unauthorised attempts to log on to my wifi

bealbocht

am using WPA-psk encryption with mac filtering.

in the last couple of days, I have seen a lot of unauthorised attempts to log on to my wifi router. All from the same mac address.

I have changed the WPA-psk password (about 60 characters) , but Im wondering is this more likely to be, someone who does not really know what they are doing, and tried to connect and couldnt, and now the laptop/wifi device is continuing to try and connect,

or is the WAP cracked , and the mac filter is keeping them out ???

and apart from shouting at all my neighbours, is there anything I can to do stop it.

kkontour

WPA is fine, WEP is cracked though,
You could.
Change the SSID and stop SSID broadcast.
Configure WPA-PSK
Disable DHCP
Enter MAC address for your laptop and enable mac address filtering

On your laptop,
manually configure wireless profile ie. SSID, encryption setings, etc/
manually configure IP address ie, IP address on same subnet, DNS, gateway.

You should be pretty secure at that,
KK

eddhorse

WPA-PSK can be cracked with a dictionary attack so make sure your key is unique (Uppercase/lowercase/numbers/wildcards)
MAC filtering is unsecure as a MAC address can be spoofed ie i can cahneg the MAC on my laptop to be the same as yours.

Dont be too worried, you should have firewalls etc on your laptop as well

lucernarian

If the wifi has already been compromised before MAC address filtering was enabled, then MAC address filtering would be of limited use. If there was a MAC address obtained which is rarely used, then it could have been cloned.

The "innocent" computer would not be able to connnect to the network or internet if the unwanted computer had already connected.

But if MAC address filtering was already in place, then it would be impossible to clone what the person couldn't see. If the person knows you or has been in your house, he could have taken a MAC address. They're often written on the underside of equipment.

But that's entering conspiracy/paranoia territory.

I can't think of much else you can do to stop someone making unsuccessful connect attempts. I think changing the SSID and stopping SSID broadcast would stop the connect attempts if they were accidental. If they continue, well try and use WPA2 as it's currently completely safe and uses a better encryption algorithm. Otherwise, tough cookie:o

I don't see the point in all that manual configuration stuff though, turning DHCP off will mean any unwanted user simply has to guess the first 3 parts of the IP address (which is nearly always 192.168.1. or 192.168.0.) and will have to get his own DNS settings. It's not worth the hassle to slow someone down by half a minute.


Btw: Some routers allow you to change the second-last number of its IP address range. So you could have 192.168.9.whatever. (subnet mask of 255.255.255.0) Any unwanted user would have to guess the second digit when trying to find a working IP address. That could easily take 10 minutes or more to find. It's a reason not to use DHCP but turning it off will not really stop unwanted connections.

seamus

WPA with a maximum length non-dictionary password should be good enough.

Anything else such as disabling SSID, MAC filtering, switching off DHCP is useless if an attacker is capable of cracking your password. It's the equivalent of putting a series of two-foot walls in your garden to try stop burglars. That is, they will slow down any potential burglar but will be a far bigger headache for you than for him.

Chances are that this is something all very innocent, such as one of your neighbours having recently gotten a new laptop. Windows by default will scan and sometimes try to connect to nearby networks unless you tell it different, so you might simply be seeing a failed connection attempt every time the laptop is switched on.

I don't think it's worth worrying about or going to any more hassle than you have done.

humaxf1

Turn wireless off when you're not using it

Username!

Just hide your SSID, changed your WPA and you'll be grand.

It's not as simple as clicking a few buttons to hack Wi-Fi (unless it's a Netopia of course).

kmick

Alternatively get yourself a FON and make some money. I can send you an email for a free one if you are interested.