I was setting up a wireless notebook & new Linksys SRX 400 router the other day and I was astounded I could pick up 2 open networks from my suburban living room. Just for a lark I hopped on and surfed on them for a minute of so, but paranoid that that (somehow) it opened my WEP key protected home network to them I hopped off.
Obviously if I’m stupid enough to be sitting in a car outside with a notebook it’ll be fairly obvious, but if I’m sitting in my bedroom with my notebook surfing on the open wireless connection of my clueless neighbors how will they ever know?
It’s pretty easy to monitor activity on your cable modem. Heck, just watching the flashing lights would probably indicate that something was going on. On my modem, you can bring up a web page that shows ingoing/outgoing activity in bytes.
I’m sure you can get some kind of sniffer that actually records the byte flow through the modem as well.
Or an angry neighbor who wonders how the hell you managed to ‘hack her system’ and what in the hell are you doing stealing her data and so on and so forth.
Anyone running an open relay like that is going to be fairly ignorant about computers, and ignorance breeds fear. Especially if they also still watch network news.
They can tell someone’s using their network, but it doesn’t tell them who. There really isn’t a way to tell that. Sure, the MAC address is unique to each computer, but there isn’t anything that ties that to a specific individual or location. So unless they can do some detective work (i.e. they notice the same MAC address connect to their system 20 minutes after you come home from work every day) there’s really no way of knowing.
If I’m not mistaken, the MAC address doesn’t change for the same computer.
If you notice the same MAC address is logging on and doesn’t match any of the computers in your network, all the wireless routers I’ve worked with will let you exclude a specific MAC addresses.
The problem with this is that users who are savvy enough to check for “foreign” MAC addresses are NOT the same users who would leave a wireless network unprotected in the first place.
I teach university classes, and one of my students let slip that her Internet connection is free–as long as she can tap into the wireless network of the business next door. It seems incredible to me that a business that would invest in wireless networking would have a completely open network, if only because the “extras” would slow down their connection.
One of my friends had her credit card number stolen (probably at a restaurant). The person who stole the number placed orders for a significant amount of money by tapping into an unprotected wireless network, and just had the good delivered to my friend’s address. Since they aren’t typically home during the day when UPS delivers, it appears that the thief/thieves just planned to watch the house for the delivery, then snag the package while no one was home. The plan was thwarted when my friend ended up home with a sick kid when UPS delivered $5,000 worth of merchandise that she had not ordered.
The company that the goods were ordered from had the IP address of the computer that placed the order. That IP addressed was traced to an honest school teacher who had an unprotected wireless network. The thieves apparently tapped into this guy’s network to place the order from outside his house, making it virtually impossible to figure out who definitely did it. (The guy’s computer’s MAC address was different, proving that he hadn’t placed the order.)
The moral of the story: If you have a wireless network, find out how to prevent unwanted users. This can not only slow down your own access, but can actually open you up to a criminal investigation if your network is used for illegal activity.
I was refering to modifing the MAC address that your computer reports. I could in theory listen in on traffic at your house and see what mac addresses are working on your network and configure my computer to have one of those. Then I could get on your network.
Or they could run a packet sniffer, capture your traffic, and reconstruct the sites you’ve visited and the exact data you’ve posted using non-SSL web sites (eg, your SDMB password). With enough data, they might be able to get a pretty good idea of your identity.
I will be the exception to that rule, one of the advantages of rural living is not needing to worry about my neighbors. Heck, I can’t get my own network more than 80 feet from my house. It’d be pretty obvious if someone was stealing my bandwidth
To answer your question, the ways they would notice are
[ol][li] You download every episode of “Gilligan’s Island” on Usenet in one month and blow their bandwidth cap, meaning they get an email.[/li]-They’d probably figure that out PDQ, or the tech’s would if they called support. Not going to happen if you just surf a bunch of websites and check your mail.
[li] They check their modem lights and get suspicious.[/li]-Unlikely, as random packets are sent quite often regardless of internal network traffic
[li] They check their wireless router WIFI connection list and notice a foreign MAC or (more likely) that there are more entries than they have PCs.[/li]-Still fairly unlikely, as IMO anyone savvy enough to check would have enabled at least basic encryption already. All the neighbours wireless routers I can see still have the default SSID and administration password. (Just checking! :))
[li] The wireless router is somehow connected to a connection that dials up when a connection is requested.[/li]-Also unlikely, unless you’re in a place where cable and DSL modems are pricy or not the norm.
[li] Your Windows PC scans the network randomly as MS OSs are wont to do, and triggers the 3rd party firewall software they have on their laptop.[/li]-I’d put this at the most likely so far. Some firewall software can be pretty touchy, and the Windows SMB service likes it’s packets.
[li] Some other thing I can’t think of right now.[/li]-Most likely, probably.
[/ol]
I notice your question was about me though. My network actually is pretty open. If you connect through one of my wireless routers (I have two running just 'cause I have them :D) then my server will assign you an IP in the “unknown MAC” range, which is filtered by my routers to only allow email, web surfing, and activities involving ports > 1024. (Meaning you can’t see my machines or shared files).
I rarely check who’s connected to the routers, but I check my bandwidth useage at least every other week, and if anyone was abusing the facilities I’d have to lock them out and have a word. (It could just be the neighbourhood, but I can’t really say anyone’s used it so far. :))
Make sure you don’t name your computer ASTRO-YOUR-NEIGHBOR either. My router software shows the names of the computers conected, too Actually it’s the software you install on your machine that shows up in the taskbar - don’t even need to log into the router to see that info.
Give it a try. Once you’re on, Ill take a peek in your shared folders, and whatever else I can hack into, and delete a bunch of your files. Mabey look for some of your passwords and credit card info, or your temporary internet files and steal some of your online banking cookies, then do some real damage.
Moral…its just as if not more dangerous to go onto an unsecured wireless network as it is for the person hosting the network. Funny thing is, it would be a lot harder for you, the bandwidth theif, to know that I was surfing your computer from my network than the other way around, unless you were savvy about these kinds of things.
Unlikely. Any shared folders with write permission for user Guest could of course be altered, but mrrealtime is indulging in a bit of scaremongering; any reasonably up-to-date PC isn’t going to have any avenues of attack that way.
Note that the owner of the AP could indeed be intercepting/altering any unencrypted traffic (email, regular websites, IM, etc) sent over the network, though that doesn’t include information from banking traffic, which is always done over SSL and so is encrypted anyways.
Of course, interception of data can occur on any open APs anyway (even yours), as anyone in range can sniff all the network packets they want.
Hmmm… lots of paranoid, unneighborly people here. I leave mine completely open for anyone at all to use. It’s never abused. I don’t see what the big deal is. Of course, if at some point there are rows of cars parked outside my house in the quiet, semi-rural street out front, I may feel abused and discontinue service.
I also don’t feel guilty using open networks, although I avoid networks I know are set to the default name (honest, I do), because chances are that’s just an ignorant, barely computer literate user. Other than that, there’s not real protocol for knowing which open networks are “good-will” or which are stupid-people-owner networks. My opinion is that anything that’s open should be fair game, but the courts recently have been disinclined to agree with me.
Of course, asking sometimes is all that it takes. At my parents-in-law’s house, there’s a closed network in the kitchen store below. Of course my father-in-law owns the leased-space, so he introduced me to the store owner who very politely let me have the password to his network and told me I looked like Ben Afflek for some reason.
