Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Dealing with an Advanced Wi-Fi Leech?

Anonymous Coward writes | about a year and a half ago


An anonymous reader writes "Recently, I had found out (through my log files) that my wireless router was subject to a Wi-Fi Protected Setup (WPS) brute force PIN attack. After looking on the Internet and discovering that there are indeed many vulnerabilities to WPS, I disabled it. After a few days, I noticed that I kept intermittently getting disconnected at around the same time every day (indicative of a WPA deauthentication handshake capture attempt). I also noticed that an evil twin has been setup in an effort to get me to connect to it. Through Wi-Fi monitoring software, I have noticed that certain MAC addresses are connected to multiple WEP and WPA2 access points in my neighborhood. I believe that I (and my neighbors) may be dealing with an advanced Wi-Fi leech. What can I do in this situation? Should I bother purchasing a directional antenna, figuring out exactly where the clients are situated, and knocking on their door? Is this something the local police can help me with?"

Sorry! There are no comments related to the filter you selected.

Steps (1)

i kan reed (749298) | about a year and a half ago | (#42958255)

1. Set up logs. See what sites they visit
2. Establish host file that redirects traffic to their favorite page to a local server
3. Choices:
    a. Pretend you're the FBI, have fun with it.
    b. Passive aggressive note to them
    c. Phish them.

Re:Steps (1)

crutchy (1949900) | about a year and a half ago | (#42958903)

hahaha oh you mentioned "hosts" :)

you got balls... i like balls

Be Mrs Roberts (1)

skade88 (1750548) | about a year and a half ago | (#42958407)

turn wifi off when you are not using it (1)

mrflash818 (226638) | about a year and a half ago | (#42958853)

Try to see if the leech has a certain time-of-day where they are attempting bad things.

If you are not home at those times, or is middle-of-the-night, then many wifi-routers can be set to only be active for certain windows of time each day, kind of like the timer on many home thermostats.

The wifi that is OFF is always secure!

Re:turn wifi off when you are not using it (1)

crutchy (1949900) | about a year and a half ago | (#42958933)

or put your router on a power supply with a timer (pretty cheap from kmart/walmart/etcmart)

wireless mac address access list (1)

crutchy (1949900) | about a year and a half ago | (#42958945)

set up an access list, which is very easy to do on most wifi routers today.... just go into the web admin and it involves adding wireless mac addresses to a list, and the switch will then only allow devices on the list to connect.

it's a bit of a nuisance in that when you get a new device you have to add it, but its a very useful and secure feature that is possibly not well publicized

Re:wireless mac address access list (1)

fireman sam (662213) | about a year and a half ago | (#42961275)

Problem with that is that the leech probably has the ability to spoof the mac. All he would have to do is capture some packets to map out all the mac addresses that have access and use any one of them that isn't currently connected.

IMO the best thing to do is contact your local police and explain the situation. Also let them know that you are prepared to work with them to catch the leech. If they agree you could set up a trap and allow the leech access then capture everything he does. Cops get evidence of what he is doing, he gets busted and you get your wifi back.

You could also print out a flyer and do a letter drop to your neighbours. They might not be aware that someone is connecting to their wifi - they might not even be aware that they have wifi.

Re:wireless mac address access list (1)

crutchy (1949900) | about a year and a half ago | (#42962717)

a layered security approach is better than any single approach on its own, so if the op sets up mac filtering and sticks with wpa2 (wep is not recommended anymore) he's about as secure as can be expected

the only other thing i could recommend is disabling the wifi altogether on the router and using a linux box with a wifi card as a router via an iptables script, which can get pretty fancy (you can limit all sorts of things), as well as setting up a cron job to disable wifi access at certain times... i wouldn't personally bother with that (even though i use linux).

if the guy is determined enough to get around mac filtering and wpa2, he's probably determined enough to get around just about anything, and there must be some reason why its more economical for him to go to all the trouble of hacking a neighbors wifi than to pay for his own or use free wifi at macdonalds or the local library.

maybe check out your router packet logs if possible and see what addresses he's been looking at. maybe you could then set up a little apache server and redirect those addresses so that when he looks them up again instead of his usual pr0n site he gets a "GET OFF MY FUCKING WIFI !!!" page.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?