Unauthorized comp. on my wireless network

[tracydani]

I was nosing around my wireless card program yesterday to check the connection quality because speeds seemed a little slow. When I got in and looked at the networks page I noticed there were 2 listed, myself and someone else.

I have also set the router up and protected it with a password as well as set up the basic wep64 encryption on the router and card.

How is it that someone else was able to connect to my network?

After seeing this, I changed the encryption level to wep128 and have not seen this person again. I am not sure how long they were their but it seems kinda strange that someone around here was able to get onto my network without actively trying. And if that is the case, what else should I do to prevent this in the future?

TD

[lightshow]

What kind of living setup do you have?

Are you in a personal home, in an apartment building, or somewhere else?

[3RA1N1AC]

And if that is the case, what else should I do to prevent this in the future?

set up your computer's LAN IP address manually, rather than obtaining it automatically from the router. then, in the router's configuration page set it to only accept connections from your computer's MAC ID (a unique number associated with the wireless adapter) and LAN IP. someone who breaks your WEP encryption should still not be able to log on to your router, if you take these steps to specify which computers are allowed.

be careful to get all of the numbers correct, so that you don't accidentally lock yourself out of your own wireless network. if you do lock yourself out and don't know how to solve it, you'll need to plug your computer into the router with an ethernet cable in order to remove the MAC ID or LAN IP restrictions you've set.

and well, if they were able to get past 64-bit WEP encryption, i doubt it was accidental. they would have done it on purpose, and it just shows how weak a 64-bit encryption scheme is. definitely stick with the 128-bit WEP.

[hungrylilboy]

..

[tracydani]

@ lightshow

I am living in a house and each house is probably at least 75-100ft away. I thought it was pretty good that this person had a 39% connection while I had at the time a 92% only 15 ft away

@ 3RA1N1AC

Thanks, I will do that. I was looking into that last night (allowing only my MAC to connect) but it was late and after changing the encryption he was gone so I left it alone. I need to read a bit before starting this. Will I be able to do this with other items I add to the network (ie. the dlink video reciever I am getting)? I assume they will each have there own MAC?

Also, I had thought of recording the MAC address of the person, but did not think of it till after I knocked them off. If This person is back before I am properly set up is there something I can do with that info?

@ hungrylilboy

How did you make them pay? Anything easy an idiot can do?

[3RA1N1AC]

Will I be able to do this with other items I add to the network (ie. the dlink video reciever I am getting)? I assume they will each have there own MAC?

yes. every device which is able to connect to an ethernet network or 802.11-whatever wireless network should have a unique MAC address. i'm not sure whether it'll be listed in the onscreen setup or on the back of the machine, or what, but it will definitely be displayed somewhere.

as for whether you can write somebody's MAC address down and use it as proof of anything, i'd have to say... no, not really. pretty much any & all digital information can be forged/counterfeited, and there's prolly no records kept of who bought which machine containing a specific MAC address anyway. unless you're certain they've somehow had access to your PC and stolen or damaged any of your personal info, i don't know how you could go about filing a police complaint or anything of that sort. best to just make sure they can't take advantage of your internet connection anymore, imho.

[hungrylilboy]

..

[3RA1N1AC]

yeah that could work. i doubt it's actually worth bothering the police with it, but it couldn't hurt to tell the person who's done it "i'm gonna call the police!"

[tracydani]

Thanks again guys... I was sick the last couple of days and didn't get all this taken care of.

I did however change my network name and stopped my ssid from being broadcast. That seams to have nipped it in the bud for the time being as before I did this the person showed up again even with the 128 encryption. So much for feeling secure lol .

I am new to this area and do not know who it could be so will just live with the fact they are no longer able to get in.

Thanks again

[ilw]

if the person is cracking the wep encryption then hiding ssid and mac filtering does next to nothing because these are easy to get around. If you want to get rid of them switch to WPA encryption, choose a longass non dictionary based password and periodically change it. WEP is flawed, WPA is better, but is vulnerable to brute force cracking (ie trying every possible password) so the longer the pass (and the more random) the harder to crack. Also make sure your router password is good.