Jump to content

Stopped someone from getting on your wifi?


fivealive
 Share

Recommended Posts

So, My cousin is staying with my sister next door, and she gave him the wifi info, which I didn't want so I Changed the SSID and password, and yet some how he was able to use his linux machine to get on anyway, NO idea what he did, Is there anything I can do to stop that. I have turned the wifi off for now because I don't WANT him using it.

 

 

Reason I don't want him on it, is because I found out he was on when My isp contacted me about movies being pirated on my network.

 

 

security mode is wpa/wpa2 and tik/aes encryption,

Link to post
Share on other sites

  • Replies 57
  • Created
  • Last Reply

Top Posters In This Topic

i can only suggest changing your wifi network name to something different and changing your password to something with more then 2 #'s and see if he gets on it and if he does then hes finding a way to get your password or using a wifi hack software( if there is some out there to use) and/or hacking your password or hes using some program to find it out..check your routers logs to see what they say cause i do when someone tries to get into my network without permission

Link to post
Share on other sites

I am pretty sure he's using tools to get in, as for checking these logs, it's not possible, these new Routers are horrible.

They are hitron something modems and the Web browser ui constantly locks up, to point it takes a factory reset to get back in.

Makes changing passwords or even the ssid a right pain. Even more so when they take 5 minutes to turn on.

Also didn't see anything listed as logs, nor do these routers actually list the devices connected to it.

Link to post
Share on other sites

fivealive:
 
Please go back and verify the facts.
 
If you changed the SSID and associated password and it is a 20 character strong password and you did not pass the information on to your sister than please revaluate what is going on.
 
For example if you did not provide the SSID and PWD to your sister, did you setup your sister's PC or other residential appliance/computer ?
 
Nir Sofer has a utility called WirelessKeyView that when executed on a PC that accesses WiFi networks, the program will enumerate the network's SSID and the associated password and display it in its GUI.

 

Example:

wirelesskeyview.gif 

 

NOTE: AV/AM software will flag many Nir Sofer's utilities as PUPs or hackTools not because they are malicious but because they have the propensity of being used maliciously.

Link to post
Share on other sites

I did not set up her computer at all, she was not given my info at all this time(not after I found out he was on it) , and he used a utility in his computer to get in, no idea what it was, and it turns out that wps was turned on, even though I set it to off(the modem had locked up when I was trying to turn the feature off last time). Wifi is now off.

The only devices I had hooked up to wifi after changing the ssid and password, was my cell my tablet and laptop, all of which I have not let him near.

Link to post
Share on other sites

If you password protected the Router (strong known only by you) and you disable WPS then he will be 1locked out.

 

If he had physical access to the Router and WPS was enabled then that is how he got in.

 

---

1.  Well not entirely.  he could reset the Router to factory defaults and setup the unit any way he chooses IFF he has physical access to it.

Link to post
Share on other sites

Like I said "Please go back and verify the facts."

 

Prove that he had access.  Otherwise if you don't see him accessing it, he's lying to get a rise out of you.

 

 

I think you might be right, He is lying.

 

Either way as long as he staying with my sister shes not  getting access to my internet again, considering he pulling crap like this, and I had my isp calling me because of movies being pirated, as well as the fact he had 15 phones connected to the modem.

Link to post
Share on other sites

Yepper.  It's a matter of culpability.  The subscriber is responsible for the actions of whoever uses the WAN IP.  If one has an Open WiFi and is the subject of War Driving and the actor performs a nefarious action, then the subscriber can be held liable.  If one takes ordinary measures to secure their subscription then they limit liability.

 

The thing is if he states he has access, you can prove if he does or doesn't since the Router will know all nodes that use it from the LAN POV.

Link to post
Share on other sites

Yepper.  It's a matter of culpability.  The subscriber is responsible for the actions of whoever uses the WAN IP.  If one has an Open WiFi and is the subject of War Driving and the actor performs a nefarious action, then the subscriber can be held liable.  If one takes ordinary measures to secure their subscription then they limit liability.

 

The thing is if he states he has access, you can prove if he does or doesn't since the Router will know all nodes that use it from the LAN POV.

you would think I would be able to see the list of whos connected, but these modems DON'T load that info at all, its blank. and talking to my isp is like talking to a wall, they have no idea what I am talking about, heck they can't even tell me how to set it up so that you can only access the router with a lan connection only.

 

 

in case your wondering the modem is a hitron cgn3rog.

 

 

I changed the default login password for the router as well( its also different from the wifi password).

Edited by fivealive
Link to post
Share on other sites

it won't matter if you change the password cause it will change by default to a new password each day unless your cable company doesnt do that for security purposes like mine did before i got rid of their gateway and got a straight docsis 3.0 motorola modem and used my own belkin ac 1800 db router

Link to post
Share on other sites

fivealive:

 

It is a Modem+Router.  The modem component is a moot point.  It is the Router that you monitor for such as;  LAN/WiFi connections, activity, DHCP leases, etc.

 

 

Odd, that list was blank last time I was their, and just refused to load. Only seeing my devices listed, so it does seem my cousin is an ass and lieing to stir the pot.

Link to post
Share on other sites

yeppers ...

i agree that your cousin was using some *tools* to find out what was going on and so-forth and this was why he was able to breach your system initially .

('nix does have some good stuff/tools available ... used legally , of course) .

your cousin is a groys shvants .

 

 

@ david :

it seems to me that one can exclude all devices except by password and mac address/ein .

if this information is entered into the router , no equipment except for those on the "list" are getting on .

one can make the router/network more secure by locking it down ; no auto-handshake/beacon/broadcast and the "friendly mode" is turned off , etc .

encryption with a really random large key is a must with the password(s) following suit .

of course , someone that is really dedicated (and hip) could conceivably hack their way into the modem/router and perform skulduggery ...

some of the tools that are capable of cracking large keys/encryption take quite some time to run (measured in hours) ... more time than the casual wannabe is willing to invest .

sooner or later , the *decrypted* key will be tried ... at this point logging software can/will show the attempt and with any luck identifying pertinent information of the machine attempting to connect will be logged .

Link to post
Share on other sites

All network interfaces have a Media Access Control (MAC) address.

 

In a Command Prompt you can type;  arp -a

It will show a table of IP addresses and the MAC address associated with it.

 

  Internet Address      Physical Address      Type
  192.168.1.1           00-1f-90-79-f0-b0     dynamic
  192.168.1.10          60-a4-4c-b5-10-b9     dynamic

 

The above shows my Router (192.168.1.1) has the MAC address of;  00-1f-90-79-f0-b0

It also can be expressed as; 00:1f:90:79:f0:b0

 

If you know the MAC address of a device then you can either use MAC Authentication which allows only devices whose MAC addresses are listed in a table, or as MAC Restriction which is a table of defined MACS which are specifically DENIED access.

 

Reference:

http://en.wikipedia.org/wiki/OSI_protocols

http://en.wikipedia.org/wiki/OSI_model

 

osi.gif

Link to post
Share on other sites

Aside:  that is a nice looking chart - but I take one exception.

 

NIC == Network Interface Card - so referring to it at a NIC Card is erroneous, because you're essentially saying Network interface Card Card....

 

sorry, personal pet peeve of mine.../Aside

 

MAC Address Authentication would be the best option here, because if the kid ever figured out you were blocking his MAC the MAC restriction, he could possibly learn how to spoof another MAC address and get back on the network (assuming he actually can get back on in the first place).  But, if you restrict the router to only allow the MAC addresses of the devices that you own / allow, it will be harder for him unless he figures out how to spoof one of those specific devices *and* get on the network when the device he is spoofing is not actually on the network.

 

Dave, if his sister's computer is allowed back on, though, would he be able to make use of ICS in the computer itself to still get access?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.