Are your dual monitors taking up too much space on your desk? If so, get your space back with an
and declutter your desk with out throwing anything out!
How I added more disk space with out any hassles or costing me an arm and a leg!
Check it out:
How To Tell If Someone Is On Your Wireless Home Network
You heard the old saying "were not alone". Well, the same can be said about your .
Have you ever wondered if someone else is on your network, with out your knowledge, watching every site you visit or stealing account information from your GMail or bank account?
Sure you probably went to great lengths to , but any Network Security professional will tell you NOTHING is bullet proof.
While nothing is bullet proof, being proactive with monitoring can catch the un-wanted guest…off guard.
So what can you do to monitor and identify if someone is wondering around on your home network?
You can use some simple tools, when combined, will help you see your Network and give you a view of who's online.
NOTE: With these tools chances of identifying someone on your network increases, but will NOT prevent them from gaining access to your Network. Other tools exist than described in this article, but the goal is to show you the different type of tools and how to use them.
1 – Firewall Logs – is a good place to start. If you have a Firewall running on your Computer or on your router, look for suspicious activity by scanning the logs for anything out of the ordinary with inbound and outbound traffic.
One method you can use is to look for patterns. For example, if someone was scanning your computer to see what
are open, the logs will show continuous activity from the same IP Address (an intruder's computer) sending a stream of data to many different ports to a single IP Address or range of IP Addresses.
Obviously, with a smart hacker, they can do many things to cover their tracks, but one thing is for sure, data must be transmitted to probe your computer, and patterns is one method to use for spotting trouble on your Network.
2 – DHCP Logs – if the unwanted guest is not Network savvy, or security on your router is not up to snuff, they may be able to drop in unannounced, by receiving an IP Address from your wireless DHCP server.
You can easily view a list of active addresses by connecting to your router and checking the DHCP log. For example, on my Linksys router, the log is located in the Wireless MAC Filter tab and is shown in the screen shot below.
I can see and identify all active PC's on my Network. But this does not guarantee that these are the only active PC's on my Network.
Unfortunately, a more sophisticated hacker can get around the need to rely on DHCP. If they did their homework (you can be sure of that), they probably figured out the range of IP Addresses in use on your Network, found an unused address in that range and configure their PC with the static address.
3 – Check Who's Connecting To Your Computer – Now that you identified the trusted computers are on your network (from the DHCP logs), you can check who is connected to your computer.
To do this, open a command prompt and enter the following command:
netstat -an
a = Displays all connections and listening ports
Displays addresses and port numbers in numerical form
Netstat is a useful tool that displays network connections (both incoming and outgoing) on computers. This will allow you to see all IP Addresses that have made a connection to your computer.
Netstat shows you the type of connection (TCP or UDP), IP Address and port number (number after addresses separated by a colon) for both Local (your computer) and Foreign addresses.
To find your IP Address, just enter ipconfig at the command prompt.
You should be able to easily spot any addresses (Foreign column) that is outside the DHCP range on your router and investigate.
You can also see what executable are involved in creating each connection by using the -b switch with the netstat command (netstat -b)
Now this great for checking connections on your Compter, but what if someone is on your Network and not connected to your Computer?
4 – Scanning your entire Network – When Computers communicate with each other, they do so with ports (as you saw with the netstat command). Some ports that may be familiar to you are 80 (HTTP), 443 (SSL). 25 (SMTP), 110 (POP). For example, when your Computer browses a website, it opens up port 80 and sends the request out,
To see open ports on a Computer, a tool called Port Scanner can be used that can scan a Network and identify devices by probing for open ports.
Information that can be found is the connection type (TCP or UDP), type of port and IP Address.
Many Port Scanners exist, such as
(Famatech Software) and can scan a range of IP Addresses as shown in the screen shot below.
By scanning a range of IP Addresses, you can quickly see who is on your Wireless Network what they are doing from the list of open ports.
You can easily find out the entire range of addresses (including addresses outside the DHCP scope) your router uses. To do that, connect to your wireless router administration of interface and look for the router subnet mask information.
On a typical Linksys router (above screen shot), the default setting for the subnet mask is 255.255.255.0. Using a
you can determine the range of IP Address that can be used on your Network.
For example, the subnet mask of 255.255.255.0 with the IP address of the router .1.1 (Class C) has an IP address range of 192.168.1.1 .1.254. (Note that DHCP reserves address 192.168.1.100 thru 192.168.1.149 which means all other addressees in that range can be used as static address).
Time To Be Proactive
As you can see some of the methods used above are good for random check ups on your Wireless Home Network.
But just being proactive is not enough and using a combination of monitoring, tightening up security and changing your passwords often, among other items, can help from having your identity stolen.
I'm sure there are Network Security Professionals out there who may have better methods than described in this article. If you are one if them, I welcome you comments and suggestions to provide us with more tips and suggestions.
Filed under
Related Posts
What Next?
Comments on How To Tell If Someone Is On Your Wireless Home Network
Good article.
I always advise people to either use static IP addresses in their home networks since there are not usually that many devices to maintain.
If you do not want to take this approach, I would suggest that you use a subnet mask to limit the number of DHCP addresses allocated.
(255.255.255.240 allows 14 usable addresses, or 255.255.255.224 allows 30 usable addresses).
Most home routers will also allow you to limit the amount of DHCP addresses listed without changing the subnet mask.
This was a tad confusing. I just wish there was one mac software application that would do all of this in one place.
theres one way to help mac users, and its simpler than sumo or DOS. what may that be you ask? Its Windows 7! yay 7, with zero BSoD, zero calories, zero problems.
You also can use Mac Address Filtering and add only the Mac Addresses that you know, like your laptop's mac, your phone's mac, etc. This is good because it will be a pain in the butt for someone to simply guess your devices Mac Addresses. Mac filtering combined with WPA/WPA2 is a good method to prevent someone to mess up with your wireless home network. (sorry for my English)
Nice Work, I really appreciate your work, I am too a IT guy and I surely look for something like this.
One more thing that a network administrator to do in this regard, just to be more careful to use a wireless router for local network. Use a secure DHCP serber with MAC address security. Here is a post
blog to secure the DHCP
I can't imagine a situation where a hacker would want into the wifi network at my apartment so badly that a MAC whitelist wouldn't be sufficient security.
@: Correct me if I'm wrong, but I believe that MAC address filtering is not a secure procedure.
MAC address cloning is a trivial procedure, and built into the router firmware.
WPA2 encryption with a complex, non-dictionary password is your best bet.
The only known successful attack against WPA2 is a brute-force attack.
Possibly using rainbow tables, or pre-computed hash tables.
Nice article.
Thank you.
MAC Address Filtering will be sufficient to keep out the good guys.
Actually, I think you had it right the first time. MAC address filtering is pretty easy to get around (cloning legit addresses) for anyone who has even the slightest clue as to what they are doing. Besides that, the inconvenience factor is very high. Logging into the router to add a new MAC address (or two if you have to add the wireless and wired connections your new laptop came with) is a complete PITA for most people. Not to mention it's not effective security. You are much better off relying on WPA/WPA2.
Hiding the SSID is equally pointless. Anyone with half a brain will fire up netstumbler or something similar and read the network name (hidden or not).
You know there is software that is built to solve this exact problem other than the very manual processes listed here.
You could always try "Who Is On My Wifi" by my company.
We also have a few competitors if you look into it.
But there is definitely software to handle this.
The basic idea is that the software scans the network every 5 minutes
looking for any unknown computers that have joined and sends a notification if one is found.
It's an easier way to consistently monitor the network.
And I agree, the best way to keep people off of a network is to use WPA2.
hi ,this is a good article .it is very useful for it guys
I have a dumb question.
Can someone steal your internet download usage via a wireless router.
I am been trying to secure my belkin router, but have had no luck.
Never had a problem with my usage being used up except for today.
I got my new download usage, and within less than 2 hours, it is all gone.
I have had my router for 2 years, but is says it is unsecured.
Yes, someone can easily connect to your router if it's not secure. My advice is to find someone who can help you secure your router so your neighbors can't steal your bandwidth anymore.
Yes, absolutely!
In particular, if you live in an apartment complex, your router is within range of a bunch of other residents.
It is so easy for someone to tap into your wireless router, if you do not turn on wireless security.
Don't use WEP.
Someone with mal-intent can crack that within 60 seconds.
Literally.
Use WPA2, AES.
Don't use TKIP unless you need it for something else.
and get a nice, long, random password, say, about 63 characters long, and load that into your router and any wireless devices you may want to use.
You only need to enter it once.
You can copy and paste it, so you won't even have to type it.
Unless you have a wireless printer like mine!
But, even so, it only takes a couple minutes to type it into the printer.
Then, there's nobody who will be able to hack into your wireless network.
Not only can the bad guys steal your bandwidth, who knows what else they can do once they get into your network!
Good luck.
I understand someone using someone elses Internet. Like me, I have a Modem but can't be bothered to connect to it so I connect to someone elses. Atleast I have a Modem. Some people really get me angry
Pls, I need a clearification on disabling SSID broadcast in the router. Does it mean the network has become a hidden type and will it be that we have to be configuring the client systems manually in accordance with parameters set in the wireless router e.g SSID and security type and passprase.
Send ur comments.
You are correct.
You would need to manually (or by utilizing some form of portable media, e.g. thumbdrive) enter your SSID on all your wireless devices.
Keep in mind that "Security by Obscurity" is a weak defense against intruders.
You might keep out your next-door neighbor, but you wouldn't even slow down a serious hacker with just this method.
Though, I see you're mentioning a passphrase.
You'd need to use a randomly generated, long (as long as you can, like, say, 63 characters) password, with WPA-2 encryption.
Then, you'd be secure.
@ Bill Swearer If I should use randomly generated. How would I be joining new clients?
I didn't mean that you should have a constantly-changing key.
This is a one-time process.
and get a nice, long, random password.
Then, plug that passkey into all your wireless devices, and lastly into your router, and enable WPA-2 encryption.
Then, you'll be done.
No more changes are required.
That said, it's always a good idea to change that password on a regular basis for top security.
Note, of course, that should you have a keystroke logger implanted on your system, all bets are off.
You should use a good antivirus/anti-malware program to scan for these.
If, after doing this, you have visitors to your home to whom you wish to offer wireless access, you have a decision to make.
If you trust them with your password, you can give it to them.
If you follow the TNO (Trust No One) rule, you'll need to do something different.
In order to have two completely isolated networks, however, your system would require three routers.
Routers are getting very inexpensive.
You could Google for more info on that.
Thanks for your previous supports and I'll be loyal to you all at the time of your need if I'm in best possition to do.
Please, I have been trying to use this shutdown command on my network but whenever I did it would be showing some futher infomation and the command would not take it effect.
The command is shutdown -m\\computername then after the respond would be
Microsoft Windows [Version 6.0.6000]
Copyright (c) 2006 Microsoft Corporation.
All rights reserved.
C:\Users\user&\\shutdown -r\\acct05
The filename, directory name, or volume label syntax is incorrect.
C:\Users\user&shutdown -r\\acct05
Usage: shutdown [/i | /l | /s | /r | /g | /a | /p | /h | /e] [/f]
[/m \\computer][/t xxx][/d [p|u:]xx:yy [/c "comment"]]
Display help. This is the same as typing /?.
Display help. This is the same as not typing any options.
Display the graphical user interface (GUI).
This must be the first option.
Log off. This cannot be used with /m or /d options.
Shutdown the computer.
Shutdown and restart the computer.
Shutdown and restart the computer. After the system is
rebooted, restart any registered applications.
Abort a system shutdown.
This can only be used during the time-out period.
Turn off the local computer with no time-out or warning.
Can be used with /d and /f options.
Hibernate the local computer.
Can be used with the /f option.
Document the reason for an unexpected shutdown of a computer.
/m \\computer Specify the target computer.
Set the time-out period before shutdown to xxx seconds.
The valid range is 0-600, with a default of 30.
Using /t xxx implies the /f option.
/c "comment" Comment on the reason for the restart or shutdown.
Maximum of 512 characters allowed.
Force running applications to close without forewarning users.
/f is automatically set when used in conjunction with /t xxx.
/d [p|u:]xx:yy
Provide the reason for the restart or shutdown.
p indicates that the restart or shutdown is planned.
u indicates that the reason is user defined.
if neither p nor u is specified the restart or shutdown is unpl
xx is the major reason number (positive integer less than 256).
yy is the minor reason number (positive integer less than 65536).
Reasons on this computer:
(E = Expected U = Unexpected P = planned, C = customer defined)
Other (Unplanned)
Other (Unplanned)
Other (Planned)
Other Failure: System Unresponsive
Hardware: Maintenance (Unplanned)
Hardware: Maintenance (Planned)
Hardware: Installation (Unplanned)
Hardware: Installation (Planned)
Operating System: Upgrade (Planned)
Operating System: Reconfiguration (Unplanned)
Operating System: Reconfiguration (Planned)
Operating System: Service pack (Planned)
Operating System: Hot fix (Unplanned)
Operating System: Hot fix (Planned)
Operating System: Security fix (Unplanned)
Operating System: Security fix (Planned)
Application: Maintenance (Unplanned)
Application: Maintenance (Planned)
Application: Installation (Planned)
Application: Unresponsive
Application: Unstable
System Failure: Stop error
Security issue
Security issue
Security issue
Loss of network connectivity (Unplanned)
Power Failure: Cord Unplugged
Power Failure: Environment
Legacy API shutdown
And nothing would be acheived and while I want to use this command is to shutdown an authorised host detected on my network.
Send your comments.
@azedas101
The problem you are having may be with the syntax errors
In one instance you show the shutdown command as:
shutdown -m\\computername
(note that -m should be /m for Windows 7 or Vista computers )
in another…
\\shutdown -r\\acct05 (the \\ should not exist in the beginning of the command and the reason for the error message)
…and finally
shutdown -r\\acct05
(incorrect and missing command arguments). Should be – shutdown -r /m computername (a space should be between /m and computername)
To use the shutdown command, make sure the syntax is correct and try it again. Also be aware of the version of Windows you are running as the shutdown syntax has slight differences between versions when displaying help from the command prompt.
Hope that helps!
Hi, my boy friend hacked into my computer through my network (I think) cause he knows my wifi password as well as my computer ip or mac address. He did this to my home computer and my office's computer for he is also my boss at work. How I knew? He told me he can see everything I did on my computer. He even have print screen of all the activities that I've done. I'm pretty sure he didnot install hacking software to both my computer cause he told me he has a friend who helped him to installed a software to his computer to hack me. I asked him if he can see my password but he said he can't. I don't think its true. I am so upset n felt so helpless of what he was doing. What can I do to prevent him from hacking me? Even when I use other laptop(but still using my home's wifi), he still can see what I was doing. Pls help!
Carrie – Get a new
boyfriend! He sounds like a right little worm.
@carrie hi what he has done what we call in the world of tech is cmd surfing he has found your mac and ip
whileyou have been on the net so now he has used windows remote desktop and with out you knowing got on it and can control and see everything like a normal pc user.
just do it to him get on to cmd and type in net stat
and do the same.
Thanks Guy, but how can I do the same to him? Can u show me how? Anyway thanks for answering my question. Really appreaciated. Thanks again
That is some terrible (and incomplete) advice. First of all, even Google hasn't heard of "cmd surfing" which doesn't make a lot of sense anyway unless you are using lynx to browse the net from the command line.
What Carrie's boyfriend has done is immature and illegal, so to advise her to retaliate in a similar fashion is a poor suggestion. While I echo the opinion that's it's time for a new boyfriend, that's not my call. What I can advise you to do is to change and harden your wireless security at home and make sure to block RDP in case he is using that for remote access.
Use the webpage above to change all your wireless settings (being sure to use WPA2-AES in the process) and use whatever firewall you can (in the OS or via your router) to block the ports that RDP uses.
At work you are stuck if he is the boss. But I would assume he is not legally allowed to spy on even the workers without filling out some paperwork somewhere. I know we are not allowed to do that at work without significant notifications being sent out. I would mention to another manager what has taken place so that at least they know you are aware shady things are going on.
Actually, the guide above is a little dated. Suggestions like using WEP and hiding your SSID are actually not very good suggestions anymore.
Try something like this to re-setup your wireless network at home.
Important steps are setting encryption to WPA2 using AES, setting a new wireless password, and setting new router password(s). You don't want people to be able to jump onto your home network OR to be able to remotely access the router. You may want to disable wireless login to the router if possible. To change router settings you would have to connect via a cable. At least this way you know no one can remotely look at your router easily.
Thanks K. Really appreaciate ur advice. I will try to re-setup my wireless. One problem is that he was the one who setup my router. Does that mean he still can access to my network after I have re-setup my wireless?
Hey Carrie,
So long as you don't reuse passwords from before, once you change your wireless security he should not be able to get in any longer (assuming you set up the wireless in a safe manner – the online guide should help with that). Basically the whole point of these guides is to prevent exactly what happened to you. Even when you do everything right though, if someone else is doing the wireless setup for you…..there is always a chance they can get on. That is why I would recommend YOU do the wireless setup or have a trusted person do it for you. (Can't really fault you for having the boyfriend do it before, but this time make sure the person setting it up is trustworthy
Thank you so much for ur reply, K. I will try to do the setup myself. BTW, he also knew my my pc ip address and most probably mac address as well. Now that I re-setup the network, is it possible that he still access to my computer using other method?
The IP doesn't really matter. The internal IP for your computer is irrelevant and subject to change. The IP for your house (really for your cable modem) usually is also subject to change depending on your ISP (online provider). So neither of those things is very important. You could ask your ISP to change your IP if you are worried for some reason, but anyone with access to a computer in your house can easily find it out again.
I wouldn't worry about IPs, whether they are internal (your network inside the house) or external (your address to the world).
1) Have someone check your router to make sure it isn't providing easy outside access. (Or simply restore it to defaults to clear anything someone has put in there purposely). Then set it up securely (this takes into account setting up the wireless in a secure fashion).
2) Have someone take a look at your computers in the house to make sure nothing was put on them that will allow easy remote access. Things like LogMeIn will run as a service in the background and will likely still allow someone to get in even after you secure everything else.
After that you should be fine. At work is a(
Thanks K, u really dont know how much I appreciated what u have told me or guided me. I felt so helpless until u show up. Even now when I come to this website, I have to use public's network to get online with my galaxy tab. I dont dare to do anything with my home computer nor office's computer. You really taught me alot. Thanks K!
Guy!!!!!!!!!!
I have done it severally but I am still encountering the same issue even when syntax error is not involved does it means one cannot shut down remote systems for security reasons.
Guys reply. I am really having a bug in achieving this task.
Thanks………….!!!!!!!!!!!!!!!!!!!!!!!!!
It is possible bcos hacker can easily use any of your shut down IP
and MAC address to access ur network and u will still be assuming it is still in the range of ur IP and MAC.
This bring about vivid physical seeing working system on the network b4 confirming systems on ur network through router record.
Disabling wireless login to a router means u have to disable http in the router?
Guys!!! I have a question that is bugging my mind and the question is "Is it possible to clone a laptop WLAN(wifi) MAC address?
Carrie: You are quite welcome! You are wise not to do anything important on your own computers until you are reasonably sure they are secure again. Hopefully you feel confident about your own hardware soon, once someone looks it over
Azedas: Most routers have a setting to disable wireless login. This simply disallows wireless clients from logging into the router to manage it, it doesn't affect http traffic. With this enabled (in theory), the only way to change settings on the router is to use a computer physically cabled to it. As for MAC whitelisting, I think it's largely a waste of time and it's annoying to deal with from an admin perspective. Any competent intruder will simply MAC spoof anyway. You are banking on complex AES encrypted keys to keep out intruders, though mostly you are simply hoping to offer a more annoying target than your neighbors.
Have a great weekend everyone.
Okay, but I still need a clarification of this issue. Please, do you mean there would be an optional
setting for disabling remote access of a network PC to router of once http is disable all PC on the network would be denied from having admin access or are there any update u can give me on new routers.
Azedas: Sorry, I am not quite sure what you are asking me. All I am saying is that on some routers you can configure a setting so that only WIRED clients are allowed to login to the router. Which means that someone will have to have physical access to your router to make changes to it (normally a good thing).
So yes, remote access to the router is denied when trying to make that connection wirelessly, but it will be allowed if the machine is cabled to the router. This does not affect any http traffic otherwise.
I know a few Netgear routers DO NOT let you do this, but many others do.
Here's a link that will hopefully offer some visual explanation for you and help to clarify.
(Didnt' even realize the link was from this same site…..that's handy!)
I am tapping into someone else's wireless connection.
Are they able to see my history and the sites I have been visiting easily?
I am not worried about being hacked, but just wonder if they can see the history and what sites I am on throughout the day.
Any time you connect to someone else's network, there is always the possibility that they are tracking your every move…..so yes. Depending on what their setup is between your computer and their internet connection, they could have a complete history of your internet use.
If they are sharing the internet with you willingly, you need to decide how much you trust that person. Otherwise….bad boy! You take your chances…
Any chance you'd know how to do this on a mac os x?
My wireless network has been abused by neighbors who've been streaming videos non-stop.. 250$ bills.
I think the problem is my router's been on 'linksys' for so long without our family knowing and our actual secured wireless network hasn't been in function, to our mistake.
There is no reason setup should be any different on an Apple machine (to the best of my knowledge) vs a Windows (or whatever) one, but here is a link designed for using Safari to get into a fairly mainstream Linksys router.
If you are really in doubt, you should visit the linksys support page for your specific model router (should be on a sticker on the bottom of the device) and follow those instructions to setup a nice secure WPA2 encrypted connection (or the highest level of encryption you can use given the devices that will need to connect).
Good luck!
i love wireless
@: Yeah. It is possile to view your browsing history if Log is enable in the wireless router..
Guys!!!!!!!!!!!
I need a simplified guide on how to configure RADMIN 2 and 3 for remote support on a network and not Advance IP scanner.
Thanks in advance your contribution would be appreciated.
Great page.
thank you!
I don't know if anyone mentioned this or not but there is a free program called Look@Lan, that with only a few clicks will not only tell you if anyone is connecting but will give a sound notification when they connect to your network.
For those who don't know the latest threat to your wifi security is WPS (wifi-protected-setup), its how hackers can get into your WPA/WPA2
protected router almost with 100% success regardless of how obscure your password is. Find out if your router uses this type setup, if it does, learn about it and the flaw thats in your security. Videos can be seen on youtube on how they do this, type: crack wpa2 with reaver in youtube.
I love what you guys are usually up too. Such clever work and exposure!
Keep up the great works guys I've you guys to my personal blogroll.
thanks foor the great info
Leave a Comment
Categories
Check It Out!
Popular How-To Articles
Getting Started
