Someone using my wireless setup???

LFCFan

In the last couple of days I suspect that someone nearby is accessing my wireless link and using my internet connection. The only way I've noticed so far is the proxy server giving me grief because it only allows 2 simultaneous connections and has started giving me an error message to tell me this when trying to access the internet on my wireless laptop. Also, there has been hundreds of mails being sent from my machine but none of my mail programs are doing it. The only reason I knew it was happening was because of Norton AntiVirus's mail scanning dialog box popping up saying it was sending a message. Even after disconnecting the wireless AP, the mails continued to send. Is there any way of knowing for sure if someone else is connecting to my wireless network and how would they be doing it. as I have WEP setup with a key??? Even after I turn off the SSID broadcast, they still seem to be able to access it. Is there a chance it's not someone accessing it and something going on with my machine??? Thanks!

jbkenn

LFCFan wrote:

Is there a chance it's not someone accessing it and something going on with my machine??? Thanks!

Looks like your machine has been hijacked

jbkenn

LFCFan

jbkenn wrote:

Looks like your machine has been hijacked

jbkenn

I ran a different AV client and it found a couple of trojans. Any chance it could have been them? If not, what can I do to stop someone hijacking my machine when the wireless connection is active? Ta!

MrPinK

LFCFan wrote:

Is there a chance it's not someone accessing it and something going on with my machine??? Thanks!

If Norton has detected the mails being sent then it's most certainly something on your machine. Some virus has turned your machine into spam zombie. Sound like your AV has sorted it now

what can I do to stop someone hijacking my machine when the wireless connection is active

Most access points will do MAC address filtering for you. Make sure your wireless card is the only one allowed to connect. That along with WEP/WPA is pretty safe.

LFCFan

MrPinK wrote:

If Norton has detected the mails being sent then it's most certainly something on your machine. Some virus has turned your machine into spam zombie. Sound like your AV has sorted it now

Yeah, I reckon it was a virus that was causing the problem. That's the last time I use NAV. It's crap. I've installed Avast instead and it picked up on the 2 viruses straight away.

Most access points will do MAC address filtering for you. Make sure your wireless card is the only one allowed to connect. That along with WEP/WPA is pretty safe.

I have the DHCP server setup so it only gives an IP to my laptop, but if someone already knew the IP range and netmask, wouldn't they be able to just give themselves a static IP address in the same range and be able to access my network?

Capt'n Midnight

LFCFan wrote:

I have the DHCP server setup so it only gives an IP to my laptop, but if someone already knew the IP range and netmask, wouldn't they be able to just give themselves a static IP address in the same range and be able to access my network?

Yes.

The only way to avoid that would be to setup something like
Both using a netmask of 255.255.255.252
10.0.0.1 PC
10.0.0.2 AP

then a third IP would not be able to connect, and if they connected using 10.0.0.1 IP then you would get an error that it was already in use.

MAC filtering will stop most windows users, it's a one-liner to change the MAC address on the fly in Linux etc. but use WEP too.