Ensuring your wi-fi connection is not being used by a neighbour!

stirlo_2

How do you know whether a neighbour is on your wi-fi? I am pretty sure that I have got a WEP code switched on on my computer, but since I got *be unlimited broadband 2 weeks ago, it seems like I have downloaded an awful lot of information considering I havn't begun to download any files on it yet. Also, my internet package seems to average speeds of about 7-8mbps, but when I have tried to stream BBC iplayer late at night (around 11pm) I still get frequent times when it has to 'buffer' - It never did this on my old,(less than 2mbps average) connection.

How can I prove to myself that I have definately locked my wi-fi?

Decado23

I'd definately recommend moving over from WEP to WPA (or WPA 2 if available) - I read a while ago that someone with the right know how and some fairly easily obtainable gear can crack WEP in around 3 minutes.

I read recently that WPA has been cracked but is still generally more secure than WEP. WPA 2 remains, as far as i'm aware, a safe bet.

You should aslo be able to use MAC address filtering in your router - only enable specific MAC addresses for your own devices.

EDIT:

it's also possible you have various pieces of software (legitimate or otherwise) that automatically download updates in the background - this could account for higher than expected usage.

Syman

i would change the WEP settings, if someone has your existing code changing it will "lock" them out.

then see if the problem persists

JASYMORR

Disconnect from your network totally, do a search for available networks and then try to re-connect should do the job. It has to ask you for your security key info again. If it doesnt and you can connect good chance you have not set up a security key on it thus anyone within range could be using yours

espresso

JASYMORR wrote: »

Disconnect from your network totally, do a search for available networks and then try to re-connect should do the job. It has to ask you for your security key info again. If it doesnt and you can connect good chance you have not set up a security key on it thus anyone within range could be using yours

No it doesn't if it's been set-up correctly!

I agree with post#2, you should not be using WEP encryption.

verbyl.belch

Make sure you definately have some form of encryption/security (WEP/WPA) enabled. Disable SSID broadcasting and if your router allows it use MAC filtering and only allow your computer to access the network.

Read up on these, they are really informative, (both taken from ocforums.com)

Wireless 101: A guide to security
Networking guides

Pete

espresso

verbyl.belch wrote: »

Make sure you definately have some form of encryption/security (WEP/WPA) enabled. Disable SSID broadcasting and if your router allows it use MAC filtering and only allow your computer to access the network.

Disabling SSID broadcast and MAC address filtering does nothing for security. Using a long random WPA/WPA2 passphrase is all that is required.

Decado23

espresso wrote: »

Disabling SSID broadcast and MAC address filtering does nothing for security.

I'm not sure that's entirely accurate - disabling SSID broadcast (and changing the SSID) would instantly make it more difficult to make unauthorised connections. It's possible this information can be sniffed but this would require a certain amount of technical knowledge. IMO - will stop the casual neighbourhood wifi hijack, will not deter a determined hacker.

Mac address filtering can be set up to prevent any connection except from authorised devices - again, someone with the right knowledge may be able to determine an allowed MAC address and then spoof it.

In general security in depth, with multiple layers should be your aim - It's nigh on impossible to create a 100% guaranteed secure connection. You just need to make breaking in enough of a pain in the bum that people will go looking elsewhere instead.

hbl_2

If you really want to screw with people, you can set up the kitten-net or backtofront net with some clever scripting and mac address filtering. Google it!

verbyl.belch

Decado23 wrote: »

I'm not sure that's entirely accurate - disabling SSID broadcast (and changing the SSID) would instantly make it more difficult to make unauthorised connections. It's possible this information can be sniffed but this would require a certain amount of technical knowledge. IMO - will stop the casual neighbourhood wifi hijack, will not deter a determined hacker.

Mac address filtering can be set up to prevent any connection except from authorised devices - again, someone with the right knowledge may be able to determine an allowed MAC address and then spoof it.

In general security in depth, with multiple layers should be your aim - It's nigh on impossible to create a 100% guaranteed secure connection. You just need to make breaking in enough of a pain in the bum that people will go looking elsewhere instead.

I have the same view. The majority of people who steal bandwidth have limited skills and only connect to networks because they are there. By simply disabling SSID, these people will either look elsewhere or adopt, "it was good whilst it lasted" mentallity.

Obviously, this isn't the be all and end all and espresso is right that a long random passphrase is required. No, 'password's or 'qwerty's please. But what i outlined is a simple measure to make your network go unnoticed (by most people) in a street of wireless networks.

robredz

Along with hiding the SSID, MAC address filtering, and WPA also give each authorised machine a fixed IP address and disable DHCP to prevent auto allocation of an IP address which may allow a war driver to sniff out and connect to your internet more easily.