Detecting unwanted home wireless network connections from your neighbors

Discussion in 'Wireless Internet' started by Malke, Jun 9, 2007.

  1. Malke

    Malke Guest

    Does anyone of software to tell HOW MANY connections are to your home
    wireless router?

    I am setting up my very first wireless router and I would like to know when
    someone has connected to my network without my knowledge. Is there windows
    freeware to tell us the hostname, ip address, and mac address of all
    computers connected to a router?

    All I can see looking at the router itself is the start and end dhcp number
    but this isn't definitive as machines can come and go on the local network.

    I've googled and read tons of stuff on how to set up the Linksys WRT54G
    wireless home router, for example - limiting the DHCP number to the precise
    number of computers on the home network.

    But I can't find the screen or software which shows me exactly who is
    connected to my router's internet connection.

    Where is the software that tells me WHO is connected to my router?
     
    Malke, Jun 9, 2007
    #1
    1. Advertisements

  2. How many and who are quite different. It's not easy with the WRT54G
    because there is no seperate wireless status page. The best you can
    do is the DHCP client table at:
    <http://www.linksysdata.com/ui/WRT54G/v5/1.00.6/StaLan.htm>
    which doesn't show any connection that has a self assigned static IP
    address.

    The WRT54G also does not directly support syslogd, NetFlow, or SNMP,
    so you can't use a router monitor utility to do the job.

    One thing you can do is sniff the traffic between the WRT54G and your
    cable or DSL modem using something like AirSnare:
    <http://home.comcast.net/~jay.deboer/airsnare/>
    or other intrusion detection system.

    You can also replace the firmware in your router with an open source
    replacement that does offer syslogd, SNMP, and usable status pages.
    <http://www.dd-wrt.com>
    <http://www.OpenWRT.org>
    This should give you a fair simulation of what's available with
    DD-WRT. See that various Status pages:
    <http://www.informatione.gmxhome.de/DDWRT/Standard/V23final/index.html>

    This is my home and office WRT54G routers running DD-WRT v23 sp2.
    <https://office.LearnByDestroying.com:8080>
    <https://home.LearnByDestroying.com:8080>
    The wireless clients list (and DHCP table) are at the bottom of the
    page. Note that not all WRT54G hardware mutations can handle
    alternative firmware.
    I think AirSnare will do what you want. Also see:
    <http://www.linklogger.com>
    <http://sonic.net/wallwatcher/>
    <http://www.dd-wrt.com/dd-wrtv2/rflow.php> (requires dd-wrt)
     
    Jeff Liebermann, Jun 9, 2007
    #2
    1. Advertisements

  3. Malke

    Lord Possum Guest

    ======================

    Why go to all the trouble of detection? Why not set up your system with
    a decent 128-bit WEP security code?
     
    Lord Possum, Jun 10, 2007
    #3
  4. Malke

    Craig Guest

    Fwiw, WEP has been superseded by the WPA & WPA2 security systems. A
    decent overview as to the whys and wherefores can be had at:
    <http://en.wikipedia.org/wiki/WPA2>

    -Craig
     
    Craig, Jun 10, 2007
    #4
  5. Malke

    Malke Guest

    Thank you very much Jeff Lieberman.

    It's rare to see such a definitive response to a users' question as yours.

    You're in the top few percent of helpful posters! I, for one, will check
    out each of your recommendations, in order, starting with AirSnare freeware
    to detect who is connected to my wireless router!
     
    Malke, Jun 10, 2007
    #5
  6. Malke

    Malke Guest

    I don't seem to have an option for WPA2 on my Windows XP Service Pack 2 for
    some reason. Did I miss something?

    How do I know if I can use WPA2 on my PC when the option does not show up
    in the wireless network?
     
    Malke, Jun 10, 2007
    #6
  7. Y'er welcome, but I do wish you would spell my name correctly. It has
    two n's at the end. The 2nd one is a spare in case I get rear ended.
    I was bored. However, don't worry. It won't happen again.
    I've been told I am beyond help(ful). Be careful, I'm also fairly
    sloppy and do make some mistakes.
    If you sniff traffic between the modem and router, you'll need to
    install some kind of a hub in between. Note that I said hub, not
    switch. A switch will not show the traffic on the monitor port. A
    hub has all the traffic appearing at the port. An old 10baseT hub
    should work fine for all but the fastest cable modem systems.

    You can also build a crud passive ethernet tap. (I carry one in my
    troubleshooting case).
    <http://www.snort.org/docs/tap/>
    It took me several tries to get the wiring correct so be careful.

    Good luck.
     
    Jeff Liebermann, Jun 10, 2007
    #7
  8. Yep. MS was a bit late on adding WPA2. They still haven't added all
    the multitude of authentication schemes. You need yet another update.
    See:
    <http://support.microsoft.com/kb/893357>
    <http://www.microsoft.com/windowsxp/using/security/expert/bowman_wirelesssecurity.mspx>
    You might want to run:
    <http://windowsupdate.microsoft.com>
    and select "custom" instead of the usual "recommended". Then install
    the kitchen sink.
    Install KB893357.
     
    Jeff Liebermann, Jun 10, 2007
    #8
  9. Kissbuttware
     
    Krazee Brenda, Jun 10, 2007
    #9
  10. Malke

    Adair Witner Guest

    This looks pretty simple to build however I am curious to know why one
    couldn't make this work in full duplex with three jacks?
    It seems having three interfaces would hash something up..
    I could walk to my work van and have one built in just a few minutes and
    test it I suppose.

    Any thoughts?

    Adair
     
    Adair Witner, Jun 10, 2007
    #10
  11. Easy. Each of the two middle jacks has only the receive data lines
    connected to the sniffing computah. You can safely attach more than
    one receive load to a single transmit line, without doing too much
    damage. In this derrangement, there's only on source of data.

    However, you cannot put two transit lines in parallel. If you did
    that the resultant data would be a mix of the two transmit lines and
    look like garbage.

    In case it's not obvious, the two middle jacks sniff data in one
    direction only. The #2 jack sniffs data coming from the #1 jack. The
    #3 jack sniffs data coming from the #4 jack. If you want to sniff
    data in BOTH directions simultaneously, you'll need something more
    sophistocated, like an ethernet hub (not a switch).
    It's quite handy. I prefer to use the monitor port feature found on
    most Cisco switches, but some of my customers don't like me
    reconfiguring their sacred router/switch, especially if it's under
    service contract with some systems management outsourcing company. I
    usually carry a 10baseT hub and a 100baseTX hub (not a dual speed hub)
    with me, for when I need to sniff in both directions. Now, if I could
    only find where I put the wall warts to these...
    It's Sunday. Thinking is optional.
     
    Jeff Liebermann, Jun 10, 2007
    #11
  12. Do really believe you can hide?

    In your end do you believe you have made your free choice?

    Is there something else you might want to confess, be a witness and
    participant in the dialogue here at freeware and if you answer me I might
    consider that some people, also known as human beings have caught the
    Light that Lights the footpaths of all the Holy People into the most
    Incredible SunRise,
     
    Global Warming, Jun 10, 2007
    #12
  13. Malke

    Malke Guest

    I've often read of the top ten dumbest wireless security advice, trusting
    in MAC address filtering is always high in the list of mistakes to avoid.

    In fact, the fallacy of MAC address filtering is listed as the number one
    wireless security mistake in some articles such as
    http://www.ghacks.net/2006/06/17/six-wifi-security-myths/

    All I'd want is software that tells me the IP & MAC address of all the
    computers hooked up to my network. Is that too much to ask for?
     
    Malke, Jun 11, 2007
    #13
  14. Malke

    MoiMoi Guest

    Well, the Linksys does that itself.
    I have the WRT54GS
    Just look in modem URL under Status/Local Network/DHCP Clients Table.
    Shows every puter currently logged into your router by puter name, IP,
    and MAC address. The IP of course, will be one of "yours".

    MM
     
    MoiMoi, Jun 24, 2007
    #14
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.