| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 90465 | 2008-06-04 05:50:00 | How can I find out who's stealing my wireless? | registeryourface (13834) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 675476 | 2008-06-04 21:50:00 | The complexities of this topic are beyond me, but I have a simple question. I thought each computer has a unique IP address, so if a neighbour or whoever hacks into a wireless router, couldn't the ISP figure out who it is and send THEM the bill? | Strommer (42) | ||
| 675477 | 2008-06-04 22:03:00 | Not that simple. The internal IP's would be different as registeryourface's DHCP server would give the alleged thief an internal IP but they all go through registeryourface's Modem which would only have one IP to the Internet. | Bantu (52) | ||
| 675478 | 2008-06-05 02:13:00 | >So this morning I had 13 emails from TelstraClear telling me that we'd used an extra 13Gb over our normal usage plan. Thats (say) an extra 600M per day (given the pirates will have a few days off) This could easily be caused by your PC's: spyware, viruses, trojans or simply P2P/file sharing programs running continuously in the background. I would check & see if TelstraClear are going to charge for the extra usage(some plans charge for extra usage) Maybe you are part of a botnet (sorry, couldnt resist to throw that in). |
sroby (11519) | ||
| 675479 | 2008-06-05 02:16:00 | To answer your question will depend on your wireless router. Can you login to your routers control panel? If so, is there a list of currently connected MAC addresses? A mac address is like an IP, but instead of identifying an IP, it identifies a network card (such as a notebook's built in wireless, or an ethernet card). MAC addresses are burned in at the factory and are most of the time unchangable. If you were intent on finding out, you could use wireshark/ethereal to capture the traffic, and match the offending mac address to an ip address. I'm not sure what you mean by 'find out who'; do you mean find out their name and address? The only way to do this if all you have is their IP address is to try gain access to that computer (for example running a port scan against that IP, finding any vulnerable services, use that to login, snoop around and find their data). This is illegal though. If they are like most users, they will not store their name and address on their PC (would you?:P) and run firewalls to protect against this. Or you could use the router to not allow connections from that mac address. This will stop them unless they know how to change the mac address (not all network adapters allow this). If you run CMD and type in netstat -a every so often and see who/what is actually connected to your PC. There is software called Network Magic that might tell you who is connected also, but it is not free. This wont help, as the thief will be connecting to the wireless router, not the PC. You should check first if you are going to get charged for the extra traffic. I think 13 emails constitutes sufficient notification that you have gone over your quota. Also are you sure its not a flatmate who is downloading all this data? Finally, at least change the password. Use WPA if you can, but if you must use WEP, change the password daily. Also switch off the router when no one is using it. |
utopian201 (6245) | ||
| 675480 | 2008-06-05 04:55:00 | This wont help, as the thief will be connecting to the wireless router, not the PC. netstat -a will show any computer and port connected to the local network. If the thief is getting an ip from his wireless router then it will show. |
Bantu (52) | ||
| 675481 | 2008-06-05 05:35:00 | netstat -a will show any computer and port connected to the local network. If the thief is getting an ip from his wireless router then it will show. netstat only shows all connections to and from your computer, not all computers in the lan. So if the thief connects to your computer, then yes, you will see their IP. If they connect only to the wireless router, and use it as a gateway, netstat will not show it. Perhaps with wireless it may work however, not because netstat shows all computers in a lan, but because wireless is a broadcast medium, so everyone sees everyone. But I'd still have thought all connections must go through the access point. |
utopian201 (6245) | ||
| 675482 | 2008-06-05 05:38:00 | Damn, it's really not that complicated. Before doing anything, log onto your router and look at the DHCP pool, you'll be able to see how many addresses are assigned, which ones are active, etc etc, To verify that someone is actually using your internet. Then put WPA or WPA2 encryption on the wireless network. WEP is pointless, it takes only minutes to hack, as does spoofing a mac address or hiding the SSID. |
wratterus (105) | ||
| 675483 | 2008-06-05 06:07:00 | Your router config page will tell you everyone who is connected to your LAN, what their IP/MAC address is and often their hostname (computer name) Then once you know that, you can start sending the viruses :D |
Agent_24 (57) | ||
| 675484 | 2008-06-05 06:31:00 | So, thanks for the advice... We've got no file-sharing/p2p programs or anything like that, and I get the feeling its not a virus since half the downloading is done when our computers are turned off. I've gone so far as to find the MAC address of the thief, but yeah, not too sure as to what to do now. I'm keen to find the name/address/any details of whoever it is, we live in a house with four pretty small flats in it, and it's almost definitely one of our neighbours. And I don't care if getting into their system is illegal, i'm not going to cause any harm. Think of it as self-defense of a sort. We're singing to the tune of what is now over $70 worth of internet we haven't used. Telstraclear doesn't care. |
registeryourface (13834) | ||
| 675485 | 2008-06-05 06:41:00 | Find out their IP address: if your router doesn't tell you (though it should) then you can use some technique from here compnetworking.about.com Once you know that, then if they're stupid enough they might have shared files that you can access (or delete), or ports open etc Or just give your network a password which should stop most idiots |
Agent_24 (57) | ||
| 1 2 3 | |||||