Advice Needed Someone spying on our wireless lan??

jeallen01

jeallen01

Specialist Contributor
Messages
3,513
My Satellite Setup
See Signature
My Location
Somewhere in England (possibly?)!
Just happened to be looking at the network backup settings one on my (non-wireless-connected) machines, and noticed a "new to me" device showing up on the network - it was a Blackberry "something or other" with a MAC address (which unfortunately I forgot to write down) and no other info, but no Blackberry devices have ever been used here and I've never seen (or at least noticed) anything like that on the network before!! :(

Looks like someone "sniffed out" the Wireless AES PSK code (which was not a simple one, although it was the one that the Router was set to use when I bought it new) and so I've now had to completely change that on the Router upstairs and then on the Access Point downstairs - and now I have to change 2 tablets, 2 phones, a couple of laptops, and several Sat Rxs with wireless dongles (and possibly a couple of other units) :-doh

Any sugguestions for preventing a reoccurence of something like this?

Thanks in advance.
 
Terryl

Terryl

Specialist Contributor
Messages
2,328
My Satellite Setup
OpenBox X5 on a 1 meter motorized dish.
And now a 10 foot "C" band dish.

Custom built PC
My Location
Deep in the Boonies in the central Sierra Nevada mountains of California.
If your router has MAC address filtering you can block it, however you will need to authorize all the acceptable devices if you do so.

And this may or maynot work, if someone has hacked your WIFI then they may be able to hack the MAC filtering also.

The best way is to use WPA2 and make the key as complicated as possible.

Read this ... https://gizmodo.com/how-to-keep-your-home-wi-fi-secure-1821008133
 
jeallen01

jeallen01

Specialist Contributor
Messages
3,513
My Satellite Setup
See Signature
My Location
Somewhere in England (possibly?)!
@Terryl

Yup, MAC filtering is probably still the way to go - but that's giving me the problem of entering a lot of MAC addresses into the filter table. I'm currently building up the list of addresses, but need to switch a few more items on before I can complete that!

OTOH, it seems that I did still have the intruder's details on screen on the machine on which that was spotted (the window was hidden by something else!) , so, as a temporary measure, I've set the MAC filter to reject that MAC address.

BTW, it seems that with the router that I have (ASUS RT-N66U) I can set the filter to OFF or to either Accept or Reject MAC addresses, but there's no option to Accept some and Reject others - which is a pain!

Also having issues with changing the WiFi password because one of the Rx exits the p/w change routine far too soon and so I can't enter a new (even very short!) one on that machine!
 
PaulR

PaulR

Dazed and Confused Admin
Staff member
Messages
16,132
My Satellite Setup
-----------See sig-----------
My Location
Wirral, NW UK and Vaucluse, France.
It's best to connect to the router with a cable when messing around with passwords and the like. You can always get in then.
 
jeallen01

jeallen01

Specialist Contributor
Messages
3,513
My Satellite Setup
See Signature
My Location
Somewhere in England (possibly?)!
It's best to connect to the router with a cable when messing around with passwords and the like. You can always get in then.
Unfortunately that Sat Rx (Free Sat 7HD) doesn't have a wired Ethernet port - only USB dongle WiFi - like most other small cheap units:rolleyes:. OTOH, the "main" laptop is pretty much always connected only via a cable.
 
Channel Hopper

Channel Hopper

Suffering fools, so you don't have to.
Staff member
Messages
27,273
My Satellite Setup
A little less analogue, and a lot more crap.
My Location
UK South
The Freesat 7 strikes again.
 
jeallen01

jeallen01

Specialist Contributor
Messages
3,513
My Satellite Setup
See Signature
My Location
Somewhere in England (possibly?)!
The Freesat 7 strikes again.
I don't know why that happened, but I suspect that I need to completely delete the existing Wifi connection from thay Rx and start to reestablish it again from scratch.

OTOH, had no real problems in changing the PW on the SX88 and Opensat V8.
 
Channel Hopper

Channel Hopper

Suffering fools, so you don't have to.
Staff member
Messages
27,273
My Satellite Setup
A little less analogue, and a lot more crap.
My Location
UK South
I don't know why that happened, but I suspect that I need to completely delete the existing Wifi connection from thay Rx and start to reestablish it again from scratch.
Master clear, put in a box and sell.
 
jeallen01

jeallen01

Specialist Contributor
Messages
3,513
My Satellite Setup
See Signature
My Location
Somewhere in England (possibly?)!
Master clear, put in a box and sell.
Probably not if I can fix the problem because it's a pretty good Rx - OTOH, they sell for a lot more now than I paid for it:rolleyes:
 
Channel Hopper

Channel Hopper

Suffering fools, so you don't have to.
Staff member
Messages
27,273
My Satellite Setup
A little less analogue, and a lot more crap.
My Location
UK South
Better sell before your wifi is compromised again then.
 
jeallen01

jeallen01

Specialist Contributor
Messages
3,513
My Satellite Setup
See Signature
My Location
Somewhere in England (possibly?)!
Better sell before your wifi is compromised again then.
Can't see why the spying issue should be related specifically to the Free Sat because I think that is a Free Sat f/w issue, and as there are quite a number of other devices connected by WIfI only (mainly due to lack of available cable connections &/or location in the house).

OTOH - can you suggest "something else" that might be the "vulnerabilty"?
 
D

daro2096

Regular Member
Messages
365
My Satellite Setup
No setup at present
My Location
Consett, Durham
You could turn off your wi-fi and have all devices connected by ethernet cable. You could do what I do and make your wi-fi invisible by not broadcasting your SSID. You could/should change your SSID network name then you only you know it is there. You would have to write down your SSID name and in all devices you have to manually type it in otherwise it will not find it.

I have my wi-fi SSID invisible and it is not password protected. I figure if anyone can figure it out they are welcome to leech off me. Besides I see it as a kind of karma considering I used to illegally download computer games and other stuff through bittorrent. On unlimited fibre. Mind you only my neighbour next door or upstairs above me could leech from me, well unless someone was sitting just outside next to where the router is.
 
jeallen01

jeallen01

Specialist Contributor
Messages
3,513
My Satellite Setup
See Signature
My Location
Somewhere in England (possibly?)!
Daro

Thanks for your advice.

Unfortunately, it's not practical to only use cabled connections (even though a lot of the house is cabled) because some of the devices (phones, tablets, some of the Sat Rxs) don't have ethernet ports and the locations of others would mean ethernet cables running across the living room floor(!), and I doubt that power-line comms would work very well either because the mains system is rather "convoluted" to say the least and has lots of junctions!

As soon as I have listed the MAC addresses of all the devices, I'm going to invert the wireless MAC filtering to "Accept" only and enter those addresses into it - this is particularly important as a number of the devices wirelessly connect to the AP and then that connects them via Ethernet to the main router and so those devices are then "seen" as cable-connected by the router, and I can set MAC filtering for cabled devices.

As for turning off the SSIDs (the router and the AP have different ones), I was going to do that straightaway, and will do so in a few minutes.
 
statalite

statalite

Member
Messages
431
My Satellite Setup
Nova-HD-S2, Dr HD D15, V7S
Zone 1 @ 28.2°E with cable tied LNB @ 19.2°E
Channel Master 1.0m (to be setup)
Free sat v8 finder V-71HD
My Location
UK Midlands
To clarify, the Freesat 7 hd, you suspect this is the culprit via the internet or someone locally has gained access?
 
scopus

scopus

Specialist Contributor
Messages
2,099
My Satellite Setup
Primesat/Famaval 1.8 PF C/ku/Ka, Octagon SX8HD1, SX88, Openbox S3 Mini HD-V8S Freesat V7 HD-V8 Finder, Amiko A4K Combo, Satlook Colour HD Spectrum, Sansui A909 Amp and BOSE Acoustimass speakers for the audio.
My Location
Staffs UK
To clarify, the Freesat 7 hd, you suspect this is the culprit via the internet or someone locally has gained access?
Really no need for the Freesat 7HD to be connected to a network at all....
 
jeallen01

jeallen01

Specialist Contributor
Messages
3,513
My Satellite Setup
See Signature
My Location
Somewhere in England (possibly?)!
To clarify, the Freesat 7 hd, you suspect this is the culprit via the internet or someone locally has gained access?
No: I don't suspect the Free Sat Rx (it wasn't even powered up when I noticed the intrusion) - I guess that there's a f/w issue that won't be resolved and that I need to delete and re-set up the WiFi connection on that Rx.

Yes: I do believe that someone gained access, and I'm hoping it's the first time - although I suspect not, there's little I can now do about previous possible accesses.

Anyway:
- WiFi password changed on all WiFi devices
- All device MAC addresses and network addresses now determined and entered into the router manual MAC address & network address assignment tables
- EDITED: I did switch DHCP off, but, when checking each device, SWMBO's phone would not connect to the WiFi (and her tablet was a bit "iffy" about it too) and so I've had to switch it back on again :(
- Router and AP SSIDs now switched off = so "Hidden"

What more could I do in practice - I don't really know.

OTOH. whilst most of the home networks around here are encrypted and some have hidden SSIDs, there is one broadcasting its SSID and without any encrytion, and so I hope my "friend" will migrate over to that one!

PS: I found the following free utilities to be most useful when doing that:
- Advanced IP Scanner which identified all the network connected devices - Advanced IP Scanner - Download Free Network Scanner.
- Acrylic WiFi Home which works very well to identify all the local Wifi networks Download Home Wifi Scanner | Generic WiFi passwords | AcrylicWifi
 
Last edited:
Channel Hopper

Channel Hopper

Suffering fools, so you don't have to.
Staff member
Messages
27,273
My Satellite Setup
A little less analogue, and a lot more crap.
My Location
UK South
You could turn off your wi-fi and have all devices connected by ethernet cable. You could do what I do and make your wi-fi invisible by not broadcasting your SSID. You could/should change your SSID network name then you only you know it is there. You would have to write down your SSID name and in all devices you have to manually type it in otherwise it will not find it.

I have my wi-fi SSID invisible and it is not password protected. I figure if anyone can figure it out they are welcome to leech off me. Besides I see it as a kind of karma considering I used to illegally download computer games and other stuff through bittorrent. On unlimited fibre. Mind you only my neighbour next door or upstairs above me could leech from me, well unless someone was sitting just outside next to where the router is.
Ahem.

TREVOR MARSHALL - Biquad feed for primestar dish
 
Channel Hopper

Channel Hopper

Suffering fools, so you don't have to.
Staff member
Messages
27,273
My Satellite Setup
A little less analogue, and a lot more crap.
My Location
UK South
Not at all, it's perfectly feasible that you might also have fallen victim to the 'Pringles'
 
jeallen01

jeallen01

Specialist Contributor
Messages
3,513
My Satellite Setup
See Signature
My Location
Somewhere in England (possibly?)!
Not at all, it's perfectly feasible that you might also have fallen victim to the 'Pringles'
If I interpret that correctly, you were referring to the various directional antennas in the link right at the bottom of the page, and, it is possible, that someone might go to the trouble of constructing something like one of the Vertical slotted tubular antennas described there - OTOH, I don't think that most of the riff-raff around here would have either the nous or the dedication to go to such lengths, and they'd probably then use something more than a Blackberry to run it.

BTW: I have tried cheap commercial reflector-type directional antennas in the house, and they do make a slight difference to comms performance, but that was with older and less sophisticater routers, whereas more modern MiMo routers generate stronger signals in many directions - and that obviously begs the question "Are you jeopardising you WiFi security by getting a router with better range?"

Never seen that question asked (although I am sure it must have been - sometime, somewhere), but it's worth pondering!o_O
 
Top