Page 2 of 3 FirstFirst 123 LastLast
Results 17 to 32 of 47

Thread: GRRRR Some one downloading on my WEP connection

  1. #17
    mush-mushroom b0redom's Avatar
    Join Date
    Oct 2005
    Location
    Middlesex
    Posts
    3,510
    Thanks
    201
    Thanked
    388 times in 294 posts
    • b0redom's system
      • Motherboard:
      • Some iMac thingy
      • CPU:
      • 3.4Ghz Quad Core i7
      • Memory:
      • 24GB
      • Storage:
      • 3TB Fusion Drive
      • Graphics card(s):
      • nViidia GTX 680MX
      • PSU:
      • Some iMac thingy
      • Case:
      • Late 2012 pointlessly thin iMac enclosure
      • Operating System:
      • OSX 10.8 / Win 7 Pro
      • Monitor(s):
      • Dell 2713H
      • Internet:
      • Be+

    Re: GRRRR Some one downloading on my WEP connection

    Turn off DHCP, turn on MAC filtering, turn off SSID broadcast.

    I can't be bothered with setting up WEP and/or WPA, and I've found that this is the best compromise.

  2. #18
    Lovely chap dangel's Avatar
    Join Date
    Aug 2005
    Location
    Cambridge, UK
    Posts
    8,398
    Thanks
    412
    Thanked
    459 times in 334 posts
    • dangel's system
      • Motherboard:
      • See My Sig
      • CPU:
      • See My Sig
      • Memory:
      • See My Sig
      • Storage:
      • See My Sig
      • Graphics card(s):
      • See My Sig
      • PSU:
      • See My Sig
      • Case:
      • See My Sig
      • Operating System:
      • Windows 10
      • Monitor(s):
      • See My Sig
      • Internet:
      • 60mbit Sky LLU

    Re: GRRRR Some one downloading on my WEP connection

    One of my neighbours has a talktalk connection which has no encryption AT ALL.
    Shocking, but I'm guessing talktalk ship their routers like that.
    Crosshair VIII Hero (WIFI), 3900x, 32GB DDR4, Many SSDs, EVGA FTW3 3090, Ethoo 719


  3. #19
    The late but legendary peterb - Onward and Upward peterb's Avatar
    Join Date
    Aug 2005
    Location
    Looking down & checking on swearing
    Posts
    19,378
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts

    Re: GRRRR Some one downloading on my WEP connection

    I trust you have now changed the WEP key/gone to WPA???
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  4. #20
    Jay
    Jay is offline
    Gentlemen.. we're history Jay's Avatar
    Join Date
    Aug 2006
    Location
    Jita
    Posts
    8,365
    Thanks
    304
    Thanked
    568 times in 409 posts

    Re: GRRRR Some one downloading on my WEP connection

    I have changed the WEP key to a nighmare 26 upper and lower case key, hidden the SSD, mac filtering and removed DHCP.

    What is the best WRT firmware to create a captive portal?

    Legally, where do I stand if this guy has torrent the hell out of my connection for the last 6+ months?
    □ΞVΞ□

  5. #21
    Member
    Join Date
    Oct 2005
    Posts
    114
    Thanks
    0
    Thanked
    2 times in 2 posts
    • siuron's system
      • Motherboard:
      • Gigabyte G31
      • CPU:
      • Intel Q6600 2.4@3.0Ghz
      • Memory:
      • Cosair XMS2 2x2GB
      • Storage:
      • 1x 500GB Seagate, 1x 300GB Maxtor
      • Graphics card(s):
      • Sapphire HD4870 512MB
      • PSU:
      • Hiper Type-M 530W
      • Case:
      • Antec NSK2480
      • Operating System:
      • Vista Ultimate 32bit
      • Monitor(s):
      • Dell 20" TFT
      • Internet:
      • 6MB download / 1MB upload

    Re: GRRRR Some one downloading on my WEP connection

    best way to protect your wireless connection (not to coporate levels)

    no matter how many characters u using for WEP, its too easily crackable.

    1) WPA(atleast) some do have WPA2.
    2) change the default password (username too if possible) for your router (as its pointless what u configured can be disabled if they can get in the router)
    3) disable DHCP or limit the IP range and assign static ip(both router+pc)
    4) possibly hide the SSID if u wish (so no one can see your router)
    5) and MAC address if u wish.

  6. #22
    The late but legendary peterb - Onward and Upward peterb's Avatar
    Join Date
    Aug 2005
    Location
    Looking down & checking on swearing
    Posts
    19,378
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts

    Re: GRRRR Some one downloading on my WEP connection

    Quote Originally Posted by Jay View Post

    Legally, where do I stand if this guy has torrent the hell out of my connection for the last 6+ months?
    I suppose technically it is theft - but proving it would be difficult. If you have the logs and they show the MAC address of the connected computer, then you might have a case, but unless he has been downloading copyright or illegal material, I don't know how much interest the police would have. The High Tech crime units are pretty busy investigating major crimes. It might be worth reporting it though just in case you get into the scenario below.

    Where do you stand if he HAS been downloading illegal stuff stuff? (Terrorism, child pornography and the like) I would think that you are liable for use made of your connection - however the crime is possession, so while you have a reasonable explanation of what and how it happened (again backed up by logs), following seizure and assumoing that the subsequent forensic examination of your computer revealed nothing untoward, you would probably be OK.

    You should note that even if the SSID is cloaked, it is a trivial exercise (using the appropriate packages) to get the AP to transmit the SSID. Linking IP address to MAC address is worthwhile though, because although MAC addresses can be spoofed, the spoofer still needs a valid MAC address on youur system linked to the IP address. MAC adresses are 48 bits long spo there are 2^48 combinations for a spoofer to try. (Actually less than that because the initial bits are linked to a mfr ID). But whatever yiou measures yiou take, you want to make it more worthwhile for a cracker to find an easier target than to spend time cracking yours. (The only exception might be in A University Hall with Computer Science students who relish the challenge...or you are being specifically targeted - but an oportunist is more likely to give up and find an easier target.)

    The most secure ways of using wirelerss is to set up a radious server and have a frequently changing key, or set up a VPN tunnel over the link between the remote connecting machine and the rest of the network. If you use wpa, you should still change the keys on a regular basis.

    If you cannot use WPA because some of the clients don't support it) and you have to use WEP, then yoiu should use the longest key available, and again change it regularly - how often depends on the level of traffic - it is being used heavily, daily changing would be appropriate - but if you have a lot of clients, that is a nightmare without some sort of key server.

    Finally, do check the configuration carefully - some APs allow unsecured connections even though WEP or WPA is enabled. The theory being that WEP encrypts the link to protect against eavesdropping - it is not an authentication mechanism and so clients may be permitted to connect in clear and only use encryption at their option.
    Last edited by peterb; 13-03-2008 at 11:50 AM.
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  7. #23
    Registered+
    Join Date
    Feb 2008
    Posts
    57
    Thanks
    0
    Thanked
    5 times in 5 posts

    Re: GRRRR Some one downloading on my WEP connection

    Please don't be under any impression that hiding the SSID is a good idea.If the SSID is being broadcast in a beacon the client sees the SSID and knows that's the access point it needs to connect to and starts the connection. If the SSID isn't being broadcast then the client just sees a beacon without an SSID in it. It then has to probe the access point saying are you the access point for network X. An attacker could be listening for these and then just reply yes and try to initiate a connection - if succesful it's performing a man in the middle attack and all the client's traffic will be passing through the attacker.

  8. #24
    HEXUS.timelord. Zak33's Avatar
    Join Date
    Jul 2003
    Location
    I'm a Jessie
    Posts
    35,185
    Thanks
    3,126
    Thanked
    3,179 times in 1,926 posts
    • Zak33's system
      • Storage:
      • Kingston HyperX SSD, Hitachi 1Tb
      • Graphics card(s):
      • Nvidia 1050
      • PSU:
      • Coolermaster 800w
      • Case:
      • Silverstone Fortress FT01
      • Operating System:
      • Win10
      • Internet:
      • Zen FTC uber speedy

    Re: GRRRR Some one downloading on my WEP connection

    turn off Wireless for a few weeks? Use a Cat5 cable

    Quote Originally Posted by Advice Trinity by Knoxville
    "The second you aren't paying attention to the tool you're using, it will take your fingers from you. It does not know sympathy." |
    "If you don't gaffer it, it will gaffer you" | "Belt and braces"

  9. #25
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,665
    Thanks
    53
    Thanked
    384 times in 313 posts

    Re: GRRRR Some one downloading on my WEP connection

    MAC addresses can be spoofed, the spoofer still needs a valid MAC address on youur system linked to the IP address.
    If you have clients using the connection , then finding a valid MAC isn't rocket science
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  10. #26
    Vampire
    Join Date
    Jul 2003
    Location
    London
    Posts
    1,705
    Thanks
    2
    Thanked
    11 times in 11 posts

    Re: GRRRR Some one downloading on my WEP connection

    Quote Originally Posted by peterb View Post
    I would think that you are liable for use made of your connection
    Thats a German law not proven in UK courts - if some of the torrent news sites are to be believed. I am quite I saw it somewhere else too.

    In the UK you do not need to supervise other adults using your internet connection. The law here becomes very murky with regard to shared computers and liability. But it should still be the person who performed the act, not the owner of the computer or the owner of the internet connection who is responsible.

    I dont think the its an IP address and might not have been mine defence has been tested in UK waters either.
    All Hail the AACS : 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

  11. #27
    Senior Member
    Join Date
    Jul 2003
    Posts
    12,181
    Thanks
    910
    Thanked
    598 times in 419 posts

    Re: GRRRR Some one downloading on my WEP connection

    What kinda stuff could this guy use to hack into your network, I've got 2 AP's at home (well one here at mine n one next door for mum n dad) and I've always wondered just how secure it is...
    I suppose if someone wants to get in then theres not a massive amount to stop them..

    WEP 128bit.
    Mac Filtering
    No DHCP

  12. #28
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,665
    Thanks
    53
    Thanked
    384 times in 313 posts

    Re: GRRRR Some one downloading on my WEP connection

    Now that would be telling

    sadly 128 bit WEp can be cracked , it just takes a little longer to collect the packets , but you do need to be able to sniff active connections. WPA is still crackable , but harder.

    in an ideal world , the wireless segment of a network should be seperate from the private network , but thats unlikly to happen in domestic scenarios.
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  13. #29
    The late but legendary peterb - Onward and Upward peterb's Avatar
    Join Date
    Aug 2005
    Location
    Looking down & checking on swearing
    Posts
    19,378
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts

    Re: GRRRR Some one downloading on my WEP connection

    Quote Originally Posted by Sinizter View Post
    Thats a German law not proven in UK courts - if some of the torrent news sites are to be believed. I am quite I saw it somewhere else too.

    In the UK you do not need to supervise other adults using your internet connection. The law here becomes very murky with regard to shared computers and liability. But it should still be the person who performed the act, not the owner of the computer or the owner of the internet connection who is responsible.

    I dont think the its an IP address and might not have been mine defence has been tested in UK waters either.
    You may well be right (I'm not a lawyer) but if illegal activity is traced to an IP address, it is a short step to obtain a court order to get the owner or user of the IP address at the time the illegal activity took placed, and the next action will be to seize the computer(s) of the person involved and the registered user of that IP address. In the case of illegal images, the offence is posession and viewing, so the search will be to determine what is on the machines and what the machines have been used to access. You may be innocent, but by that time that has been established, you will probably have been arrested, DNA sampled, and suffered massive inconvenience, to say nothing of the potential damage to your reputation.

    Quote Originally Posted by Moby-Dick View Post
    Now that would be telling

    sadly 128 bit WEp can be cracked , it just takes a little longer to collect the packets , but you do need to be able to sniff active connections. WPA is still crackable , but harder.

    in an ideal world , the wireless segment of a network should be seperate from the private network , but thats unlikly to happen in domestic scenarios.
    The Draytek 2800 does allow that - a wireless user can be configured so they don't have access to the LAN - but that is of course no help in the above scenario where the hacker is accessing the internet.

    WEP and similar encryption techniques are primarily a privacy tool to protect the link from eavesdropping. not an authentication mechanism to validate a particular user.
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

  14. #30
    Jay
    Jay is offline
    Gentlemen.. we're history Jay's Avatar
    Join Date
    Aug 2006
    Location
    Jita
    Posts
    8,365
    Thanks
    304
    Thanked
    568 times in 409 posts

    Re: GRRRR Some one downloading on my WEP connection

    Well there is no proof he used it for anything other than browsing and I don't want this to get blown out of proportion. I will change the key every week fom now on and also keep an eye on the router to see what its up to.

    thanks for you help on this one.
    □ΞVΞ□

  15. #31
    Administrator Moby-Dick's Avatar
    Join Date
    Jul 2003
    Location
    There's no place like ::1 (IPv6 version)
    Posts
    10,665
    Thanks
    53
    Thanked
    384 times in 313 posts

    Re: GRRRR Some one downloading on my WEP connection

    WEP and similar encryption techniques are primarily a privacy tool to protect the link from eavesdropping. not an authentication mechanism to validate a particular user.
    Very true - and thats a handy thing with the draytek - I think the buffalo kit used to do that too. Will the draytek support something like RADIUS based authentication ?
    my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net

  16. #32
    The late but legendary peterb - Onward and Upward peterb's Avatar
    Join Date
    Aug 2005
    Location
    Looking down & checking on swearing
    Posts
    19,378
    Thanks
    2,892
    Thanked
    3,403 times in 2,693 posts

    Re: GRRRR Some one downloading on my WEP connection

    Quote Originally Posted by Jay View Post
    Well there is no proof he used it for anything other than browsing and I don't want this to get blown out of proportion. I will change the key every week fom now on and also keep an eye on the router to see what its up to.

    thanks for you help on this one.
    Indded not - and as with most security questions - it comes down to risk assessment. However I mentioned the Radius server solution earlier - one that I have never implemented or considered in depth myself, but this thread has got me thinking about it again.

    As a start, you might find this link interesting - the content is rolling off my printer as I type, so I haven't given it any more than a cursory look.

    However the solution suggested is open source... And also note that this specifically addresses the user authentication aspects of the wireless link, rather than the encryption/privacy aspects.

    Installing and Operating a RADIUS Server

    It also appears to be a 'work in progress' but is still a useful starting point.
    Last edited by peterb; 14-03-2008 at 12:00 PM.
    (\__/)
    (='.'=)
    (")_(")

    Been helped or just 'Like' a post? Use the Thanks button!
    My broadband speed - 750 Meganibbles/minute

Page 2 of 3 FirstFirst 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Sharing a mac's internet connection with windows PCs
    By Mike Fishcake in forum Networking and Broadband
    Replies: 5
    Last Post: 17-11-2006, 07:22 PM
  2. Argh! Internet connection not working
    By subucni in forum Help! Quick Relief From Tech Headaches
    Replies: 7
    Last Post: 30-11-2005, 08:13 AM
  3. AOL platinum connection and wireless connection sharing.
    By Fatboy in forum Networking and Broadband
    Replies: 1
    Last Post: 20-12-2004, 05:10 PM
  4. Connection Speed with Router
    By ajbrun in forum Networking and Broadband
    Replies: 3
    Last Post: 26-09-2004, 09:49 PM
  5. Connection Keeps Dropping
    By grand_witch in forum Networking and Broadband
    Replies: 6
    Last Post: 30-10-2003, 09:19 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •