Is someone using my internet signal?

[kbaasit]

Hi someone here tell me how I can go about seeing whether or not someone out there in this wireless world? At the moment I am connected directly to my cable provider. but soon plan to use this Hawking G Router I bought real (5$ cdn after rebates).

Any tips in what i should do, how to effectively set a wireless connection to the internet up? I plan on setting my sons PC 9 - a P3 1ghz, tower. His is running winXP mine W2k.

thx

[sgtvampire]

A lot of routers will assign IP addrsses for anyone in the network via built-in DHCP. You may want to check the router interface to see if it has a log of assigned IP addresses and check to see if anyone is using the wireless signal your not aware of. Depending on the router, you can set up encryption for the connections. Only problem is it is touchy and sometimes the computers will connect, but not get an address because of a security setting problem

[blue60007]

Right, you can encrypt it (WEP) and you'll need a network key to be able to log in. And if you log into the router's control panel. Check the documentation that will come with the router, but most you put 192.168.1.1 into your browser then log in as the default admin/password. From there there should be something like "Attatched devices" and all attatched devices will be displayed with the IP address and MAC address.

So if you know your son is connected an you are connected (wether wirelessly or wired), you should only see two computers listed.

[GaryRouth]

Late reply here -

For the absolute highest level of security: look in the documentation that came with your wireless router, and see if it allows for setting the firewall to allow connections by MAC addresses. If it does, you can set the router to ONLY connect to the computers whose MAC addresses you've entered in that list.

The MAC address is unique to the network adapter in your computers. No two adapters have the same MAC address (it's rather like the Pentium IV cpu ID's one-of-a-kind number - no two cpus have the same number).

To find the MAC address of your computers: in the Start/Run box, type "cmd" without the quotes. This should yield a window with a command prompt. At the command prompt, type "ipconfig /all" without the quotes. For each adapter, you will see a "Physical Address" - that's the MAC. Write down the MAC addresses for the WireLess adapters, put them on the router's MAC list in the Firewall or Security section of the Setup, and sleep well at night.

Make sure, too, to change the admin username & use a strong password to protect the router itself from being hacked. Write them down & store in a secure place, since it's impossible to remember every password after enough time has gone by. [If you have to, for an emergency a "hard" reset would wipe the router back to it's original settings = but then you'd have to set it up again, and once again set up the MAC addresses, admin username & password.

Enjoy your new wireless
. . . Gary

[P.S. -- encrypting your data is a very good idea - essential, really. If WPA encryption is available on your model, by all means use that. If the Win2000 adapter doesn't support WPA, use WEP for now & consider getting a WPA compliant wireless adapter = it really is that much better].

[Kov-Ice]

What's the difference between WPA and WEP?

[GaryRouth]

Here's a link to a fairly thorough answer to the question about the differences between WEP and WPA http://www.winplanet.com/article/2993-.htm


Basically, WPA is a bit more recent, and a bit stronger protection.
. . . Gary

[kkjensen]

One thing I see so many people forget to do is to change their SSID name and to disable broadcasting. Most manufacturers use simple SSID names such as LINKSYS or DLINK and enable the broadcast by default. After setting up all of your encryption make sure you do not forget the basics. Remember, if you are only using your Router to share your internet and have not enabled networking encryption really isn't necessary (ie you have a laptop you want to surf with within your house). If you do not change your SSID name and disable broadcasting, anyone can pull up by your house and they will automatically pickup your signal and SSID name allowing them to immediately use your services. My PDA has WiFi and without faill I will leave it on and after returning from downtown it will have picked up no less than 20 open connections....

[Statica]

Just as a further note, a lot of manufacturers are offering firmware updates to provide WPA2 as an alternative to WPA. Check with your router mfger if such updates are available.

[Kov-Ice]

I guess alot of the older/less expensive routers are going to have WEP only, right? So as long as the SSID name is changed and the encryption is coded, it should give some semblance of protection from the neighbors, yeah? Does the higher encryption (128 bit) slow the network connection down more than lower bit levels?

[GaryRouth]

If you are lucky enough to have hardware that's within a firmware upgrade of being WPA-2 compatible (like Statica mentions), you won't see any performance penalty at all http://www.techonline.com/community/...internet/37081

One reviewer seemed to think that quite a good percentage of units built since 2002 have compatible-enough hardware.

You can Google "performance penalty" WEP, then "performance penalty" WPA, then "performance penalty" WPA2 -- this will reap several articles with speed samplings. The reviews I've seen generally show about a 10% performance penalty for WPA-TKIP. WEP comes in at a little less than that (and is a little less secure). WPA2, in all the reviews so far, shows no penalty at all.

I doubt that performance differences would be noticeable until large files are involved - and even then a 10% hit isn't very much.

. . . Gary

[kilgoretrout]

There are a lot of myths about wireless security. Here's two articles exposing some of those myths:

http://www.oreillynet.com/pub/a/wire...sshacks_chap1/
http://blogs.zdnet.com/Ou/index.php?p=43

Bottom line, SSID stealthing, MAC filtering and WEP are very easily cracked by anyone with a few widely known tools. In fact SSID stealthing and MAC filtering can be defeated in minutes. WEP can be cracked in about an hour. WPA is the only effective means to secure a wireless network. Don't buy any wireless router without WPA if your at all sensitive about security.

[Kov-Ice]

I didn't look around very closely on my router... I have encryption options for WEP, WPA, and WPA-PSK. Is that last the second generation?

[GaryRouth]

Kov-Ice - Looks like WPA-PSK is actually a weaker implementation of WPA. The PSK stands for "Pre-Shared Key". http://blogs.zdnet.com/Ou/index.php?p=9

kilgoretrout - Looks like I'd better read up a bit on wireless security. The links you provided are pretty enlightening. Looks like MAC filtering only keeps out folks without hacker tools (that is, decent people, who wouldn't bother in the first place). Seems like wireless devices should have been designed to encrypt the MAC address from the very start.

That some newer flavors of WPA2 can use strong encryption is a nice step. Why it's taken this long to get to this step mystifies me. http://blogs.zdnet.com/Ou/?p=67

The tinyPEAP folks were able to put PEAP on a recent model Linksys, and I read that some Gateway 7000 model access-points have it builtin.

All those topics can be Googled for more info. I imagine the folks in the Security forums have heard about this stuff for longer than I have. Back when I worked at the medical lab, wireless wasn't even considered as an option, for privacy/security reasons.
. . . Gary

[ktkendall]

I also would and do disable DHCP and set static IP on all my PC's, although most anyone that would be smart enough to go around trying to hack wireless networks knows the routers defaults 192.168.1.x.... I keep my wireless disabled though unless we are using it, but in our case we rarely use it...

[sgtspector]

I found a pretty good way to see who is connected to your network is to run a freeware program called "Angry ipscan". You can put in whatever range of ip's to scan for the presence of a live box. You get a pretty good list of info on each machine thats connected including the mac address of each which you can than enter into your router setup to include or exclude them. And like i said the price is right. Here's link to the download page [URL=http://http://www.angryziber.com/ipscan/]. Hop this helps.