Home
Thursday, September 21, 2017
3:01:02 PM
Users online: 0   You are here >> Home > Security

Forums | Security Forums search
Forum FAQ
   
  1  
Looking for a program to moitor users on Wireless Network
Fat_Bodybuilder 
12/9/07 6:41:02 PM
Champion

Hey everybody, I have the strangest feeling that someone is tapping into my Wireless net, as my usage is sky rocketing. I have upped the security as of now, but was wondering if anyone knows of a program that can monitor the users on the wireless network, and maybe integrate it into FF or something.

The only prob is, there is a wireless network, but I am using an Ethernet cable from the router, so sinse I am not on the wireless network, can I check the users still.

Thanks,
FB

D-Link G604T Router.

Cheers

-----
If A is a success in life, then A equals x plus y plus z. Work is x; y is play; and z is keeping your mouth shut.

E6420 @ 3.2GHz | 2GB SOE | 965P-DS3P | HD 2900 XT

lew~ 
12/9/07 6:42:44 PM
Titan

Your router should have an 'attached devices' page or similar which should show all attached devices, both wireless and wired.

I'm not aware of any other way to check what wireless devices are around you without a wireless card in your PC.

-----

Fat_Bodybuilder 
12/9/07 7:02:17 PM
Champion

Quote by lew~
Your router should have an 'attached devices' page or similar which should show all attached devices, both wireless and wired.

I'm not aware of any other way to check what wireless devices are around you without a wireless card in your PC.



I have laptops with wireless functionality, but I use my desktop, and cant really go upstairs everytime I wanna check the thing, coz I'll become a pain I reackon.

Thanks for reply =)

-----
If A is a success in life, then A equals x plus y plus z. Work is x; y is play; and z is keeping your mouth shut.

E6420 @ 3.2GHz | 2GB SOE | 965P-DS3P | HD 2900 XT

lew~ 
12/9/07 7:19:32 PM
Titan

How about remote desktop to the lappy and run a few network monitoring apps?

Trying to remember some off the top of my head... netstumbler? can't remember if that will show nearby wireless devices or not.

Someone should be along soon to tell me I missed some completely obvious method as seems to happening lately :p


Edited by lew~: 12/9/2007 07:22:27 PM

-----

Placenta Boy 
13/9/07 10:35:40 AM
Charge

Yeha lews on the money. Log into your AP and check for attached devives and also check the logs (make sure your not using the default admin password btw). You should see MAC addresses that don't belong to you in those lists if someone has been getting in.

You could download backtrack or something similar, load it onto your lappy and start sniffing the air, see whats happening on the air waves.

But yeah, just secure it properly.

The newest WPA which your router supports, chronically long random key (like 25 chars)

Disable DHCP on your AP if thats an option for you, change your IP address range to something more obscure.

Then chuck on some MAC filtering. MAC filtering can be bypassed easily but throw it in with some strong WPA and you will be very safe... for fair while anyway.

Or are you trying to set up your own little honey pot and spy on people using your shit?

-----

Nuganen 
14/9/07 8:35:03 PM
Serf
MAC filtering is a waste of time why becuase now ppl can change their MAC
all you need is WPA with 25 or more character pass key like 'Placenta Boy' boy said

or just disable wireless if your not going to use it simple

-----

lew~ 
14/9/07 10:34:26 PM
Titan

Quote by Nuganen
MAC filtering is a waste of time why becuase now ppl can change their MAC
all you need is WPA with 25 or more character pass key like 'Placenta Boy' boy said

or just disable wireless if your not going to use it simple


I agree with the WPA passphrase, however the longer the better.

But with regards to MAC filtering being useless - that's what I thought and posted on Whirlpool in a thread to that effect and was told by a few people that it's flawed logic essentially.

Here's the thread if you're interested: http://forums.whirlpool.net.au/forum-replies.cfm?t=809585#r10 (my user id is jamhats)

I'd love to hear your opinion on it though.


At home I run WPA-PSK AES encryption with a 63char key. SSID enabled, DHCP on and no MAC filtering.

Something that may be of interest: http://support.microsoft.com/kb/811427

I figure if someone has the time and energy to crack my wpa key, they deserve access to my network. :)

-----
Quote by DUMDUMDOG
Or because your an arse hat.



aliali 
24/9/07 8:28:07 AM
SuperHero
Immortal


Also check the AP settings as some allow for emailing logs on a regular basis.

-----
There you go, man, keep as cool as you can.
Face piles
And piles
Of trials
With smiles
It riles them to believe
That you perceive
The web they weave
And keep on thinking free.

chrisbrownie 
3/10/07 11:36:55 PM
Guru

Quote by Nuganen
MAC filtering is a waste of time why becuase now ppl can change their MAC



Well in fact you're partially correct, but not right on the money. For the minimal amount of time it takes to walk to each PC and do an "ipconfig /all", it is well worth using MAC filtering as it just adds one more (however weak) form of protection to your network.

-----
Quote by brains
Remember, Fruit is your new god. And by god, I mean Ctrl. If you don't like calling it Fruit, call it Apple. Or call it Command.


Filthy rotten spammers...
freespace 
7/10/07 1:44:24 AM
Hero
Titan


Get yourself a not-windows box and run some IDS software on it.

-----
By perseverance the snail reached the ark.

http://www.shuningbian.net - blog
http://www.shuningbian.net/DebunkingCreation/ - the other side
its f reespace damn it!

FoX 
22/11/07 1:40:15 PM
Disciple

let the access be freeeeee!

as per dan rutter's latest atomic article i wish access points that were open were more abundant.. i do hate leechers but for simple connectivity to the internet; low bandwidth stuff, it would be great if there were more open access points and less crazy leecher types..

my next door neighbour has horrifically under secured wireless, i cant say i've ever leeched off it, but i have used it to load a few web pages when the firmware on my router went down!

-----

Xphiled 
15/12/07 6:32:16 AM
Learner

A few programs i use are Net Limiter 2, CommView for wifi and Net Stumbler. Hope they can give you some help.

-----
Jesus Saves
Passes to Moses
SCOOOOORE!!!!!!!!!!!

lew~ 
15/12/07 12:40:40 PM
Titan

Quote by Xphiled
A few programs i use are Net Limiter 2, CommView for wifi and Net Stumbler. Hope they can give you some help.



Too slow man! They hackers have probably killed him by now!

;)

Point of this post? Wanted to say thanks for the CommView suggestion, I hadn't heard of it before and it looks awesome :)

-----
Quote by aioth
Lew~ is exactly right.

Xphiled 
15/12/07 10:59:52 PM
Learner

lol and double lol.

-----
Jesus Saves
Passes to Moses
SCOOOOORE!!!!!!!!!!!

Fat_Bodybuilder 
16/12/07 7:23:53 PM
Guru

Someone... please... call. the... funneh.... poliiii *dies away...*

-----
Confucius say: He who speaks without modesty will find it difficult to make his words good.

hmboy 
12/1/08 3:58:58 PM
Champion

kismet on linux using passive mode wireless adapter will allow you to see who is connected to what network..

-----
Conroe E6600 | 2gb Corsair TWIN2x2048-6400C4PRO | Gigabyte GA-965P-DS3 | INNO3D 8800GTX | Silverstone st60f 650w Modular | Lian Li Pc-7 Plus | Pioneer DVR-111D | DUAL CFA-631 crystalfontz LCD | Creative X-FI |150GB RAPTOR X | 2x 320gb Raid0 | 1x 500GB sat

shawns_maggot 
19/1/08 4:17:19 PM
Serf
There is a program called Network Magic ( http://www.networkmagic.com/) which allows a visual representation of your home network, this way you can see any users who are alien and kick them off your network.

-----

Linux_Inside V2 
28/5/08 11:47:51 AM
Immortal

Quote by hmboy
kismet on linux using passive mode wireless adapter will allow you to see who is connected to what network..



Yeah, but can be daunting to people who don't know what they're doing!

You need to remember that it'll show you MAC addresses for machines on the physical lan as well as the Wireless one, there's a field there that tells them apart though.

-----

Fat_Bodybuilder 
28/5/08 7:20:17 PM
Titan

Not suppose to bump old threads:


---BEGIN SPOILER

Noob

---END SPOILER


:P

-----
Q6600 @ 4.050GHz, 1.7v | GA-X38-DS4 | Silverstone ST50EF | 8800GT @ 730\1800\2060 | HR03-GT | TR Ultra 120 | 2GB OCZ S.O.E | CM aMMo 533

I once had my E6420 @ 1.8v on air. How did I do that, you ask? Coz I'm fuckin' insane, bitch, that's how!

jbishir 
28/6/08 12:06:21 AM
Serf
Or you could build a mikrotik wireless router, this way you can log into it via your ether1 port and look at the registered clients on the wlan1 card. This will tell you their mac address, there ip address they got from your mikrotik router. It will tell you there last activity time, their uptime, you can use the torch option and see all their destination addresses. Mikrotik has some of the most powerful and user friendly devices today. You could create a free hotspot, or you could open it up only on fridays between 5pm to 6pm, if someone is surfing and you dont like them, you could move to the access list and remove their mac, then they will never be able to connect to your ap. You can use mac authentication, wpa/wpa2 authentication, you could use AES data encryption if needed. I suggest buying one of these for around 160.00 bucks, you can put ether1 on a 192.168.10.0/24 network and you could put the wlan1 network on 192.168.20.0/24 and now the wifi mootches have no way of accessing your data on your network. You can create vpns, pppoe connections and all sorts of other really secure connections. Email me if you want me to build you one.

-----
Sooner or later, even the best can be beat

  1  
Forums | Security