Who'S On My Wifi - Software

[Daffy D]

So I got this shiny new WiFi Modem/Router and as with anything new there are new things to worry about.

You hear so much about people secretly connecting to your network that some kind of security seems to be necessary.

Been doing some Googling and found - http://www.whoisonmywifi.com- which scans your system every few minutes and pops up a warning if a new unrecognized WiFi has connected to you.

Am trying the 30 day free trial and it seems to do what it claims but it's not free.

So any one know of a similar free software

Thanks.

[richard_smith237]

But you can password protect your router, only those with the correct password can log on.

[necronx99]

You don't need it, at all. use wep-pka encryption on your network and a strong password.

Your router will show you all connected devices and you can also limit access to only known devices by filtering on the device MAC.

[thaimite]

I would rather know that nobody can steal my stuff than know who stole it. As mentioned by others use strong WPA2 encryption, (WEP is broken and can be cracked in minutes) and if your modem supports it consider using MAC address filtering which will let only authorised machines join the network even if they know the password. (Yes I know MAC addresses can be spoofed but it is an added level of security). Finally many modems have the option to make the network invisible (hide the SSID) so that it does not show up on a scan of somebody looking for a free ride. Again not perfect but it helps. All of this is much better than knowing somebody is stealing your bandwidth.

TIP If you want to make your network invisible, make sure it is working as visible before hiding your SSID, as that is much easier to set it up that way

Edited April 16, 2012 by thaimite

[ThaidDown]

Agree fully with Thaimite, keep the freeloaders/ hackers out.

If for your own interest you want to check who is logged on, why not use one of the many useful utilities from Nir Sofer.

Wireless Network Watcher available from Nirsoft dot net (sorry can't post link)

Free, Portable and only 225KB in size.

[h90]

I would rather know that nobody can steal my stuff than know who stole it. As mentioned by others use strong WPA2 encryption, (WEP is broken and can be cracked in minutes) and if your modem supports it consider using MAC address filtering which will let only authorised machines join the network even if they know the password. (Yes I know MAC addresses can be spoofed but it is an added level of security). Finally many modems have the option to make the network invisible (hide the SSID) so that it does not show up on a scan of somebody looking for a free ride. Again not perfect but it helps. All of this is much better than knowing somebody is stealing your bandwidth.

TIP If you want to make your network invisible, make sure it is working as visible before hiding your SSID, as that is much easier to set it up that way

that MAC address thing has one good thing, it can not be spoofed when you don't use it. So in that time the potential bad guy can't do a thing. Another thing is, if you don't need it for a longer time, switch it off.

[matt111]

The MAC address can be spoofed.

For your own wifi ideally use strong encryption and MAC address filtering (most TOT, True, CAT, 3BB supplied routers support this). If you're on mac or linux a simple nmap command will do the same as the above software without polluting your PC with closed source (read untrusted software). Having said that people can still crack WPA etc.. SSID filtering seems to cause problems with some laptops I've seen so I havent yet enabled that, there some point a limit to how far you go before you wear tin hats.

Although I have a friend in the UK that is currently on bail for something that happened from his IP address, one avenue he suspects was via his open wifi point, although it could still turn out to be an employee or etc... Its only a matter time before some innocent bar/resturant owner get caught up in something like this, so at least add WPA and change your wifi code regularly. Big companies are already catching on albeit more sophisticated internet devices - e.g. Bangkok airways lounge requires your boarding pass to issue an unique code which presumably removes some of their liability, same with the big hotels.

[how241]

But you can password protect your router, only those with the correct password can log on.

Spend some time and read the manual or Goggle the brand and they will tell you have to protect your wi-fi.

[astral]

Forget the sw.

1. Strong password on the router

2. Strong WPA wireless password, change it regularly if you are really paranoid.

3. MAC address filtering if supported

Then sit back in confidence

PS

The MAC address can be spoofed.

Yes but you have to know what value will be accepted , and that is not so easy.

[Daffy D]

Thanks all for your replies.

This is a bit of a learning project for me rather than being paranoid, just trying to keep up with the ever moving advance of technology.

I am using WPA2 encryption so sounds as if I'm pretty well secured.

Will have a look at the MAC address thing and have a play around with that, also the SSID filtering.

I am trying the free Nirsoft program which does the job but does not have the automatic scans but useful for checking who is logged on or if I see someone with a laptop lurking outside the window.

:-)

[MJCM]

...........

The MAC address can be spoofed.

Yes but you have to know what value will be accepted , and that is not so easy.

The standard value for most routers is 00:00:00:00:00:00, so it's wise to change that a More difficult value (Only numbers (0-9) and letters (A-F) accepted)

Edited April 17, 2012 by MJCM

[surayu]

Your router should have an option where you can see whoever is connected at any times and also keep a log of the connections, what model and make it is?

I keep mine open, as long as i don't get penalized by this, i don't have problem in sharing it, as at the end of the month the bill will always be the same....

[MJCM]

Your router should have an option where you can see whoever is connected at any times and also keep a log of the connections, what model and make it is?

I keep mine open, as long as i don't get penalized by this, i don't have problem in sharing it, as at the end of the month the bill will always be the same....

Up2you if you keep it open, but when you get penalized because of it, it's too late to do anything about it.

[surayu]

MJCM, if someone want to get inside your connection, there is nothing you can do to make that impossible, not even the NASA is safe...

I think, as long as you can prove that any mess was not made by you, it should be ok, no?

[MJCM]

^ But how can you prove it ? It's done via your IP Address which was at that time assigned to your Router by your ISP. Isn't that all that counts ? Guilty Until Proven Innocent ?

[surayu]

Internal logs and MAC address have been created for a reason, or more than one, don't you think?

[MJCM]

Yes true, but you have to prove it not they, and that's why I don't share my Connection. Too much hassle which can easily be avoided

[surayu]

Well i will try to go on like this as long as it goes, internet in this time should be a right for everyone to have, if someone want to make troubles for somebody else, they will always find a way, then if you are innocent, there should be a way to demonstrate it.

It's like driving refusing to drive in public roads because there is a danger that others will tell you are the guilty one in an accident while in reality you are not...don't let the bad people to be a deterrent against your (legal) good intentions.

Edited April 17, 2012 by surayu

[MJCM]

^ surayu. I have to take my hat off to you, You prove Chivalry isn't dead yet ! Respect

Edited April 17, 2012 by MJCM

[thaimite]

MJCM, if someone want to get inside your connection, there is nothing you can do to make that impossible, not even the NASA is safe...

I think, as long as you can prove that any mess was not made by you, it should be ok, no?

Whilst this may be technically true, it is a matter of effort vs reward.

A hacker would have to go to a of effort to crack a strong WPA2 password, finding out your MAC address would probably require getting access to your machine, and all that just to get some free WI-fi!! or maybe you have access to secrets like the ones in NASA. You will never stop a determined thief but you can always persuade him that somebody else is an easier and better target.

[thaimite]

...........

The MAC address can be spoofed.

Yes but you have to know what value will be accepted , and that is not so easy.

The standard value for most routers is 00:00:00:00:00:00, so it's wise to change that a More difficult value (Only numbers (0-9) and letters (A-F) accepted)

It is not the MAC address of the router, but the MAC address of the machines which are allowed to be connected to it which you need to know.

I have never sen a MAC address of 00:00:00:00:00

[thaimite]

I keep mine open, as long as i don't get penalized by this, i don't have problem in sharing it, as at the end of the month the bill will always be the same....

Where did you say you lived? I need to download some torrents and I am out of bandwidth

[surayu]

Thanks i appreciate it, sometime i am pervaded by that Don Quijote kinda feeling

If you read some of my old posts, you will see that i would have more than one reason to deny at least a few of my neighbours of any sort of respect, however, i don't want the random passer by, his computer and his dog to be denied an opportunity just because of a minority (well, i hope they are a minority...) and also the rest of the neighbourhood (i cover an area of about 2KM), not bad for a semi-jungle zone.

We can have a better world if we start contributing to it ourself

[draftvader]

You could use Tomato Firmware (if your router supports it). This will give you granular control over your security settings. I run a 4 router WiFi network that uses a WPA2 password and then I provide a list of MAC addresses that are allowed to use the network. This provides plenty of good protection. Remember, people can still see you network, but they can't attach unless they have the pass. You would need a STRONG, determined, hacker to hack this. 99.99999% of people will pass you by for another network without security.

http://www.polarcloud.com/tomato

[surayu]

or maybe you have access to secrets like the ones in NASA.

that's far from being a NASA secret, almost as the recipe for the Khao Phat, for which i don't really know all the ingredients anyway , the Khao Phat i mean

[draftvader]

With the added bonus of being able to "cook" your router up to higher distances (please make sure your router is well ventilated and stored in a cool place if you do this).

The following 2 links will take you a long way (with a lot of reading...but then again, some people LOVE a project!).

http://en.wikibooks.org/wiki/Tomato_Firmware/Installation_and_Configuration

http://www.programypc.pl/wrt54;script;generator;v1;02;pl,pobierz,2210.html

This software DOES have English language options

[MJCM]

...........

The MAC address can be spoofed.

Yes but you have to know what value will be accepted , and that is not so easy.

The standard value for most routers is 00:00:00:00:00:00, so it's wise to change that a More difficult value (Only numbers (0-9) and letters (A-F) accepted)

It is not the MAC address of the router, but the MAC address of the machines which are allowed to be connected to it which you need to know.

I have never sen a MAC address of 00:00:00:00:00

Sorry Small mistake, it should read "the standard value in the mac address filter for most routers is 00:00:00:00:00:00".

But then again everything can get spoofed

Edited April 17, 2012 by MJCM

[gusG]

Depending on your IPS and router, when you log into your router, open DHCP in the basic settings,and in the choices, there is a DHCP table that tells you who is logged into your Wi-fi.

If you don't know any of the Host names or MAC addressees there, go to your Wireless settings and there is a MAC address filter , that you can copy and paste MAC numbers into this table, to disable their access to your Wi-fi.

No need for a program to monitor your traffic, it is already there.

Edited April 17, 2012 by gusG

[MJCM]

Depending on your IPS and router, when you log into your router, open DHCP in the basic settings,and in the choices, there is a DHCP table that tells you who is logged into your Wi-fi.

If you don't know any of the Host names or MAC addressees there, go to your Wireless settings and there is a MAC address filter , that you can copy and paste MAC numbers into this table, to disable their access to your Wi-fi.

No need for a program to monitor your traffic, it is already there.

It all of course depends on the brand of your Router if it's there or not. A lot of the standard / cheap routers don't offer MAC address filtering.

But this is where draftvader's suggestion (Tomato) can come in too play (His post about this: )

Edited April 17, 2012 by MJCM

[matt111]

Internal logs and MAC address have been created for a reason, or more than one, don't you think?

But I guess you've never checked what they actually record? That little box with flashing lights can log (rotating) at most can store few megabytes of largely worthless information,

its prime purpose is for troubleshooting connectivity issues (did this MAC address request an IP lease from the dhcp etc..) that have happened in the very recent time period.

It's like driving refusing to drive in public roads because there is a danger that others will tell you are the guilty one in an accident while in reality you are not...don't let the bad people to be a deterrent against your (legal) good intentions.

What you propose is leaving your house doors open at night because you've recognized the danger that you might get robbed with locks anyway, so screw any

precautions. Or in your specific example not wearing a seat belt on a public road because you might get injured with one in an accident anyway.

Depending on your IPS and router, when you log into your router, open DHCP in the basic settings,and in the choices, there is a DHCP table that tells you who is logged into your Wi-fi.

Dont request a lease from the DHCP server, just take a address somewhere in same subnet generally 192.168.1.x. Its a good start but not always works.

Dont run an unsecure WIFI network you greatly enhance any risk. If you are a restaurant or bar then at least WPA it and change the password daily, if sufficiently large approach a vendor that provide gateway equipment that will allow you to issue unique username/password for access (e.g. bangkok airways, big hotels etc..)

Or if you live in ignorance, then live in greed too, dont run an open WIFI because it can make things slow for you..

Edited April 17, 2012 by matt111