I was wondering if there was a program that can detect unauthorized access to a secure or unsecure wireless connection. Mine is secure but when I'd like to know if anyone else is hacked into my connection. Its that, when all my computers are turned off, the modem still receives.

on most APs these days you can see who is connected to the DHCP server, the easiest way to then filter out any "bad guys" is by checking your MAC address, or using different method of authentication - Radius, WPA, ginormous WEP key, whatever :)

- Rasmus

yeah, my modem is always going... I think it is a shaw thing.

Yah, on my telus, there is only room for two mac address's and there being used, and to even access them you need a password.
my modem goes all day/night tooo and its telus.

your modem will always receive unsolicited data. its if the send light is going when your computers are off that you should be concerned :)

but other than that, most wireless routers will have a log of who has connected to it in the administration interface

How do you searcht he log for wireless connections?

For my router (linksys) I just click Status-->Local Network-->DHCP Client Table, it shows all computers on the network

I use a D-link.

should be similar


if ur annoyed wit ppl using ur connection, set up a wep, or set it up so only certain devices can connect to ur network wirelessly (mac address filtering)

Even if the send light shows traffic when all of your computers are turned off, doesnt mean that its bad. Your isp will send certain packets just to make sure that there is still something on the end of the line and so that they no not to re-use your IP for another persons link. The two links will talk together just to keep that connection up.

One way to check if there is anyone using your connect is through the logs on the router. Another way to monitor the traffic and see if anyone is connected is to use a program such as ethereal (free download) and set it to monitor your network in promiscous mode. This way you should things like broadcasts and such, so if you see an IP address that you know should not be used, then you know some other unwanted device is using it.

If you want to keep people out change as much stuff from the default setting as possible:

1. Disable the DHCP Server on the router.
2. Enable Mac address filtering.
3. Use WPA instead of WEP
4. Change the IP Address from 192.168.1.x numbering convention to 10.0.0.x.
5. Disable SSID broadcast
6. Change the SSID to something other than "linksys" or "dlink" or whatever brand you use.
7. If you only have wireless-g devices, then have your router disable access from wireless-b devices. (or wireless-a, etc etc).

If someone REALLY wants in, they'll get in but this will make it much more difficult.

for dlink routers, click the "DHCP" button on the left menu. at the bottom of the page is a list of mac address/ip address/hostname combinations. if you see more IP addresses than the number of computers you own in that list, that might be a sign someone else is using it :)

kenny done good :thumbsup:

how do u set up a secure network.? ive looked on the website but it doesnt help. i havea d-link.

Disabling the SSID broadcast wont really do much. If the person knows anything about wireless analysis, they would be using a program that does not need a broadcast in order to see the network. Freeware versions of Netstumbler will do that in a matter of seconds.

Changing the range of IP address is worth it. Or even just changing the subnet mask to have a smaller range. There are also three ranges of private address that are available to use: 10.0.0.0 to 10.255.255.255 , 172.16.0.0 to 172.31.255.255, and finally 192.168.0.0 to 192.168.255.255

Originally posted by forced14
Disabling the SSID broadcast wont really do much. If the person knows anything about wireless analysis, they would be using a program that does not need a broadcast in order to see the network. Freeware versions of Netstumbler will do that in a matter of seconds.


not quite...if his computers are off like he said and the access point isnt broadcasting, there would be no traffic to see. as kenny said, its not meant to be a solution, just one of many small steps to make things a bit better.

PC-Cillan has a WEP check that will let you know of unauthorized access...you can download a free 1 month trial of it...Give it a try and see what happens.

Thanx guys. I didnt know that I can check to see which computers are connected. I was searching the log and found this:

Sep/09/2005 05:10:29 Target IP(192.168.0.1), Target Port(2662) Packet Dropped
Sep/09/2005 05:10:29 Spoof IP(192.168.0.103), Spoof Port(2869)
Sep/09/2005 05:10:29 Spoof Attack fromd MAC(00-0F-B0-3C-10-0F) Detect,


What exactly does this mean??

Originally posted by Daxin
Thanx guys. I didnt know that I can check to see which computers are connected. I was searching the log and found this:

Sep/09/2005 05:10:29 Target IP(192.168.0.1), Target Port(2662) Packet Dropped
Sep/09/2005 05:10:29 Spoof IP(192.168.0.103), Spoof Port(2869)
Sep/09/2005 05:10:29 Spoof Attack fromd MAC(00-0F-B0-3C-10-0F) Detect,


What exactly does this mean??

It means you really need to consider getting secured and fast.