Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[mysticalunicorn]

Hi,
I am having a problem with a person that keeps getting on my wifi even though it is wpa2 and a pretty strong password. Is there any way to block the person? Changing the passwords isn't helping. The only information I have on the person is the mac address that comes up. Any help would be most appreciated. Thank You.

[Hard Harry]

You sure its not just someone or something that your giving the password to? Like a BR player or a phone? Or maybe a friend of a family member that lives near by the someone is giving the password to? Its not kids stuff to break WPA2. Also it would likly show up in your router logs too, unless they are just very good at guessing. Yes, it can be done other ways but brute force, I think thats beyond the realm of probability here. But if you want to increase your security, here are a few tips.

1. First, go wired for a few days. Stop wireless all together. Chances are, with no target, they will get bored and move on.

2. While wired, set "Enable Graphical Authentication" and choose a long random admin password. This is a good site to use to pick one. Just be sure to save your router's configuration and write the password on a sticky you stick to your router.

3. When you enable your wireless again, set your SSID to Invisable. For anyone that can break WPA2 this doesn't slow them down, it just makes you less of a tempting target.

4. Set your security to WPA2 with AES only cipher(assuming your network is compatible). Not only is this more secure but can give you tiny tweak in performance.

5.Turn on Mac Filtering and Only allow those in your list to connect. This will make connecting your new devices you may get harder to connect, but give a decent speed bump to anyone trying to access your network.

6. Decrease your DHCP IP range to just the amount you need. Be sure to set DHCP reservations though to stop possible IP conflicts.

7. Decrease your DHCP lease time and turn off DHCP broadcast. This is over kill I think, but it does make it a bit harder for them.

8. Decrease your Group Key Update Interval. Its in seconds. Anything under 400 is probably probably little gain, and this will cause possible problems with your own network, particularly devices that go into standby or use power saving modes (IE Iphone).

You could go even further two with 3rd party firmware, exploring WPA Enterprise or building your own firewall, but the effort to gain ratio is not really in your favor. And as you see, the suggestions get harrier and more troublesome as you go down that list. Anything past 5 may give your some headaches, so be warned.

PS. Another option is to monitor instead restrict. Make your network wide open then use a packet sniffer and set up some parental controls to monitor sites. He may just be some Copy pasta script monkey that once connected, doesn't know anything else. If so, it may be easier to just find out who he is and knock on his door.

[Skello]

WPA2 is pretty much unbreakable at this point, so unlikely for them to have cracked your WiFi password. The best guess is that they stole it. Could be through a trojan/keylogger already installed on your system.

Each time you change password, you need to retype it on the laptop or whatever you use. If they have something logging your inputs, they will get the new password.

As far as security is concerned, WPA2 with AES is best as Hard Harry said. Not only that, but it's the only encryption standard which allows 802.11n speeds. It's in the standard specification. If the standard is implemented correctly, anything else than WP2 with AES will limit you to g speeds.

In addition to malware scans on you systems, MAC Filtering seems the most sensible solution, especially if you don't connect new devices too often.

PS: If I'd catch someone doing this to my network, I'd have some fun with him when he connects. Turn the tables around a little bit and hack everything he owns online. I always like a good challenge

[Hard Harry]

Yea, I agree. Alot of what I put down was over kill and would probably cause more problems then it would hinder someone getting into your system. WPA2 with AES and Mac filtering is probably the best your going to get realistically.

The funny part is, it sounds like how ever they're doing it (with the exception of guessing/knowing a family member/etc) they are likly doing it more for the challenge and to learn how to do it then actually using your internet. Crafting a keylogger trojan and getting it onto your system just seems like more work then gain.  I still personally think its just one of your own devices on your network you don't reconize, but either way good luck.

[FurryNutz]

I would also make sure that your routers Admin password is changed and not given out. Only your or someone you really trust should have it.

[smlunatick]

Just to add to this thread.  Also get a spyware scanner and check all / any computers that you use to change the router's password.  A keyboard scanner can track the keys typed.

[mysticalunicorn]

thank you all for the responses and help. made all of the suggested changes and will see if that helps the situation.