Neighbors stealing from me help

[Dareoon Dalandrove]

OK so I invited this upon myself. I didn't change the default password on my router and looking at the dhcp client list today, you may have guessed it, more computers were logged than were suppose to be. Now my head is filled with thoughts of revenge and the like, but I would really like to know who these people are and what they might have done while haveing access.

 

[Vigwyn the Unruly]

Change your password and giggle at how pissed off they'll be when they can't connect anymore.

 

[IronWolf]

Depends whether they were casual surfers or not. If the WAP is not secured people may accidentally become connected to it (especially if you live in an apartment or suburb where houses are close together). Sounds like in addition to using the default password you probably weren't using WEP either, meaning anyone could connect to your access point.

If these people were doing more than freeloading then they could potentially know a lot about you and your habits on the Internet, not to mention they could have poked around on your home PC if it wasn't firewalled or if the firewall made exclusions to other addresses on your internal network. If they were more than the casual surfer they most likely know your email password, instant messaging password just from sniffing the Internet traffic.

Files on your PC are subject to compromise also, password lists, financial records, your surfing habits, etc.

I would definitely change the default router password and enable encyryption for wireless connections. Then its time for damage control depending on the type of info on your PC. At the very least change *all* of your passwords. If you had financial data on your PC it would probably be wise to check with the banks and see if there has been unusual activity and change your PINs and such. You really can't be too careful.

Good luck!

 

[Jupp]

Depends whether they were casual surfers or not. If the WAP is not secured people may accidentally become connected to it (especially if you live in an apartment or suburb where houses are close together). Sounds like in addition to using the default password you probably weren't using WEP either, meaning anyone could connect to your access point.

Yeah, give a strong password to the router config, enable WPA or WPA2 on your router and close every hole possible in your firewall. Don't go with WEP encyption, its so easy to crack its not funny :\

 

[J-Buzz]

Another tip is change the name of the router and tell it not to broadcast the name.

IE: Linksys is the default name for linksys routers. If you change that to bob and tell the router not to broadcast the name then anyone connecting to your router will have to know and key in the name before connecting. This will keep out the average user, but anyone with any know how can get around this.

You can also set up a MAC Filter. So you key in the MAC Address of your wireless network card on your router in a "allow" list. And they only your computer can communicate. Again this will keep out the average user, but a wireless expert could probably get around this.

And like others have said enabling WEP is a good idea. <- I guess I did not know WEP was that easy to crack. Shows what I know.... I guess it is time to review all the technology again concerning wireless access..... :\

 

[Rackhir]

Heh. After my neighbors moved in I noticed a wireless connection was active in the area named "Nikita", so the next time I saw the husband if it was he or his wife who was the Luc Besson fan, he was taken aback until I explained about the name of the wireless network and suggested that he change things so it wouldn't broadcast the name of the network.

If you want just check your local network to see if they have shared any drives or something like that. Most people don't set up securty when the share stuff like that on a home network. IF you were really nasty you could encript their HD and files and then demand part of the cost of the internet access as payment for unencrypting it. Or you can just ask them if they want to help pay for your internet access and if they don't then you can cut them off.

 

[Jarrod]

I'm going to weigh in on the side of "it was probably an accident". In our apartment building we have ~4 networks that I can see; mine, which is MAC-limited and doesn't broadcast the name, the neighbor's (I know from the network name) which is open but doesn't use the default name; and two default names from different vendors. For the longest time email didn't work right for my wife because she was joining the neighbor's network by default instead of ours -- both didn't require typing in a password, so there you go. The same thing will happen with most computers. I have mine set up to say "You're joining XYZ, do you want to?" but that is not a default.

As for security, there isn't. Any wireless security can be hacked if someone wants to try hard enough. What I do is balance security vs. ease of use and limit the possible damage if things break. That includes using SSL for tunnelling email, SSH if you need to login to a machine manually, and the like.

 

[Rackhir]

FYI : Cnet has an article on this sort of problem.

http://news.com.com/FAQ+Wi-Fi+mooching+and+the+law/2100-7351_3-5778822.html?tag=nefd.pop

 

[LightPhoenix]

Just FYI, but people have been convicted of this as a crime very recently, like last week. I'd try talking to them first, and of course changing the router name/password, but should they be belligerent, it's good to know you have legal options.

 

[Thonatos]

Another tip is change the name of the router and tell it not to broadcast the name.

IE: Linksys is the default name for linksys routers. If you change that to bob and tell the router not to broadcast the name then anyone connecting to your router will have to know and key in the name before connecting. This will keep out the average user, but anyone with any know how can get around this.

You can also set up a MAC Filter. So you key in the MAC Address of your wireless network card on your router in a "allow" list. And they only your computer can communicate. Again this will keep out the average user, but a wireless expert could probably get around this.

Well said.

Broadcasting name == SSID <-- incase you where unsure

MAC Filter Allow List == Very good solution. Though 'spoofing' mac addresses is not unheard of.

A good idea to shut off dhcp server on the wireless. Adjust the network from the (172|198) to something else.

Ensure you have a personal pc Firewall & Antivirus up and running.

Chances are, someone like me jumped onto your network just to use it. Not to "abuse" it's owner. More then likely the joke is on you for allowing them access to the Inet for "FREE".. and not because they now have your bank data.

TIme for a comprehensive password solution as well. Strong passwords instead of weak ones.. there are plenty of sites offering thoughts on Strong passwds.. google it. Also make sure you have different passwords for different things.. that single password scheme 80% of us are using is.. not kewl.

GL !!