wireless security ?

350z4life

OSNN Junior Addict
Joined
7 Mar 2006
Messages
11
hi, new to the forums. Just curious about something. I read not too long ago about a guy that used someone's wirless connection outside of their homes to download illegal material (something sick like CP). What I wondered though, was would that show up on the actual owner's pc that was connected to the network. I would assume the only place it would show up was in the router's logs and their ISP. Would this be correct if they had a router/modem combo, such as 2wire or linksys and had pcs connected to that? I keep my wireless secure but just wondering if it could show up on your pc without you knowing it?
 
You are correct this would only show up in the routers logs and the ISP. The connected PC would not be affected becuase the traffic goes through the router.
 
There are ways to check what pc's are connected to your router , I have a network scan that happens every 5 minutes and will show me the mac address of all computers connected to my home network.
 
Kermit_The_Frog said:
There are ways to check what pc's are connected to your router , I have a network scan that happens every 5 minutes and will show me the mac address of all computers connected to my home network.
How do you go about doing that? I recall something in my routers config page as well.
 
If you're worried about wireless security why are you running an open access point? Seal it up with WPA-AES and be done with it.
 
Sent to me by PM....
hi mainframe, working on a paper here and trying to figure something out. I know I should post this as it would be helpful to other people so if you would like to do so that would be fine. However, my ? is a little specific

Here goes, in the event that someone uses your wirless network, which is set up by a router/modem combo such as 2wire or linksys, netgear, etc., and they download illegal material. Will it actually show up on your computer (meaning the actual illegal material) or will it just show throug your ISP logs and router logs? Guess what i'm gettin at is would an investigation of your hdd find any traces of the culprit's activity that could incriminate you?

Thanks very much for your help,

P.S know of any networking people on here?
Thanks for thinking I know more than the others on here - but our collective KB is the one you want, so good you posted and better I found thread instead of starting another from your PM. I'm busy working right now - hope you are inside forum guidelines, know you will find the network people here (Lord is one and KCNY is another, among a cast of dozens!). GL with your assignment - or your illegal trafic!
 
As to your hard drive, no the file will not show up there... Most NICs don't run in permiscuous mode, so they'll only get the traffic that is addressed to them.

OK, I haven't messed with wireless in the specific, but I imagine that with some of the routing, there is a bit of a commonality here. Beneath the level that IP functions at (which is where you get your logical IP address), there is a layer in the networking model refered to as the datalink layer. What's important here, is the part refered to as MAC (media access control). Each NIC has it's own MAC address, which is physically tied to the network card...

When the router needs to access a given device, based on it's own routing table, it determines where to send it (in your case, out the wireless, or out the connection to your ISP, I'm imagining is your setup). It also grabs the physical address which associated to that IP. Because the MAC on your computer wouldn't be the same as on theirs, it would be addressed to their computer only. Nothing would show up on your hard drive, so no if the RIAA, law enforcement, or whoever came looking, there'd be nothing on your hard drive to implicate you with.

However, you should still secure this. Because, as you have already guessed, the ISP could have a way of knowing what's going over your connection, and the ISP could hold you accountable for this. If someone breaks into your WAP, and commits a TOS violation (and illegal activities likely do fall under your terms of service agreement), it would be up to their discretion to decide how such a breach of TOS they might be engaging in, will be dealt with. Once you know this is going on, if you fail to do anything to secure your wireless, they could hold you accountable for what knew, but allowed to pass through your network circuit with them, anyhow... Afterall, the router is your own internal network (your hardware), which is under your control; just as their network is under their control. A prob with your routers or other networking hardware, that you have added to your connection (was not provided by them), would be deemed your responsibility.

It would be adviseable to secure this, and if you need help figuring out how to secure it, to ask someone. It's also a way to cover your butt "I found out someone was doing X, and I have since secured my wireless, sorry..." vs. doing nothing at all, and allowing the activity to continue over your connection. But, your hard drive itself is safe...
 
Last edited:
Kermit_The_Frog said:
I have a network scan that happens every 5 minutes and will show me the mac address of all computers connected to my home network.

Im interested to know what you have doing this, I use to have a program that did something similiar but A) Forgot the name and B) It was buggy and the interface left something to be desired.
 
so i'm assuming even running in permiscuous mode wouldn't necesarily do anything unless you had software to analyze the packets, etc. Would you even pick up any information at all running in permiscuous and would the activity show up somewhere you could see it? I mean I would think if your computer was picking up other things you would know
 
There is software to set the computer to promiscuous, however it is not enabled by default, the software that will let you analyze those packets can/will set it to promiscuous. The software that will let you analyze usually lets you set the dump for packet analysis.
 
thanks falconguard. I have been GOOGLEing this quite a bit but can't figure out if simply creating a bridge on a network would enable your wireless NIC to go into promiscuous mode or monitoring mode
 
ok, thanks Admiral, I guess what I'm getting after is your pc can't automatically analyze the packets, you have to have some kind of software running to do so
 
do you know if simply bridging two connections on your pc would create a promiscuous or monitoring mode on your NIC?
 
nope, it does not work that way. Although, the next question would be are looking for something to analyze your network?
 
uggh i'm confused, i have someone else telling me it has to or it would not make the bridge work
 
350z4life said:
Would this be correct if they had a router/modem combo, such as 2wire or linksys and had pcs connected to that? I keep my wireless
secure but just wondering if it could show up on your pc without you knowing it?


The data downloaded would not show up on your PC, BUT...

If the person using your wireless had maliscious intent (using your IP to hack for criminal purposes, or if the hacker had a grudge against you) he could copy whatever he has done onto any unsecured machine on your network to leave a footprint incriminating you. You could not prove the files were put on your machine by someone else.

Since the hack was done wireless directly into your LAN there is not even any chance of an external record showing someone had access.

-Secure your wireless network with WAP and a strong key. Hide it's name.
-Secure each PC.
-Put a software firewall with inbound and outbound protection on every machine you own.

The hacker could be a hardened criminal with a fraud record a mile long or the techie nerd down the block who's pissed you didn't buy his little sisters girl scout cookies.

:nervous:

Or as I've said before. Do you leave your car doors open and the keys on the dash? Do you leave your front door wide open all night?

No. Then lock up your computer system too. It can cost you a lot more than a stolen car, TV or stereo. It can cost your reputation, your job, and your financial identity.
 
Ok, now you have me confused what are you trying to do? What do you have, as far as equipment?
 
sorry not trying to be confusing, just wondering if, when using xp in windows.

Say you have two connections listed in your My Connections folder, and you set those up as a bridge. Does that change your NIC card to permiscuous or monitor mode?
 

Members online

No members online now.

Latest profile posts

Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
Any of the SP crew still out there?
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
hello peeps... is been some time since i last came here.
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.

Forum statistics

Threads
62,015
Messages
673,494
Members
5,621
Latest member
naeemsafi
Back