything else I can do to stop access ,and knowing the network name ,anyway of finding out the culprits/ their supplied IP/supplier) .Got a rough idea - walked the laptop round the house using the WiFi strength like DF - definately stronger signal at front in one corner .( Short of taking out in street and giving game away -about as far as it goes).

_________________
lets bring sanity back to speed limits.
Drivers are like donkeys -they respond best to a carrot, not a stick .Road safety experts are like Asses - best kept covered up ,or sat on

If you've got any security on (even WEP) then MAC filtering is pointless. If someone can break WEP then they already have your MAC which can easily be spoofed. Likewise anything which restricts access to certain IP addresses.

Hiding your SSID is no security and may even cause you problems. It only stops people accidentally using your network, (which WPA2 will do anyway). If I'm coming looking for a network to break into then your SSID isn't hidden from me even if you think it is.

Change your SSID from the default, that way you know you are connecting to your network and not next door's who happen to have bought the same model router.

Change the admin password, and if possible the admin user, use a strong password, not your house, cat, dog name (or car reg), preferably a random mix of letters and numbers.

WPA is stronger than WEP. If someone is doing mac address spoofing then as homer says it's game over. Best way to stop someone else doing admin on your router is to make sure you can only access it from a wired access point ie plug the cable into the router itself. This should stop most casual attacks and some quite determined ones. Also turn on any logging to see whether there are more than 2 ip addresses being given out. I'd also set your two machines to reserve ip addresses and set it so that only 2 are given out altogether eg range would be 192.168.1.2- 192.168.1.3 if you're both always on then there won't be a spare ip for outsider to use and if either machine goes off you know they've managed to spoof a mac address and get on. Also update the firmware on the router to the latest version.

Most likely explanation is that it is a neighbour connecting to yours by mistake if the SSID is the default one and they have the same router make as you. My neighbour's signal is quite strong and if neither of us had set a new SSID and had no passwords the same would happen here.

Advice as above is probably about the most you can practically do without the whole thing becoming a pain. I once discovered a neighbours wireless network and was able to connect to it and get into the router admin as no password had been set ... no I didn't do anything horrid, and did let the neighbours either side know they might have a problem.


Thing to remember is that nothing connected to the internet can be considered 100% secure, don't store stuff that you really don't want anybody to get at ever ... credit card details, very personal information etc. .. and if you have valuable work/documents the you can't afford to share/lose, never store them on anything connected to the internet.

_________________
You only need two tools - WD40 and duct tape. If it doesn't move and it should, use WD40. If it moves and it shouldn't, use duct tape. :0)

Thanks Guys - network is secured to only my ip being allowed to be admin . I've changed ssid from default to another . I've got only named SSID allowed to access ,and admin password is considered as "strong " .Security is now WPA2-PSK , WITH PASSWORD AS BEFORE "STRONG"
Strange now that those trying to get in ,have given up . (or at least .I hope they have ).
BTW -I consider that only SAFE connection between computers is a pair of wires =CAT 5 .
Edit -Teabelly -i'd have tought that it was accident ,if just after I pulled plug their security was still WEP -minute i got back on line it was changed to WPA/WPA2 -PSK .
SO NOW -,I'd like to nail them and have a go at theit IP ,got suspicion as done a sort of WIFI trace using signal strength etc .
Now on second theme - got the infiltrating network name . How do I translate that to an addr - I'd like to give them a FRIGHT. Or how do I go about findong out ISP and getting some action .

_________________
lets bring sanity back to speed limits.
Drivers are like donkeys -they respond best to a carrot, not a stick .Road safety experts are like Asses - best kept covered up ,or sat on

Uhh, if someone is trying to break into your wireless network then they don't have an ISP for you to go complaining to. As soon as they actually get into your network then their ISP is your ISP and all the come back for anything they do (fraudulent purchases, kiddy porn etc.) will be logged against your account.

You have done the right thing in renaming your network, setting up WPA2 and using strong passwords all around. If it really was someone trying to break in (a practice usually called "wardriving") then they'll be long gone, either onto your neighbours wireless or to a different street and someone else's unsecured access point. You wont be tracking them down.

The alternative is that while your network was unsecured a neighbour was accidentially connecting to yours instead of their own. This is easilly done and since Windows will remember sucessful connections and automatically connect if it's in range, the effect would be that they seem to keep coming back for another go. There isn't much point in trying to "nail" these people or give them a fright. They're probably on their way back to PC world right now with their router back in it's box, complaining that it's suddenly stopped working.

I've disabled all the wireless on my router and use Cat 5 hardwiring. This works.

_________________
Malcolm W.
The views expressed in this post are personal opinions and do not represent the views of Safespeed.

Only problem with that is you end up looking like THIS

_________________
The Box said "Windows XP or better" ... So I installed Ubuntu

er... The fridge is nice...

_________________
Malcolm W.
The views expressed in this post are personal opinions and do not represent the views of Safespeed.

lol

It's handy.. (Beer)

I was on about wires everywhere.

_________________
The Box said "Windows XP or better" ... So I installed Ubuntu

Malcolm - that's my preferred solution - BUT - (and it's a big but,hence the capitols) - the laptop in question has no RJ45 port - it has a USB port and a modem port - so I'm forced to go wireless .Running cabling within the house would be no problem - I'd only have to replace the comms 8w with cat 5 -same diameter - but the laptop can't cope . Mind you -I know(have a good idea from triangulation using the laptop's recieve path where the problem is ) .

Hence the question - any way I can find his address/etc and possibly his network paths from his info on line .

_________________
lets bring sanity back to speed limits.
Drivers are like donkeys -they respond best to a carrot, not a stick .Road safety experts are like Asses - best kept covered up ,or sat on

Does your laptop have a PCMCIA slot? If so you could fit a network card like thishttp://www.maplin.co.uk/Module.aspx?ModuleNo=47111&C=SO&U=strat15

_________________
When I see an adult on a bicycle, I do not despair for the future of the human race. H.G. Wells
When I see a youth in a motor car I do d.c.brown

Set it to WPA2/AES ,disabled essid sending allowed only two users -self and laptop and set admin only from my PC, with a strong password on both wpa and admin logon .So far ,no more problems .
Thanks for solutions ,especially as I wasn't sure which method was the more secure .Not so sure that this was an inocent mishap -got a BT home hub showing at 80% ad a Sky one at 75% -with no problems -this one was at 25% on wpa first of all ,then changed to wep and when I pulled the plug and changed things around went back to wpa .I've run afull malwarebytes and Avast check on the laptop -no problems encountered .

_________________
lets bring sanity back to speed limits.
Drivers are like donkeys -they respond best to a carrot, not a stick .Road safety experts are like Asses - best kept covered up ,or sat on