Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Someone using my open wifi

jared_kipe

jared_kipe

macrumors 68030
Original poster
Dec 8, 2003
2,967
1
Seattle
I just discovered someone was using my wifi, that I opened for a friend who was having a problem with WPA. I don't want to be malicious to him, but I want to send him a message about what he's doing, and maybe see if he wants to keep using my bandwidth (maybe for a fee). Is there any way on my macs to get his email address or AIM or something. Like a Man in the Middle attack, but only using osx?

Or some other way to track him down?
 
Knocking on doors is the better way, IMO. Also, either close the WAP or secure it in a better way that it currently is (MAC address authentication may cover that).

Hacking someone with the intent of sending them a message most likely isn't lawful in itself, nevermind the fact that he's using your open WAP in an unauthorized manner.
 
oh yeah, I have his IP and MAC obviously. Secondly I don't know what doors to knock on. The computer is a name which doesn't appear on any of my apartment's current resident list.

Secondly, I legally OWN this network. So I don't see how it would be legally questionable for me to send him a message. And I don't mean send him a message like is in the Godfather sense. ;)

Oh and I plan on securing it once I get in touch with him. I plan on either giving him the WPA password or not.
 
jessica. said:
How do you know he/she is using it?
Click to expand...
Not only does he/she show up on my DHCP table he/she has the coveted ip address 192.168.1.101

I'm using a Linksys WRT 54GS with current firmware.

EricNau said:
So your going to track them down, just so you can give them your password?

Just close up your network and call it a day.
Click to expand...

Thats no fun at all. And not exactly helpful.
 
Oh wow, this has been super helpful. :rolleyes:

For one thing blocking MAC address wouldn't be anwhere near as useful and WPA. They could always use a router, or spoof their MAC address.
 
Why do you want to know who it is?

If it bothers you that someone is using your internet, enable WPA, and create a closed network.

OR...

If it doesn't bother you, just leave him/her alone.
 
jared_kipe said:
Oh wow, this has been super helpful. :rolleyes:

For one thing blocking MAC address wouldn't be anwhere near as useful and WPA. They could always use a router, or spoof their MAC address.
Click to expand...

It's more likely to be opportunist bandwidth theft. Block the MAC address and see if that gets circumvented. If that happens, set up your router to only grant access to specific MACs and add your friend to the list. All others will be refused a connection.

I'm sure more technical members will tell me there are a dozen ways to get around this too, but, I'm sure it is just opportunist and it's happening simply because there are no restrictions whatsoever at the moment.
 
Marky_Mark said:
It's more likely to be opportunist bandwidth theft. Block the MAC address and see if that gets circumvented. If that happens, set up your router to only grant access to specific MACs and add your friend to the list. All others will be refused a connection.
Click to expand...
I didn't know there was an option to block only certain MACs (partly because it's utterly pointless). Also, on the subject of spoofing MACs, while it's a doddle for wired interfaces, spoofing on wireless is very hard and requires kernel modding and constant reboots (and that's even if there's a way of doing it for your chipset - the Broadcom in the APE was only done a short while ago, and it was very messy
 
I really don't mean to be rude here, but even if you own the access point, that does NOT give you the lawful right to crack his machine. What I offered earlier is considered wise advice. I once heard via my work connections that someone had logged into someone's machine that had been trojaned and was spamming IRC channels. That someone logged into that machine to clean the trojan. While his intentions were good, he got sued later on.

In your case, I don't think that the "its my WAP" argument will cut it in court (not that I'm a lawyer, but I AM an IT security professional).

You want your cake and you want to eat it. Be my guest but when you get into legal trouble, I don't think your excuse is going to fly.
 
Koodauw said:
I would try Samba Message.

Clicky
Click to expand...
Thanks, it didn't find any Samba Shares though.

EDIT: Is there maybe some way to make it so all html requests go directly to a website I set up that tells him to email me?
 
Just block him. It's some stranger. If he's doing something illegal (piracy, kiddie porn, whatever) then guess who the FBI will trace it back to...yep, that's right. You. I wouldn't give ANYONE access to my WiFi network unless I personally knew them.
 
yg17 said:
Just block him. It's some stranger. If he's doing something illegal (piracy, kiddie porn, whatever) then guess who the FBI will trace it back to...yep, that's right. You. I wouldn't give ANYONE access to my WiFi network unless I personally knew them.
Click to expand...

People get off file sharing suits all the time by saying they have an unprotected wireless network and that someone else must have done it. It must be true I heard it on the computer internet.

EDIT: Looked up his MAC address and found the manufacturer is Intel, so its probably a centrino notebook. I'll try the smb thing again later, and told my router to keep logs.
 
jared_kipe said:
People get off file sharing suits all the time by saying they have an unprotected wireless network and that someone else must have done it. It must be true I heard it on the computer internet.

EDIT: Looked up his MAC address and found the manufacturer is Intel, so its probably a centrino notebook. I'll try the smb thing again later, and told my router to keep logs.
Click to expand...

Ignorance of facts don't mean you can't be held liable. "I didn't know the gun was loaded" comes to mind.

If you've got an open AP, expect leechers to leech. I doubt they'll jump on your offering of services for a fee either.

Also, this could be someone who may not have their internet settings set up correctly. Whenever I boot up my laptop, the first thing it does is connect to my neighbor's open AP (who happens to be my sister and brother-in-law).

FYI, you can usually have an open AP and still be able to only service a few IPs. You should be able to tell your IP to only serve X amount of IPs, but this will depend on what make and model AP you have. I have mine set at 5. My particular AP also blocks given IPs.

Contacting the person by SMB may or may not work either, as that person might be savvy enough to know how to turn off netbios and SMB sharing, if he even has a Windows machine. It could be a non-Windows OS on his machine. You can find out alot of what he's doing and what he's using if you sniff your AP's traffic (tcpdump via commandline can do this).
 
Is there not some way to make it so when the guy stealing the bandwidth attempts to load a webpage, it redirects to a specified file, that'd be an easier way to give him a message.
 
Give me your static, then allow and direct full access to the DHCP address he's using through your router. I'll do the rest. :)
Actually, WPA will work for most people using casual access. The odds he/she is even ABLE to crack the security is remote.
Go down the good path, not my scorched-earth method. :)
 
I'm not sure if the WRT54GS works like my WRT54G did, and I forget how the WRT54G worked before I installed the hacked firmware on it, but I believe you can set specific MAC addresses to allow as opposed to (or in addition to?) ones to forbid.

So only allow MAC addresses of devices you know.

If s/he hacks that, which is non-trivial (but possible), then go to straight to authentication and don't pass go - they're not being a good citizen.

You could alter your network name to something indicating to call/see you for access... but that'd be a long name.... ;)
 
climhazzard85 said:
Is there not some way to make it so when the guy stealing the bandwidth attempts to load a webpage, it redirects to a specified file, that'd be an easier way to give him a message.
Click to expand...
No, but there is a linux prog called airpwn (I think) which allows you to do that to other comps on a network
 
Have no idea how to implement it, but assuming the leecher is using DHCP, then they are probably using the nameservers provided by the router.

So, set up your own name server, change the router to use your 'fake' nameserver (while you in turn have set your own machine(s) manually to use your ISP's)

Then use your fake Nameserver to direct all Web addresses to a single webpage you setup that says "You be leeching MY network, fool! Pay Up."
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back