Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Submission + - Dealing with an Advanced Wi-Fi Leech? 8

An anonymous reader writes: Recently, I had found out (through my log files) that my wireless router was subject to a Wi-Fi Protected Setup (WPS) brute force PIN attack. After looking on the Internet and discovering that there are indeed many vulnerabilities to WPS, I disabled it. After a few days, I noticed that I kept intermittently getting disconnected at around the same time every day (indicative of a WPA deauthentication handshake capture attempt). I also noticed that an evil twin has been setup in an effort to get me to connect to it. Through Wi-Fi monitoring software, I have noticed that certain MAC addresses are connected to multiple WEP and WPA2 access points in my neighborhood. I believe that I (and my neighbors) may be dealing with an advanced Wi-Fi leech. What can I do in this situation? Should I bother purchasing a directional antenna, figuring out exactly where the clients are situated, and knocking on their door? Is this something the local police can help me with?
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Dealing with an Advanced Wi-Fi Leech?

Comments Filter:
  • 1. Set up logs. See what sites they visit
    2. Establish host file that redirects traffic to their favorite page to a local server
    3. Choices:
        a. Pretend you're the FBI, have fun with it.
        b. Passive aggressive note to them
        c. Phish them.

  • Try to see if the leech has a certain time-of-day where they are attempting bad things.

    If you are not home at those times, or is middle-of-the-night, then many wifi-routers can be set to only be active for certain windows of time each day, kind of like the timer on many home thermostats.

    The wifi that is OFF is always secure!

  • set up an access list, which is very easy to do on most wifi routers today.... just go into the web admin and it involves adding wireless mac addresses to a list, and the switch will then only allow devices on the list to connect.

    it's a bit of a nuisance in that when you get a new device you have to add it, but its a very useful and secure feature that is possibly not well publicized

    • Problem with that is that the leech probably has the ability to spoof the mac. All he would have to do is capture some packets to map out all the mac addresses that have access and use any one of them that isn't currently connected.

      IMO the best thing to do is contact your local police and explain the situation. Also let them know that you are prepared to work with them to catch the leech. If they agree you could set up a trap and allow the leech access then capture everything he does. Cops get evidence of w

      • a layered security approach is better than any single approach on its own, so if the op sets up mac filtering and sticks with wpa2 (wep is not recommended anymore) he's about as secure as can be expected

        the only other thing i could recommend is disabling the wifi altogether on the router and using a linux box with a wifi card as a router via an iptables script, which can get pretty fancy (you can limit all sorts of things), as well as setting up a cron job to disable wifi access at certain times... i wouldn

As of next Tuesday, C will be flushed in favor of COBOL. Please update your programs.