How can I mess with an unauthorized user on my friend's wireless network?
March 13, 2004 2:17 PM   Subscribe

Do your friend a favor and lock down his/her wireless AP either with WEP or by only allowing certain MAC addresses to access it.

As for messing with them, you're asking for a lot and most of which is illegal and unethical. If the other party doesn't have a firewall you can always get their IP and net send them stuff

net send x.x.x.x This is the police! We have you surrounded for stealing internet access. Come out with your hands up.

etc
posted by skallas at 2:20 PM on March 13, 2004

The wireless router's admin tool (access and features dependinng onthe router, of course) may have an option to force users to a home page of your choice. It may also allow you to block certain sites, and redirect them to others. I'd check which sites they visit, then redirect requests for those sites to something appropriately hilarious.
posted by o2b at 2:21 PM on March 13, 2004

Also note, even if you find a hack to do something nasty to him - winXP autoconnects to APs. He may think he's using his AP or is on his wired connection.
posted by skallas at 2:22 PM on March 13, 2004

Or, you know, you could just let him/her use it. I mean, what are the real concerns?

1. They'll try to break into your computer
2. They'll do illegal things on your account
3. They'll take up bandwidth when you want it

You want your computer to be set up so that #1 is not an issue anyway. I don't think #2 is a real concern, particularly if you (lightly) monitor bandwidth and can be sure they're not hosting, you know, bootlegs of Starsky & Hutch or child porn or whatever. As for #3, OK, here's a reason to shut it down if they're diminishing your ability to effectively use your computer, and someone who's so cavalier about their good fortune deserves to have the boom lowered on them.

But failing those three things, why not just share? Are the risks so great or consequences so high that they trump general neighborliness?

On that note, anyone that wants to park outside my house in Stoughton, WI, and check their mail is welcome to; the network is called "Spaceport Spiff."
posted by blueshammer at 2:31 PM on March 13, 2004

I'd like to surprise the thief before I tighten up the permissions. How can I do that?

As mentioned, the user may not even know they're connected to someone else's network (XP will preferentially connect to an AP since it's at 11Mbit and their home connection is probably 10Mbit or slower). Even if they do know, they're not doing anything bad (apparently), and their activities have most likely had a negligible impact on you and your friend.

Just close the AP -- there's no reason to do anything to the user.
posted by j.edwards at 2:33 PM on March 13, 2004

Some Socialist you are. Where's the sharing? The easiest thing would be to just add WEP (I'm impressed that XP would connect to an open network: I had to add WEP before my new XP machine would deign to connect).

In hizzoner's defense, he did try to keep me from breaking into a roommate's locked Word files back in the day.
posted by yerfatma at 3:36 PM on March 13, 2004

You know, not that anything would really happen, but I wonder what the potential (worst-case) DMCA implications could be if you did something semi-, but not really nasty. On the one hand, you're intruding onto their system. On the other, they're (let's say unwittingly, thanks to XP) intruding onto yours.
posted by Sinner at 4:11 PM on March 13, 2004

It's really not a DMCA issue, it is a (potential) Computer Fraud and Abuse Act and/or a (potential) Electronic Communications and Privacy Act issue. Those are both federal laws, there may be possible state law issues too. Did I mention that there are both civil and criminal penalties under the two federal laws? Fun stuff.
posted by anathema at 4:29 PM on March 13, 2004

Today's AskMe post, tomorrow's evidence.

Just sayin'.
posted by anathema at 4:33 PM on March 13, 2004

I might add that since Ashcroft became Attorney General, federal prosecutors have a lot less discretion than they used to. The prosecutors have been informed by the DOJ that they cannot cut the deals they used to cut, meaning if something criminal goes down with one of the laws I mentioned the feds now have to go for the stiffest penalties possible. Coincidentally this information came straight from a federal prosecutor in Massachusetts. The case law having to do with the two federal laws is pretty intimidating.

There's actually some good background here.

The Computer Crime and Intellectual Property Section (CCIPS) of the Justice Department has been really beefed up over the last few years and they have been very active.

Sorry to be a party pooper, but I say just lock the router down.
posted by anathema at 4:49 PM on March 13, 2004

I just got a wireless router myself and have no idea how to even tell if anyone else is using it. (I use OSX).

Should I really be concerned? What do people have access to besides my bandwith (which I don't really care about as it's unlimited)?
posted by dobbs at 6:01 PM on March 13, 2004

Your bandwidth is limited. There probably isn't a monthly limit (although soon there could be) as far as data transfer but there certainly is a limit to the rate of transfer. Enough sharing of bandwidth would in fact effect speed. Someone please correct me if I'm wrong.

As far a telling what's happening on the network, I believe Network Utility can provide that info. Someone else should chime in on that one.
posted by anathema at 6:13 PM on March 13, 2004

Should I really be concerned? What do people have access to besides my bandwith (which I don't really care about as it's unlimited)?

Like Blueshammer pointed out, if they're downloading kiddie porn, it's coming through a connection that has an account with your name on it. When the police narrow their search and subpoena your address, it's your door they'll be breaking down, while your sneaky neighbour will be laughing through his window as they carry you off in cuffs.

Jus' saying. But then again, don't submit to such Society of Fear propaganda stuff as I just spurted out.
posted by armoured-ant at 6:29 PM on March 13, 2004

Some providers do limit total transfers. It'd be a shame to have your service discontinued (or have to upgrade to a commercial account) because your neighbor forced you over the monthly boundaries. My local provider has such a limit so I've set my router to only accept certain MAC addresses.
posted by TimeFactor at 6:44 PM on March 13, 2004

Why not call the guy up and say "hey, I notice you're using my Internet, why not chip in $10 a month and we can keep a good deal going?"
posted by Space Coyote at 7:03 PM on March 13, 2004

I'd like to surprise the thief

The thief? If you want to nicely ask the person to stop, you could packet sniff their traffic and figure out their email address, then politely ask they stop over email.

Other than that, you could simply turn on mac address filtering and keep him out.

Personally, I run an open broadcast point from my home and am happy to see the random wayward traveller use it every now and then.
posted by mathowie at 7:42 PM on March 13, 2004

How does one monitor bandwidth usage?

I just got a wireless router, and I've the network name hidden, and I know I need to set up MAC address filtering (every time I've tried, though, the router won't accept the name I give my computer and I. Don't. Get. It.), but in the meantime, I'd like to see if my neighbors are stealing my bandwidth.
posted by eilatan at 8:14 PM on March 13, 2004

Mayor, It may be possible to use the Net Send command to send a message to the MAC address of a computer on a network. This won't work if the Windows Messaging Service is off. It's on by default, but many smart people turn it off. Not sure if it woll work with MAC address, but you probably have the computer name. The syntax from a command prompt in Windows NT or above is:
NET SEND {name | * | /DOMAIN[:name] | /USERS} message
which would translate to
NET SEND STRANGERNAME You're on my LAN. Call me at 555-5555. thanks. The Mayor
It's worth a shot.
posted by theora55 at 8:49 PM on March 13, 2004

My local provider has such a limit so I've set my router to only accept certain MAC addresses.

Is it possible to set it to allow only a limited amount of bandwidth per MAC address not in a given set? Because that'd allow you to do nice things, like blueshammer does, w/o the bandwith-running-dry risk. Probably'd cut down on kiddy porn parasites, too, since porn usually takes bandwidth.
posted by weston at 9:42 PM on March 13, 2004

Personally, I run an open broadcast point from my home and am happy to see the random wayward traveller use it every now and then.

*jeers* you communist!

And I agree. I don't have wireless, because I'm a young university student who has very little money (and spends what money he has on novels and films), but the whole aspect of letting anybody who is around use your connection seems like one of the coolest aspects of wireless internet.
posted by The God Complex at 1:14 AM on March 14, 2004

if you have access to an interface that can see the data then you can dump each file downloaded to a file on disk (can't remember which command. tcpdump maybe?) and then categorise the file type (files) to find, say, images or text - this is (i guess) how those "art" installations that show collages of data passing through some node work. or you could just search (ngrep) the data for a pattern like a credit card number or email addresses. this is all trivial to do.

if that worries anyone, then you should (for you own protection, no moral judgement implied) learn about ssh, encrypted mail, etc.
posted by andrew cooke at 5:37 AM on March 14, 2004

Okay, I'm late to the thread, but in the face of this sort of thing I'd like to recommend Ars Technica's article on Essential Home Wireless Security Practices to everyone.
posted by Gamecat at 8:02 AM on March 14, 2004

Derail: I love, Gamecat, that your first links says:

"Gillespie said the man used Kazaa, a popular file-sharing web program commonly used to share music, to download the graphic material. In a study using 12 words associated with child pornography, the U.S. General Accounting Office found that 42% of 1,286 files on the peer-to-peer site contained child porn."

My question is, how did they choose the 1,286 they would search of the millions of files coming and going ever every moment on KaZaA? And does this mean that all KaZaA users are kiddie fiddlers?
posted by armoured-ant at 6:52 PM on March 14, 2004

I just assumed those 12 keywords pulled out 1,286 files. (Just a guess, never used Kazaa).
posted by Gamecat at 7:31 PM on March 14, 2004

Man, that is the most deceptive statistic I have ever seen. The casual, non-P2P-using reader will come away from that sentence thinking that 42% of everything available on KaZaa is kiddy porn, which is just ridiculous. It's so skewed toward that reading that it's hard to tell exactly what the study's actual findings were. Now if I mention my use of KaZaa Lite in passing to someone who just read that article, they'll think I'm a pedophile.* Thanks, Toronto Sun.

I don't have a wireless network, but I wouldn't want to close it off from the public entirely if I did have one. Still, if I did have one, I would worry about someone using it for evil purposes, and I'd want to be able to monitor exactly what was going on and who was sending and receiving what, maybe limit the size of file transfers except for certain MAC addresses, if that were possible. (Is it? I don't know.) How legally culpable can the owner of a wireless network be if some random person is using your bandwidth to run the local terror cell or something? Are you any more culpable than an ordinary ISP, or your local library? And how likely is that scenario anyway?

OT: Man, what kind of moron drives around with his pants down watching kiddie porn? Even if it were perfectly legal porn, and I had no compunction about using someone else's connection to download it, I'd still wait until I got home to actually watch it. Sheesh - talk about impulsive.

*disclaimer: I am not a pedophile.
posted by skoosh at 4:56 AM on March 16, 2004

« Older Seasonal color palettes: I goo...   |   I need to identify a song. Hea... Newer »

This thread is closed to new comments.