Aug 3, 2011

How To Check If Someone Is Stealing Your WiFi & What You Can Do About It


WiFi running a bit slow lately? If your router is still using old security methods such as WEP, then there’s a very real possibility that someone has hacked in to steal your WiFi. In my article on Cool WiFi Devices You’ve Probably Never Heard Of, I showed you a $100 commercially available router that would automatically hack your WEP-protected WiFi network in less than half an hour. Apart from the obvious fact that your internet will be slower, the hacker might be using your internet to do nefarious evil things – all of which could easily be traced back to you. So how you can find out if someone is using your WiFi, and perhaps more importantly – what exactly can you do about it?

Check the devices associated with your router

This method is 100% guaranteed to see any devices registered on your network, but not every router contains this valuable info. Log in to your router by typing it’s IP address directly into the browser address bar. In most setups, either http://192.168.0.1 or http://192.168.1.1 should work, or it may be written on the router itself, along with the username and password you need to log in with. If you can’t find a password anywhere, and don’t remember changing it, then check the database of default passwords here, or phone your ISP (assuming they gave you the device).
Once logged in, look around a section called Attached Devices or Device List. On DD-WRT flashed routers, this is under the Status -> Wireless screen. You will find a list of all the IP addresses currently being used.
On my standard Virgin Media router, I found a list under the IP filtering section.
Of course, not all your devices will have helpful names, so you’ll need to figure out the IP address of each computer and WiFi device you own in order to cross-check them against the list. I covered how to find your IP address a few days ago when I showed you how to control your torrent client from your mobile. Don’t forget that an iPhone or Android phone will also have it’s own IP address if it’s using your WiFi, so you’ll need to account for those too.

Track Them Down Physically

This may be taking it a little far, but running the MoocherHunter live CD tracking suite will enable you physically hunt them down by triangulating network signals. Scary stuff, indeed. You’ll a directional antenna for this to work best.

What to do about it

Basic Security – Stop using WEP

Any router purchased in the last 5 years or so should be able to support a more secure authentication protocol, so log in to your router again and find the Wireless Setting screen.
Change the security options to either WPA or WPA2. WPA2 is more secure, but I find it’s incompatible with some of the devices on my network so I chose the option that allows for both. Don’t choose the Enterprise option as it is designed for companies with authentication servers. When choosing your password, make sure it is at least 15 characters long, includes upper and lower case letters, numbers, and punctuation.
There are some other methods that people will typically advise you to take, but put simply – they don’t work:
Hiding your SSID: You can hide your network name so it won’t be seen, but freely available hacking tools such as Backtrack will reveal them instantly.
IP filtering: This blocks out a specific IP, but changing IP is as simple as refreshing the connection.
MAC filtering: More secure since it blocks a device via the unique hardware address that is given out when it’s manufactured, but again, anyone trying to steal your WiFi can easily “spoof” their MAC address.

0 comments

Post a Comment