How To Check If Someone Is Stealing Your WiFi & What You Can Do About It

wifi   How To Check If Someone Is Stealing Your WiFi & What You Can Do About ItWiFi running a bit slow lately? If your router is still using old security methods such as WEP, then there’s a very real possibility that someone has hacked in to steal your WiFi. In my article on Cool WiFi Devices You’ve Probably Never Heard Of, I showed you a $100 commercially available router that would automatically hack your WEP-protected WiFi network in less than half an hour. Apart from the obvious fact that your internet will be slower, the hacker might be using your internet to do nefarious evil things – all of which could easily be traced back to you. So how you can find out if someone is using your WiFi, and perhaps more importantly – what exactly can you do about it?

Check the devices associated with your router

This method is 100% guaranteed to see any devices registered on your network, but not every router contains this valuable info. Log in to your router by typing it’s IP address directly into the browser address bar. In most setups, either http://192.168.0.1 or http://192.168.1.1 should work, or it may be written on the router itself, along with the username and password you need to log in with. If you can’t find a password anywhere, and don’t remember changing it, then check the database of default passwords here, or phone your ISP (assuming they gave you the device).

Once logged in, look around a section called Attached Devices or Device List. On DD-WRT flashed routers, this is under the Status -> Wireless screen. You will find a list of all the IP addresses currently being used.

ddwrt status   How To Check If Someone Is Stealing Your WiFi & What You Can Do About It

On my standard Virgin Media router, I found a list under the IP filtering section.

device list   How To Check If Someone Is Stealing Your WiFi & What You Can Do About It

Of course, not all your devices will have helpful names, so you’ll need to figure out the IP address of each computer and WiFi device you own in order to cross-check them against the list. I covered how to find your IP address a few days ago when I showed you how to control your torrent client from your mobile. Don’t forget that an iPhone or Android phone will also have it’s own IP address if it’s using your WiFi, so you’ll need to account for those too.

Track Them Down Physically

This may be taking it a little far, but running the MoocherHunter live CD tracking suite will enable you physically hunt them down by triangulating network signals. Scary stuff, indeed. You’ll a directional antenna for this to work best.

What to do about it

Basic Security – Stop using WEP

Any router purchased in the last 5 years or so should be able to support a more secure authentication protocol, so log in to your router again and find the Wireless Settings screen.

Change the security options to either WPA or WPA2. WPA2 is more secure, but I find it’s incompatible with some of the devices on my network so I chose the option that allows for both. Don’t choose the Enterprise option as it is designed for companies with authentication servers. When choosing your password, make sure it is at least 15 characters long, includes upper and lower case letters, numbers, and punctuation.

wifi settings   How To Check If Someone Is Stealing Your WiFi & What You Can Do About It

There are some other methods that people will typically advise you to take, but put simply – they don’t work:

Hiding your SSID: You can hide your network name so it won’t be seen, but freely available hacking tools such as Backtrack will reveal them instantly.

IP filtering: This blocks out a specific IP, but changing IP is as simple as refreshing the connection.

MAC filtering: More secure since it blocks a device via the unique hardware address that is given out when it’s manufactured, but again, anyone trying to steal your WiFi can easily “spoof” their MAC address.

Funny – Turn their internet upside down

For anyone with a spare PC or who doesn’t mind messing with the command line, you could create an open WiFi network specifically for these freeloaders, and run everything through a Linux proxy. The proxy can setup to cut directly into their internet stream, and one interesting outcome is that you can turn all their images upside down.

upside down   How To Check If Someone Is Stealing Your WiFi & What You Can Do About It

Profit – Run a paid WiFi portal

If you install the open source DD-WRT, you can run a paid WiFi Hotspot portal. Set your own rates, never worry about payment processing (they handle everything), then just collect your check if someone has used your hotspot – you’ll get 75% of the money paid. Remember, you’ll need to live in a big city for this to be viable with lots of potential customers. I’ll look at this option more at a later date to show you exactly how you can set one up if you’re interested.

wifi hotspot   How To Check If Someone Is Stealing Your WiFi & What You Can Do About It

Conclusion:

So your WiFi is feeling a little sluggish? The truth is that someone probably isn’t stealing your WiFi. More likely your computer is running slowly, or your router needs rebooting. You could also try boosting the WiFi signal.

Oh, and let us know in the comments if you’ve found people stealing your WiFi before, or have any amusing WiFi stories to tell.

Image Credit: ShutterStock

The comments were closed because the article is more than 180 days old.

If you have any questions related to what's mentioned in the article or need help with any computer issue, ask it on MakeUseOf Answers—We and our community will be more than happy to help.

25 Comments -

0 votes

Ghostface Killah

kool

0 votes

Jack Cola

I wrote a similar article back in decemeber on how to check if someone is stealing your internet. http://www.jackcola.org/blog/1

Also, check out http://www.tomizone.com/ if you want to offer paid and free wifi access to people.

0 votes

Jack Cola

I wrote a similar article back in decemeber on how to check if someone is stealing your internet. http://www.jackcola.org/blog/111-how-to-check-if-someone-is-stealing-your-internet

Also, check out http://www.tomizone.com/ if you want to offer paid and free wifi access to people.

0 votes

James Bruce

Thanks jack. I notice you covered how to check in windows workgroups, which i had to cut due to the article getting too long. It’s even easier on osx, as you don’t have to go searching and they just appear on the sidebar.

For readers: tomizone is an easy customized router firmware, but it involves taking over the whole router with their custom firmware. Limited compatibility, but great option for small businesses who don’t want to mess around with the additional features offered by dd-wrt – it’s also completely free with no monthly service fees, and you get 50% of all profit…

Personally, i need my router for other functionality too, so i’ll be adding the functionality onto dd-wrt rather than replacing it. The report will be out next week along with a tutorial.

0 votes

Paulo Calisto

Great help and waiting for your better review in hotspotsystem.com

0 votes

Paulo Calisto

Great help and waiting for your better review in hotspotsystem.com

0 votes

Antriksh Yadav

Profit? Didn’t see that one coming!

0 votes

James Bruce

Thanks jack. I notice you covered how to check in windows workgroups, which i had to cut due to the article getting too long. It’s even easier on osx, as you don’t have to go searching and they just appear on the sidebar.

For readers: tomizone is an easy customized router firmware, but it involves taking over the whole router with their custom firmware. Limited compatibility, but great option for small businesses who don’t want to mess around with the additional features offered by dd-wrt – it’s also completely free with no monthly service fees, and you get 50% of all profit…

Personally, i need my router for other functionality too, so i’ll be adding the functionality onto dd-wrt rather than replacing it. The report will be out next week along with a tutorial.

0 votes

Gorva

I used to run a MonoWall on my home network. That way, my roommate and I had all network privileges, but the network was password-free. When somebody connected to my WiFi, they’d be granted connection… at 64kbps. That bandwidth doesn’t allow you to download torrents effectively, but can help you in an emergency, or if you need to check out on something online.

0 votes

James Bruce

Good idea. I think I used the original MonoWall about 10 years ago to serve the internet in my university shared house network I set up, but it was called SmoothWall back then and wifi didnt exist…

0 votes

Sorcix

Watch out with unsecured networks, though. It allows others to connect to your network, but it also means that your packets are sent over the air unsecured. It’s pretty easy to hijack your facebook session while you’re using an unsecured network. This applies to any other site too, as long as you’re not visiting it using SSL. In that case, it has additional encryption.

0 votes

Michael

I live in a relatively small community (San Carlos, CA), and today’s routers’ coverages pretty much guarantee that all your neighbors will be in range of your connection (and vise versa). Most don’t bother configuring their routers beyond the default plug-in-and-connect “NETGEAR” SSID. It’s comical to see an expression on your neighbors face when you walk up to him and as “How’s your new NETGEAR RangeMax working out for you?”.

0 votes

mmseng1

Uhm… wouldn’t reselling your internet connection most likely be a breach of your ISP contract?

0 votes

James Bruce

Good point. I suspect it varies by provider, but yes there are probably some cases like that.

0 votes

James Bruce

LOL. Risky business though, let me turn that around:

Some time ago I got a new router and decided to set up a wifi honeypot for anyone bold enough to try and use my bandwidth. I leave it unprotected and unpassworded, with a single test machine and FireSheep running in the background. Not many people use it, but sometimes someone will log on to facebook and twitter and then I have their passwords waiting for me when I wake up in the morning!

(Note, some devices will automatically hop on to any available and open wifi networks when in range, which is why this works)

Be careful!

0 votes

Cmrh

Some time ago I noticed that a new network appeared in my building. It’s called ‘NETGEAR’ (who would have thought it?). Curious to know whether it was protected, I clicked on it, and lo and behold, I could connect. Not wanting to pinch my neighbor’s bandwidth, I went back to my own. Recently, though, I’ve taken to switching off my modem & router at night. And if – as often happens – I forget to switch them on in the morning, I find myself using the other guy’s WiFi. Sorry, neighbor! (But you really should protect it, you know!)

0 votes

James Bruce

LOL. Risky business though, let me turn that around:

Some time ago I got a new router and decided to set up a wifi honeypot for anyone bold enough to try and use my bandwidth. I leave it unprotected and unpassworded, with a single test machine and FireSheep running in the background. Not many people use it, but sometimes someone will log on to facebook and twitter and then I have their passwords waiting for me when I wake up in the morning!

(Note, some devices will automatically hop on to any available and open wifi networks when in range, which is why this works)

Be careful!

0 votes

Cmrh

Knowing my neighbors, I think it unlikely that anyone would be setting a trap. Anyway, I was planning to ask around or put a notice on the notice board to suggest the owner put a password on their router.

0 votes

Cmrh

I use MAC-address restriction on my router, as I have such a variety of devices (a couple of old iBooks, a MacBook, iMac, XP-laptop, internet radio, iPhone…), it’s the only possible way I’ve found to protect. If anyone has any better suggestions, I’m open!

0 votes

Rogerbertrandsavoie

Well I just tried it and in my case it takes me to localhost showing IIS … how do I get around that?
Roger

0 votes

Rogerbertrandsavoie

Well I just tried it and in my case it takes me to localhost showing IIS … how do I get around that?
Roger

0 votes

James Bruce

That’s a little weird – are you running a windows server somewhere? What router do you use?

0 votes

Jerrod Soldier

About MAC filtering spoofing. Wouldn’t they have to know what MAC would work in order to spoof it?

0 votes

James Bruce

If you were MAC filtering, then sure. But anyone with wireless mode in promiscuous mode would be able to pick up those details as soon as you connected one, regardless of whether they were authenticated or not (they can just pull that from the air)…

If you used MAC blocking, they could simply keep changing their MAC as you blocked each one.

So neither is particularly effective.

Ultimately, the only effective method is to use a long, random password with WPA2 protection.

0 votes

James Bruce

If you were MAC filtering, then sure. But anyone with wireless mode in promiscuous mode would be able to pick up those details as soon as you connected one, regardless of whether they were authenticated or not (they can just pull that from the air)…

If you used MAC blocking, they could simply keep changing their MAC as you blocked each one.

So neither is particularly effective.

Ultimately, the only effective method is to use a long, random password with WPA2 protection.