Unsecured networks - tracking who/where has been on it

Jon Frost

Jon Frost

Jon Frost

Permabanned
Joined
9 Apr 2006
Posts
1,608
Hi.
My friend has an unsecured wireless network she set up quite some time ago. When I say 'set up', the connected everything up, made no changes to the settings and just used the wireless network with no security.

Looking at it for her, I have enabled WEP and noticed onthe DHCP logs that IP's have been given out to several machines. As she only has a small laptop, someone has been using her network.

Is there any way that you can trace who these people are, or where they are. EG - Due NW at about 200 feet.

I think I know the answer to my question already.

But heres hoping :)

Ta

Jon
 
Jon Frost said:
Hi.
My friend has an unsecured wireless network she set up quite some time ago. When I say 'set up', the connected everything up, made no changes to the settings and just used the wireless network with no security.

Looking at it for her, I have enabled WEP and noticed onthe DHCP logs that IP's have been given out to several machines. As she only has a small laptop, someone has been using her network.

Is there any way that you can trace who these people are, or where they are. EG - Due NW at about 200 feet.

I think I know the answer to my question already.

But heres hoping :)

Ta

Jon
Click to expand...

Nope. theres nothing you can trace them with. Only can log what IP addresses has been issued. This is why wireless networks can be dangerous when left unsecure.
 
Depending on the router, you might be able to get the mac address and machine name, thats about it.
 
Jon Frost said:
Brilliant.
I thought this might be the case. Well she is secure now anyway.
Cheers.
Jon
Click to expand...

Also remember, a mac address is tied down to a machine. Further in depth for that it is acctually tied down to the network card not the pc itself, wheather it is onboard, PCI, PCI-E e.t.c. A mac address can be spoofed too though.
 
Ethics said:
Having recently setup my own wireless network i looked into the various forms of encryption, WEP really isn't very secure.

http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy

WPA and WPA2 are far better:

http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy#802.11i_.28WPA_and_WPA2.29
Click to expand...

Thanks.

A mac address can be spoofed too though.
Click to expand...

From a techy side of thing, how would you do this, change the properties in your network adaptor on the machine?
Cheers,
J
 
Jon Frost said:
Thanks.



From a techy side of thing, how would you do this, change the properties in your network adaptor on the machine?
Cheers,
J
Click to expand...

Some lan cards/routers support mac address cloning. There is also software available to change/spoof your mac. Nobody does it from my knowledge. You must be hiding something if you have to do this.
 
I spoofed a mac address in University halls of residence to get more than one machine connected, was the only way iirc
 
It is possible to find out where person is, but it will require specialised equipment. Thinkgeek sells a USB wifi spectrum analyzer, it helps tell you about signal strength and that sort of thing, so it could proberly be used to find whoever is connecting by moving around while using it and seeing if the signal gets strong/weaker.

Also if the person has a wireless computer, chances are he may have his or wireless router. Im not sure if its possible with all routers, but with my WRT54 GL using tomato i can see quite a few people routers in the surrounding houses, some of which are named. So if the wireless person does have his own router, he may have named it, making finding him slightly easier.
 
Dist said:
It is possible to find out where person is, but it will require specialised equipment. Thinkgeek sells a USB wifi spectrum analyzer, it helps tell you about signal strength and that sort of thing, so it could proberly be used to find whoever is connecting by moving around while using it and seeing if the signal gets strong/weaker.

Also if the person has a wireless computer, chances are he may have his or wireless router. Im not sure if its possible with all routers, but with my WRT54 GL using tomato i can see quite a few people routers in the surrounding houses, some of which are named. So if the wireless person does have his own router, he may have named it, making finding him slightly easier.
Click to expand...

huh? it might pick up wireless networks but remember a user could be connected to the OPS friends router not his own...

The OP thinks people are connecting to their friend's router there for how would a USB wifi spectrum analyzer work as it picks up wifi networks not wifi lan cards? If you get me?..
 
Dist said:
It is possible to find out where person is, but it will require specialised equipment. Thinkgeek sells a USB wifi spectrum analyzer, it helps tell you about signal strength and that sort of thing, so it could proberly be used to find whoever is connecting by moving around while using it and seeing if the signal gets strong/weaker.

Also if the person has a wireless computer, chances are he may have his or wireless router. Im not sure if its possible with all routers, but with my WRT54 GL using tomato i can see quite a few people routers in the surrounding houses, some of which are named. So if the wireless person does have his own router, he may have named it, making finding him slightly easier.
Click to expand...


your best using WPA, as WEP can be cracked with a wifi card and software.

in terms of tracing who was connected and where depends if your router keeps logs and how long for - but again logs will only show any dhcp requests, upnp requests and possibly activity, but you wont be able to put this to a name/person only to an ip address (local - probably served by dhcp) which has probably long gone.
 
Last edited:
Cracking WEP is not particularly straightforward as some might have you believe.

You need the right wireless card (very few chipsets support monitoring mode and all the rest of it that you need to do) and you need the right software. So whilst someone determined and with the right equipment can do it, it's not *that* common. That said, you may as well go for WPA.
 
xb8browney said:
Enable security and the MAC address of the laptop/desktop that connected should be logged so you will be able to stop access to that MAC address.
Click to expand...

What if it is multiple people just hijacking her net from multiple machines, best to leave mac filtering alone, macs can be easily spoofed.

Apply WPA or WEP and job is done.
 
Jon Frost said:
Is there any way that you can trace who these people are, or where they are. EG - Due NW at about 200 feet.
Click to expand...

srghost said:
huh? it might pick up wireless networks but remember a user could be connected to the OPS friends router not his own...

The OP thinks people are connecting to their friend's router there for how would a USB wifi spectrum analyzer work as it picks up wifi networks not wifi lan cards? If you get me?..
Click to expand...
the wifi spectrum analyzer shows all signals within the wifi frequency range, it doesnt just show routers, it shows everything thats happening.

so if someone starts using a cordless phone which works within the wifi range, that will show on the spectrum analyzer, or in the case of the OP, if someone connects to his wifi you can see the signals being sent from the persons wifi antenna, and sinces the signals degrade over distance you can determin a persons location. And since the op asked if its possible to trace who/where these people are, i feel my post is relevent, although i dont think anyone would buy a $399 wifi spectrum analyzer just for this one use.

mynsa said:
your post is not relevant, i dont think you quite understood what the original poster is asking for :confused:
Click to expand...
he asked how to find out who/where the people getting on his connection are:
Jon Frost said:
Is there any way that you can trace who these people are, or where they are. EG - Due NW at about 200 feet.
Click to expand...
 
Dist said:
the wifi spectrum analyzer shows all signals within the wifi frequency range, it doesnt just show routers, it shows everything thats happening.

so if someone starts using a cordless phone which works within the wifi range, that will show on the spectrum analyzer, or in the case of the OP, if someone connects to his wifi you can see the signals being sent from the persons wifi antenna, and sinces the signals degrade over distance you can determin a persons location. And since the op asked if its possible to trace who/where these people are, i feel my post is relevent, although i dont think anyone would buy a $399 wifi spectrum analyzer just for this one use.


he asked how to find out who/where the people getting on his connection are:
Click to expand...

in that case i do apologise, i am the one in the wrong
 
You must log in or register to reply here.
Back
Top Bottom