Wi-Fi Network Security + Laws

Soldato
Joined
7 Mar 2005
Posts
6,760
Location
Wolverhampton
Hey guys.

My brothers not long got his first wireless network set up. Ive just showed him the clip when the real hussle hack wep security in minutes. I showed him to let him know the dangers and help him up his security levels.

He has WPA now, he doesnt know how to do mac filtering etc.

On mine i have WPA2 Personal / hidden ssid broadcast / mac filtering.

Is there any other way to secure my network up more?

And he was asking me a question. Lets say his neighbour used his wirless network for something illegal, and the police knocked on his door. Would he, he registered user of the connection, go to jail? Or can they track his neighbour anyway to proove whos computer was connected at the time?

Cheers:)
 
Camalot said:
And he was asking me a question. Lets say his neighbour used his wirless network for something illegal, and the police knocked on his door. Would he, he registered user of the connection, go to jail? Or can they track his neighbour anyway to proove whos computer was connected at the time?

Cheers:)

They would have to prove who was using the said connection. Being the owner of it and paying the bill does not mean you were the one who downloaded it as was illustrated recently in the USA when the RIAA tried to sue some woman for downloading music just because she paid for the connection and she won because it was proven it was not her who downloaded the material.
 
Yes you, or whoever pays the bill is responsible for the your connection.

If he has WPA and strong key (I like to use this to generate a 256kbit key) he'll be more than safe. Until somebody cracks WPA like they did WEP.

If you wanted added security past WPA2, you're looking at using IPsec at the network layer. But really that would just be added hassle, and what's the likelihood of somebody breaking WPA2.
 
norm said:
Yes you, or whoever pays the bill is responsible for the your connection.

ridiculous, so if you download something dodgy at work, then the employer is responsible because they pay for it?
 
Immsy said:
ridiculous, so if you download something dodgy at work, then the employer is responsible because they pay for it?

Yes, they agreed the terms & conditions with the ISP so only they can be responsible. It'd then be up to the company to find out the culprit if they have any kind of logging system.

It's debatable whether or not anybody would actually be convicted for somebody else using their connection, but if the offence was big enough it'd certainly attract the attention of the authorities, and you wouldn't want that. They would likely remove all your PCs for inspection etc. to build a case of evidence.
 
norm said:
It's debatable whether or not anybody would actually be convicted for somebody else using their connection

As in my other post, thats already happened although id imagine it was clear that the other person had been downloading the files in question.
 
hmm, ok thanks.

I just diddnt think it was right that my brother or me should be in trouble if nextdoor or someone pulls up in a van outside my house and uses my connection for something.

Surely it can be traced if needed. :p
 
Hiding your SSID and MAC filtering are pretty much pointless.. Its easy enough to see any broadcasts with various programs and its fairly easy to get a MAC address as well..

Just stick with WPA and a decent key. Job done. :)
 
Immsy said:
Unless your router logged which mac addresses were connected at certain times then i dont see how else they could trace it.
Even if you had there MAC address how could you trace them...
 
My understanding is that you are legally responsible for what is downloaded on your connection. Which is why you should use a good WPA or WPA2 password.

Business connection are the same which is why normally in your contract of employment it will specifically have clauses about you only using company resourse for work related stuff.

As far as this quote I do have it to point out we are in England and USA means sod all.

Immsy said:
They would have to prove who was using the said connection. Being the owner of it and paying the bill does not mean you were the one who downloaded it as was illustrated recently in the USA when the RIAA tried to sue some woman for downloading music just because she paid for the connection and she won because it was proven it was not her who downloaded the material.
 
chaparral said:
Even if you had there MAC address how could you trace them...

That would proove that you didnt download it which might be enough in the context of the case.

sid
 
I do not think it would as what is to say that you did not spoff a different MAC address on your machine to then be able to turn around and say it was not me when it was. The MAC address proves very little.

To be honest if you are that paranoid about someone using your wireless for illegal things and then you being blamed and arrected for it then you should not use wireless it is as simple as that in my opinion.
 
Immsy said:
ridiculous, so if you download something dodgy at work, then the employer is responsible because they pay for it?

Yep hence why you have content filtering and all sorts of authentication so that they can track who and when. Also why you get IT Use Policy regarding safeguarding your password etc.
 
HomerJ said:
I do not think it would as what is to say that you did not spoff a different MAC address on your machine to then be able to turn around and say it was not me when it was. The MAC address proves very little.

To be honest if you are that paranoid about someone using your wireless for illegal things and then you being blamed and arrected for it then you should not use wireless it is as simple as that in my opinion.

yes but it would have to be prooved that you spoofed a mac address and are pretending someone else hacked in.

This not something joe bloggs can do and it will be obvious in the court.

sid

edit/ having said that a decent hacker will probably delete the log regardless.
 
Also presuming a level of logging absent on all the 'home' routers I've used.

All the Police would have is an IP address in most cases which with NAT would be your IP address, leaving you with some explaining to do :)
 
to be honest mate the chances of someone pulling up in a van outside your house are quite small and if your neighbour uses your connection then it's easy to track them...... they're next door lol
As everyone knows wireless only works within a certain range, if your really that paranoid then if you do get hacked just get police to interview your closest neighbours, they will more than likley s*** themselves and admit it, or look very suspicious
 
Police involvement is unlikely anyway.

If it is downloading copyright protected material it is a civil offence and if it was something a lot more serious then the law enforcement agencies would not be depending upon an IP address alone by the time they were in direct contact with you.

The biggest realistic risk is that you'd get a warning letter from your ISP for uploading copyright protected material and you'd be asked to stop doing it.

Repeat offences would cause your ISP to cut you off so you are well advised to lock down your network for safety but you are not likely to get a visit from the local constabulary in the early hours of the morning :)
 
I never wanted to go wireless for this very same reason ........security ........ I have now and am very happy I did .If your worried about people tapping in to your wi-fi , there is software available to spot someone on the network , you can even send them a cheeky message .I downloaded this software years ago and have never used it .I may dig it out and give it ago ,just to see if it works .Theres bound to be some newer stuff around.
 
Back
Top Bottom