We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Rogue Network Intrusion
Options
Curry_Queen
Posts: 5,589 Forumite
in Techie Stuff
Hi
I was wondering if I could ask you good knowledgeable people for some advice again please
I've been having problems today with one of the PC's on my wireless network picking up a rogue connection elsewhere, presumably from the new internet cafe type place that's setting up just a few yards from my home. I noticed they had PC engineers working there today so it seems likely they are the cause :rolleyes:
I've tried to re-route it back to my own network but it's refusing to even see it for some reason and will only connect to this other network, albeit at a very low signal strength of around 1.0mbps. I'm also worried about the security implications and whether any information on this PC could have been accessed by them before I noticed the switch in network (it's disabled now) and what can I do to sort it all out
The networks are on completely different channels so I can't figure out what's going on. Help!
I was wondering if I could ask you good knowledgeable people for some advice again please
I've been having problems today with one of the PC's on my wireless network picking up a rogue connection elsewhere, presumably from the new internet cafe type place that's setting up just a few yards from my home. I noticed they had PC engineers working there today so it seems likely they are the cause :rolleyes:
I've tried to re-route it back to my own network but it's refusing to even see it for some reason and will only connect to this other network, albeit at a very low signal strength of around 1.0mbps. I'm also worried about the security implications and whether any information on this PC could have been accessed by them before I noticed the switch in network (it's disabled now) and what can I do to sort it all out
The networks are on completely different channels so I can't figure out what's going on. Help!
"An Ye Harm None, Do What Ye Will"
~
It is that what you do, good or bad,
will come back to you three times as strong!
~
It is that what you do, good or bad,
will come back to you three times as strong!
0
Comments
-
Unfortunately, such issues became much more common lately. About half of the wireless equipment sold today comes with no default security whatsoever, and if you combine that fact with the "broadcast ssid" option usually switched on, it's no wonder that close neighbours can easily proxy each other's connections, most of the time not even noticing it.
The reason your pc refused to reconnect to the home network was probably due to the settings of its wireless card, in particular due to the way network security was (is) implemented. I assume you have some sort of a wireless security in place (WEP, WPA, etc), and I'm almost sure that those engineers, while performing maintenance, had no security in place and ssid broadcasted. As such, your card had a choice of connections, and without explicit instructions it chose the "better" one - easier to connect (probably open authentication only - versus your encrypted network) and faster (as advanced wireless security can easily consume have of the available bandwidth). Low signal strength was probably due to the distance to the "rogue" ap. It would make no difference in terms of channel, as channel is normally preset only for the ad-hoc mode, and in case of the infrastructure-based connection (which looks like your case) most of the client adapters regularly scan the air for a better access point (using all available spectrum - 13 channels for ETSI).
In terms of prevention - really depends on the drivers of the client adapter, but even in the worst case scenario you should have at least a few settings to play with. Use whichever ones are applicable from the following list: disable ssid broadcast (on the router), make clients connect only to specific ssid(s) (as opposed to "any"), forbid clients to connect to non-secured networks. More advanced client adapters (cisco, intel, could be others as well) would actually allow you to specify a mandatory access point, i.e. the only access point allowed to use (usually enforced by entering ap's MAC somewhere in client adapter's settings).0 -
have you set your own network up as the preferred network of your PC that picked up teh rogue connection?0
-
Woby_Tide wrote:have you set your own network up as the preferred network of your PC that picked up teh rogue connection?
I called the guy who's running the "rogue" network and at first he denied any responsibility as he hasn't got any wireless equipment, but later he called me back to say it was his network (I was picking up a 2WIRE network and that was what BT had installed for him!) and unbeknown to him his router had wireless capabilities and was throwing off a signal :rolleyes:
He was also rather concerned that he had no firewall or security protection and anyone with a bit of savvy (not me as I wouldn't have a clue how to do it) could have accessed everything he had LOL!
On my own network I've renamed my SSID and disabled broadcast, plus have WEP enabled with security keys and only allow identified MAC addresses access to my netowrk, so I think I'm pretty secure from intrusion.
I managed to re-establish a connection with the wireless PC on my own network but for some reason it keeps dropping the connection and I can't figure out why. It used to do this when I first set it up, and I can't remember what I did to correct it, but it ran perfectly fine until the problems with the rogue network.
I've often wondered if it's the PCI card not working properly (an ASUS model) and wondered whether buying a Netgear card (the router is Netgear) might improve things "An Ye Harm None, Do What Ye Will"
~
It is that what you do, good or bad,
will come back to you three times as strong!
0 -
You might have a problem with the wireless card in that pc, but I would also attempt to change settings so that the card could connect only to infrastructure-based networks, plus your specific ssid. Btw, what's the model of the card? You say the cards keeps dropping the connection. Does the connection get resumed automatically, or you have to do it manually?
2WIRE - very impressive blunder. Those rooters were amongst the first on the market to have their wireless security switched on by default (64-bit WEP, with initial key being the router's 10-digit serial number), so that security had to be switched off manually in order for you to be able to access that network. Those engineers certainly did your neighbour a huge "favour". In fact, if it wasn't for you, it might never had been discovered by himself, and he could've become a victim of wardriving in no time. Make sure to mention it to him, as he now ows you a big favour
0 -
Hi
It's the ASUS WL-138g PCI card (802.11g) which wasn't my choice of card but was one we had given so thought why not give it a try :rolleyes:
Occasionally it's picking the connection back up again automatically, but more often than not I'm having to re-boot the router to get it back online again, which is a pain as I then temporarily lose internet connection on my main PC. It's also completely refusing to see my main PC on the network which is causing problems with file sharing and the printers.
I've changed various settings and tried both infrastructure-based and ad hoc connections, as well as using different channels, but I feel I'm just going round in circles now and nothing appears to be working
It's not a huge problem in so much that my main PC is online anyway, but it means my son has to use my PC for online stuff which is a nuisance when I'm using it GRRRR
"An Ye Harm None, Do What Ye Will"
~
It is that what you do, good or bad,
will come back to you three times as strong!
0 -
@Curry_Queen - I started off with an ASUS WL-138g (it was cheap), and after tearing out nearly all my hair decided to chalk it down to experience, and now use a Trust PCI card instead.
From memory, amongst other things, I had a similar problem to you after disabling SSID broadcast - the connection kept dropping. I'm happy with the Trust and, unlike the ASUS, it can be set up for WPA encryption, which is more secure than WEP. (The ASUS claims to 'support WPA' - but you would need a third party application). If you do decide to look at other cards, it may be worth checking their WPA support.0 -
Curry_Queen wrote:... presumably from the new internet cafe type place that's setting up just a few yards from my home...
Call me paranoid, but I would set up personal firewalls on your PCs (Zone Alarm or something) in addition to any hardware firewall in your router. You never know who is going to be in internet cafes! WEP encryption can be got around with the minimum of fuss for a professional (not me I might add!), and MAC addresses can be spoofed. :eek:Organisation and planning are for those who can't handle stress and caffine :rolleyes:
A customer with a biscuit in his mouth, is a customer who can't complain
0 -
Don't worry, I'm probably one of the most paranoid people around, especially when it comes to internet security
I have ZA as well as my hardware firewall and and it runs in complete stealth mode (although no doubt some hardened hacker could crack it :rolleyes: ) but my router is also set to only allow access to my own PC's.
I'm no expert of course but I feel pretty confident that my network is secure and judging by the security alerts from attempted DOS attacks I receive then it must be working ... (I hope!) "An Ye Harm None, Do What Ye Will"
~
It is that what you do, good or bad,
will come back to you three times as strong!
0 -
Had a look for PCI cards supporting WPA, but there don't seem to be too many at the cheaper end of the scale. The Netgear WG311 supports 64-bit and 128-bit WEP, but not WPA. There are various discussion threads about the merits of WEP, WPA etc. If you're happy with WEP, and want to stick with Netgear, PCWorld has a reasonable web price on the WG311, and if you have a local branch, you may be able to order online and collect at the store (to save the delivery charge and get the web price of £30.24 as opposed to the instore price of £44.99).
Ebuyer had a cheap (£20) WPA-capable card, but some of the user reviews suggest that it may put up a fight!
(By the way, if your Netgear router is the DG834G, ADSLGuide had a good review of it: http://www.adslguide.org.uk/hardware/reviews/2004/q3/netgear-dg834g.asp).0 -
I've just been looking at the cards at Broadbandbuyer and wondered about this D-Link card as the WEP goes up to 256 bit encryption, so slightly better than it's counterparts, and also a good price at £28. The reviews on the Netgear WG311 weren't that great and appears to have problems with XP and SP2.
I wouldn't buy anything from Ebuyer on principle, but thanks for having a look for me
Yes, my router is the DG834G so I'll go and take a look at that review, thanks! I've never had a moment's problem with the router itself, and from what you say about your ASUS card I'm inclined to think that's where my problem lies. I'd originally planned on buying a different card (possibly the Netgear) but my ex gave me the other one as I was a bit short of cash after shelling out for the router and my son was impatient for me to get it up and running :rolleyes:
Anyway, thanks very much for your help "An Ye Harm None, Do What Ye Will"
~
It is that what you do, good or bad,
will come back to you three times as strong!
0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.8K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.8K Work, Benefits & Business
- 598.7K Mortgages, Homes & Bills
- 176.8K Life & Family
- 257.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards