Can't "see" other users

Using Windows XP, I recently installed a home wireless network from a
cable router for 2 computers, and my next door neighbor said he can pick
up my signal, even though I have a McAfee firewall. How can I tell if
someone is "on" my network.
Howard Kainz

On Mon, 23 Feb 2004 15:48:40 GMT, howard kainz spoketh

>Using Windows XP, I recently installed a home wireless network from a
>cable router for 2 computers, and my next door neighbor said he can pick
>up my signal, even though I have a McAfee firewall. How can I tell if
>someone is "on" my network.
> Howard Kainz

The firewall does nothing to prevent other from seeing the _existence_
of your network. You have a radio transmitter in your house, and anyone
within a certain range can pick it up.

What you need to do is secure your wireless network. This is done by
encrypting the traffic and also filtering by MAC address. How to do this
should all be explained in the manual for your product.

Lars M. Hansen
www.hansenonline.net
Remove "bad" from my e-mail address to contact me.
"If you try to fail, and succeed, which have you done?"

howard kainz schrieb:
>
> Using Windows XP, I recently installed a home wireless network from a
> cable router for 2 computers, and my next door neighbor said he can pick
> up my signal, even though I have a McAfee firewall. How can I tell if
> someone is "on" my network.
> Howard Kainz

You don't say what make of router you are using, but assuming you have a
wireless LAN router which can be managed with Internet Explorer, you
might look at admin panels "status - Wireless" or "home - DHCP", or
something similar, to see who is connected.

T.

That shows people that used DHCP to connect, but isn't there a 'loophole'
that if someone is smart enough to use a static IP address in your range,
they won't show up?

Also, if you turn off SSID broadcast, they won't even 'see' you.

Tom
"Thomas Peel" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
>
> howard kainz schrieb:
> >
> > Using Windows XP, I recently installed a home wireless network from a
> > cable router for 2 computers, and my next door neighbor said he can pick
> > up my signal, even though I have a McAfee firewall. How can I tell if
> > someone is "on" my network.
> > Howard Kainz
>
> You don't say what make of router you are using, but assuming you have a
> wireless LAN router which can be managed with Internet Explorer, you
> might look at admin panels "status - Wireless" or "home - DHCP", or
> something similar, to see who is connected.
>
> T.

Tom Scales schrieb:
>
> That shows people that used DHCP to connect, but isn't there a 'loophole'
> that if someone is smart enough to use a static IP address in your range,
> they won't show up?
>
A static IP address is a static mapping to a MAC address. That means
they would have to clone the MAC address, right? I would definitely have
a serious talk with the neighbours if that showed up.
T.

> Also, if you turn off SSID broadcast, they won't even 'see' you.
>
> Tom
> "Thomas Peel" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> >
> >
> > howard kainz schrieb:
> > >
> > > Using Windows XP, I recently installed a home wireless network from a
> > > cable router for 2 computers, and my next door neighbor said he can pick
> > > up my signal, even though I have a McAfee firewall. How can I tell if
> > > someone is "on" my network.
> > > Howard Kainz
> >
> > You don't say what make of router you are using, but assuming you have a
> > wireless LAN router which can be managed with Internet Explorer, you
> > might look at admin panels "status - Wireless" or "home - DHCP", or
> > something similar, to see who is connected.
> >
> > T.

On Mon, 23 Feb 2004 20:36:21 +0100, Thomas Peel spoketh

>
>
>Tom Scales schrieb:
>>
>> That shows people that used DHCP to connect, but isn't there a 'loophole'
>> that if someone is smart enough to use a static IP address in your range,
>> they won't show up?
>>
>A static IP address is a static mapping to a MAC address. That means
>they would have to clone the MAC address, right? I would definitely have
>a serious talk with the neighbours if that showed up.
>T.
>

The DHCP status table would only show for IP addresses with a valid
lease. If the DHCP server in question supports DHCP reservations, then a
specific IP address would always be assigned to a certain MAC address.
If someone simply sets an IP address in the OS to one matching the IP
address scheme on the (W)LAN, then it would not show up in the DHCP
lease table. The only way to spot something like that would be if the
access point logs the MAC addresses of the clients that are connecting.

Use WEP encryption and MAC address filtering to prevent unauthorized
access to your wireless network. Disabling SSID broadcasts is "security
by obscurity" at best, and that's really not good enough.

Lars M. Hansen
www.hansenonline.net
Remove "bad" from my e-mail address to contact me.
"If you try to fail, and succeed, which have you done?"

"Lars M. Hansen" schrieb:
>
> On Mon, 23 Feb 2004 20:36:21 +0100, Thomas Peel spoketh
>
> >
> >
> >Tom Scales schrieb:
> >>
> >> That shows people that used DHCP to connect, but isn't there a 'loophole'
> >> that if someone is smart enough to use a static IP address in your range,
> >> they won't show up?
> >>
> >A static IP address is a static mapping to a MAC address. That means
> >they would have to clone the MAC address, right? I would definitely have
> >a serious talk with the neighbours if that showed up.
> >T.
> >
>
> The DHCP status table would only show for IP addresses with a valid
> lease. If the DHCP server in question supports DHCP reservations, then a
> specific IP address would always be assigned to a certain MAC address.
> If someone simply sets an IP address in the OS to one matching the IP
> address scheme on the (W)LAN, then it would not show up in the DHCP
> lease table. The only way to spot something like that would be if the
> access point logs the MAC addresses of the clients that are connecting.

That would be in the other menu - Status -> Wireless - I think?
T.
>
> Use WEP encryption and MAC address filtering to prevent unauthorized
> access to your wireless network. Disabling SSID broadcasts is "security
> by obscurity" at best, and that's really not good enough.
>
> Lars M. Hansen
> www.hansenonline.net
> Remove "bad" from my e-mail address to contact me.
> "If you try to fail, and succeed, which have you done?"

Lars M. Hansen wrote:

> On Mon, 23 Feb 2004 15:48:40 GMT, howard kainz spoketh
>
>
>>Using Windows XP, I recently installed a home wireless network from a
>>cable router for 2 computers, and my next door neighbor said he can pick
>>up my signal, even though I have a McAfee firewall. How can I tell if
>>someone is "on" my network.
>> Howard Kainz
>
>
> The firewall does nothing to prevent other from seeing the _existence_
> of your network. You have a radio transmitter in your house, and anyone
> within a certain range can pick it up.
>
> What you need to do is secure your wireless network. This is done by
> encrypting the traffic and also filtering by MAC address. How to do this
> should all be explained in the manual for your product.
>
> Lars M. Hansen
> www.hansenonline.net
> Remove "bad" from my e-mail address to contact me.
> "If you try to fail, and succeed, which have you done?"

I have a Dell 230 Router with DHCP, set up just for file sharing with
the other computer in our house. I'm not particularly worried about my
neighbor, who is completely trustworthy, but I was surprised that the
signal would go through my walls into his basement MacIntosh computer.
I thought my firewall would at least request permission. I checked
"status" under Local Area Connection Status, and don't see anything
except the information about connection speed, etc. The Dell Truemobile
Control Utility doesn't seem to give any information about other
connections, or maybe I just don't know where to look. Some of this is
a bit over my head, but I'm just wondering if there is some specific
place I could look to see if someone outside my home network is tuning in.
Howard Kainz

On Mon, 23 Feb 2004 21:04:19 GMT, howard kainz spoketh

>
>I have a Dell 230 Router with DHCP, set up just for file sharing with
>the other computer in our house. I'm not particularly worried about my
>neighbor, who is completely trustworthy, but I was surprised that the
>signal would go through my walls into his basement MacIntosh computer.
>I thought my firewall would at least request permission. I checked
>"status" under Local Area Connection Status, and don't see anything
>except the information about connection speed, etc. The Dell Truemobile
>Control Utility doesn't seem to give any information about other
>connections, or maybe I just don't know where to look. Some of this is
>a bit over my head, but I'm just wondering if there is some specific
>place I could look to see if someone outside my home network is tuning in.
> Howard Kainz

If you don't want other people on your wireless network, use MAC
filtering and encryption (preferably WPA).

To see if someone are connected, it is possible that the DHCP status
page will give you a list of all the IP addresses (with corresponding
MAC addresses) that have gotten an IP address from your DHCP server. If
someone have set their IP address with a static address, it will not
show here.

Also, some wireless access points makes an entry in the logs when a MAC
address makes a connection. If there's an unknown address listed, then
someone have, at some point, gotten a connection to your wireless access
point.

I'm not sure which firewall you are referring to, but if the router in
question does have a firewall (or firewall features), then that applies
only to traffic between the WAN and the LAN interface, and does nothing
to verify traffic on the LAN, and both the wired and wireless network is
on the LAN side of things.

If you have a "desktop firewall" such as ZoneAlarm, Norton Personal
Firewall or any number of other products, they won't tell you that
anything is going on until someone actually attempts to connect to your
computer. Even so, it's very easy to define the LAN as a trusted zone,
thus it wouldn't even care if there was LAN traffic connecting to your
computer. And, since anyone connected to your Wireless network by
default are on your LAN, your desktop firewall would be worthless. It's
also possible to connect to your wireless network, and not bother
connecting to your computer at all, but simply use your wireless network
as a means of free access to the internet.

Lars M. Hansen
www.hansenonline.net
Remove "bad" from my e-mail address to contact me.
"If you try to fail, and succeed, which have you done?"

Tom Scales <(E-Mail Removed)> wrote:

> That shows people that used DHCP to connect, but isn't there a 'loophole'
> that if someone is smart enough to use a static IP address in your range,
> they won't show up?

Not on the DHCP client list; but some wireless AP/routers also list, by
MAC address, all clients connected to their wireless networks.