Comments on: How To Check If Someone Is Stealing Your WiFi & What You Can Do About It

By: Sorcix

Sorcix — Sun, 20 Feb 2011 17:43:00 +0000

Watch out with unsecured networks, though. It allows others to connect to your network, but it also means that your packets are sent over the air unsecured. It’s pretty easy to hijack your facebook session while you’re using an unsecured network. This applies to any other site too, as long as you’re not visiting it using SSL. In that case, it has additional encryption.

By: James Bruce

James Bruce — Thu, 17 Feb 2011 07:38:00 +0000

If you used MAC blocking, they could simply keep changing their MAC as you blocked each one.

So neither is particularly effective.

Ultimately, the only effective method is to use a long, random password with WPA2 protection.

By: James Bruce

James Bruce — Thu, 17 Feb 2011 06:38:00 +0000

If you were MAC filtering, then sure. But anyone with wireless mode in promiscuous mode would be able to pick up those details as soon as you connected one, regardless of whether they were authenticated or not (they can just pull that from the air)...

If you used MAC blocking, they could simply keep changing their MAC as you blocked each one.

So neither is particularly effective.

Ultimately, the only effective method is to use a long, random password with WPA2 protection.

By: Jerrod Soldier

Jerrod Soldier — Wed, 16 Feb 2011 23:47:00 +0000

About MAC filtering spoofing. Wouldn’t they have to know what MAC would work in order to spoof it?

By: James Bruce

James Bruce — Wed, 16 Feb 2011 22:13:00 +0000

That’s a little weird – are you running a windows server somewhere? What router do you use?

By: Rogerbertrandsavoie

Rogerbertrandsavoie — Wed, 16 Feb 2011 22:10:00 +0000

Well I just tried it and in my case it takes me to localhost showing IIS … how do I get around that?
Roger

By: Rogerbertrandsavoie

Rogerbertrandsavoie — Wed, 16 Feb 2011 21:10:34 +0000

Well I just tried it and in my case it takes me to localhost showing IIS … how do I get around that?
Roger

By: Cmrh

Cmrh — Wed, 16 Feb 2011 13:59:00 +0000

I use MAC-address restriction on my router, as I have such a variety of devices (a couple of old iBooks, a MacBook, iMac, XP-laptop, internet radio, iPhone…), it’s the only possible way I’ve found to protect. If anyone has any better suggestions, I’m open!

By: Cmrh

Cmrh — Wed, 16 Feb 2011 13:53:00 +0000

Knowing my neighbors, I think it unlikely that anyone would be setting a trap. Anyway, I was planning to ask around or put a notice on the notice board to suggest the owner put a password on their router.

By: James Bruce

James Bruce — Wed, 16 Feb 2011 13:37:00 +0000

LOL. Risky business though, let me turn that around:

Some time ago I got a new router and decided to set up a wifi honeypot for anyone bold enough to try and use my bandwidth. I leave it unprotected and unpassworded, with a single test machine and FireSheep running in the background. Not many people use it, but sometimes someone will log on to facebook and twitter and then I have their passwords waiting for me when I wake up in the morning!

(Note, some devices will automatically hop on to any available and open wifi networks when in range, which is why this works)

Be careful!

By: Cmrh

Cmrh — Wed, 16 Feb 2011 13:33:00 +0000

Some time ago I noticed that a new network appeared in my building. It’s called ‘NETGEAR’ (who would have thought it?). Curious to know whether it was protected, I clicked on it, and lo and behold, I could connect. Not wanting to pinch my neighbor’s bandwidth, I went back to my own. Recently, though, I’ve taken to switching off my modem & router at night. And if – as often happens – I forget to switch them on in the morning, I find myself using the other guy’s WiFi. Sorry, neighbor! (But you really should protect it, you know!)

By: James Bruce

James Bruce — Wed, 16 Feb 2011 12:37:57 +0000

LOL. Risky business though, let me turn that around:

Some time ago I got a new router and decided to set up a wifi honeypot for anyone bold enough to try and use my bandwidth. I leave it unprotected and unpassworded, with a single test machine and FireSheep running in the background. Not many people use it, but sometimes someone will log on to facebook and twitter and then I have their passwords waiting for me when I wake up in the morning!

(Note, some devices will automatically hop on to any available and open wifi networks when in range, which is why this works)

Be careful!

By: James Bruce

James Bruce — Wed, 16 Feb 2011 07:54:00 +0000

Good point. I suspect it varies by provider, but yes there are probably some cases like that.

By: mmseng1

mmseng1 — Wed, 16 Feb 2011 07:20:00 +0000

Uhm… wouldn’t reselling your internet connection most likely be a breach of your ISP contract?

By: James Bruce

James Bruce — Tue, 15 Feb 2011 10:34:00 +0000

Good idea. I think I used the original MonoWall about 10 years ago to serve the internet in my university shared house network I set up, but it was called SmoothWall back then and wifi didnt exist…