I think my Wi-fi is being leeched, Please help!
June 11, 2007 2:09 PM   Subscribe

I think my Wi-fi is being leeched, Please help!

I have had no problems with my old wired router for broadband for my 2 laptops. No problems with speed or Ping.

I upgraded to wi-fi at home for my 2 laptops. I got recommended The Netgear DG834G, both connect to the internet fine.

Im using WPA-PSK (Wi-Fi Protected Access Pre-Shared Key) for protection. Got a choice of WEP (Wired Equivalent Privacy) and WPA-802.1x

When playing online games it Good and bad at times. Im getting 300-500ms ping on World Of Warcraft. Sometimes its so bad I turn off the router and restart it. For 2-3 mins its 150ms then jumps back to 300-500ms.

Incase you asked, none of the computers connected are downloading anything.

I was so pissed the other night I disconnected the router for 16 hours. The next day I played the game, perfect pings. Day later back to being bad.

Security is turned on, I check the attached devices when ping is bad and it says UNKNOWN as an Computer Name.

Whats weird is that when sometimes I get a popup from Windows saying that my IP is conflicting.

Both Laptops are 192.168.0.2 and the other 192.168.0.3

Upgraded to latest Firmware on the router.

Could someone be hacking into my router for free access?
If so How can I stop it as its annoying.
posted by spinko to Computers & Internet (38 answers total) 3 users marked this as a favorite
 
What are you using for security?
posted by SansPoint at 2:19 PM on June 11, 2007


Response by poster: A few options from the router.

Wireless Access Point
Enable Wireless Access Point (TICKED)
Allow Broadcast of Name (SSID) (TICKED)
Wireless Isolation (UNTICKED)

WAN Setup
Connect Automatically, as Required (TICKED)
Disable Port Scan and DOS Protection (UNTICKED)
Default DMZ Server (UNTICKED)
Respond to Ping on Internet WAN Port (UNTICKED)

LAN IP Setup
LAN TCP/IP Setup
IP Address: 192.168.0.1
IP Subnet Mask: 255.255.255.0
RIP Direction: None.
RIP Version: RIP-1

Use Router as DHCP Server (TICKED)
Starting IP Address : 192.168.0.2
Ending IP Address: 192.168.0.254

UPnP
Turn UPnP On (TICKED)
Advertisement Period (in minutes) ; 30
Advertisement Time To Live (in hops) : 4

Hope this helps.
posted by spinko at 2:19 PM on June 11, 2007


What time are you trying to connect? Don't ISP's typically experience slower connectivity or whatever in the evening as more people access the Internet for their own WoW or Torrent sessions?
posted by KokuRyu at 2:22 PM on June 11, 2007


Response by poster: What are you using for security?

Its got a built in Firewall, and Windows Firewall is turned off on my laptop.

I've got the ports for WoW setup on it.
posted by spinko at 2:23 PM on June 11, 2007


Try port forwarding for each game and see if that brings the ping times down.
posted by 517 at 2:23 PM on June 11, 2007


Response by poster: What time are you trying to connect? Don't ISP's typically experience slower connectivity or whatever in the evening as more people access the Internet for their own WoW or Torrent sessions?

I didnt have this problem when it was wired. Im on the top Package for ADSL.
posted by spinko at 2:25 PM on June 11, 2007


When you say BOTH laptops are at 192.168.0.2, do you mean that you have two laptops with the same IP? If so, you need to change one of them.
posted by stovenator at 2:26 PM on June 11, 2007


Response by poster: Try port forwarding for each game and see if that brings the ping times down.

Already done it for WoW when I got the router. No difference.
posted by spinko at 2:26 PM on June 11, 2007


Response by poster: When you say BOTH laptops are at 192.168.0.2, do you mean that you have two laptops with the same IP? If so, you need to change one of them.

Both Laptops are 192.168.0.2 and the other 192.168.0.3 they have different IP's.

When I get the slowdown I get the IP conflict popup.
posted by spinko at 2:27 PM on June 11, 2007


can you limit by MAC address? That would prevent anyone from connecting. Does it show the MAC of the "UNKNOWN" connection?
posted by delmoi at 2:27 PM on June 11, 2007


I'll ask again... are there two different laptops with the same IP address of 192.168.0.2 ? If so, change it so Laptop1 is 192.168.0.2 and Laptop2 is 192.168.0.4
posted by stovenator at 2:30 PM on June 11, 2007


Response by poster: Im letting windows choose the setting on my pc as its set as DHCP. I do a "IPconfig /all" in command prompt in Windows, thats how I know what is my IP on the machine.

Is there anyway to lock the router to 2 MAC addresses so no one else can connect?.

Can Allow Broadcast of Name (SSID) (TICKED) be unticked? and change the name of the SSID.
posted by spinko at 2:31 PM on June 11, 2007


If you've got WPA turned on, it's unlikely someone is using your wireless connection without the key. You can check by looking under "Attached Devices" in the maintenance menu (probably a good idea to do this when your connection is slow). If both your laptops are on and connected, there should be two entries here. If there are more then someone else is using your connection. The two entries you find should have MAC addresses that match those of your laptops, which you can determine as described here.

If no one is hijacking your connection then the likeliest cause of speed problems is spyware or a virus on one or both of the laptops. Run the usual spyware and virus removal tools on both machines (or just stop using Windows).
posted by caek at 2:32 PM on June 11, 2007


In terms of security, you want to look at configuring WEP or WPA authentication. In the simplest of setups, this denies connection to the wireless network without a password. More complex systems require MAC Addresses added to the router configuration that will actively hide the network from unauthorized devices.
posted by SansPoint at 2:33 PM on June 11, 2007


Response by poster: I'll ask again... are there two different laptops with the same IP address of 192.168.0.2 ? If so, change it so Laptop1 is 192.168.0.2 and Laptop2 is 192.168.0.4

Ooops I mistyped. Laptop 1 is 192.168.0.2 and Laptop 2 is 192.168.0.3 they arnt sharing the same IP.
posted by spinko at 2:33 PM on June 11, 2007


Ping the router when its bad. ping 192.168.0.1 (i assume).

If youre getting dropped packets and bad pings (should be under 5ms) then its radio interference. Try switching your wireless router to a different channel. There are three non-overlapping channels in wifi 1, 6, and 11. So if youre on 6, switch to 11 and see if it helps. I find most devices default to 6 usually leaving 11 and 1 pretty free.

Also things like cordless phones at 2.4ghz and microwave use can hurt the connection.

Lastly, look at your DHCP clients table. You should be able to see your devices. If you see strange computers on there, then you have a leecher, which is unlikely if you are actually using WPA with a strong password.
posted by damn dirty ape at 2:33 PM on June 11, 2007


Response by poster: can you limit by MAC address? That would prevent anyone from connecting. Does it show the MAC of the "UNKNOWN" connection?

UNKNOWN is device name when it pops up.

How do I limit to a MAC address in the settings of the Netgear router?
posted by spinko at 2:35 PM on June 11, 2007


Disable Port Scan and DOS Protection (UNTICKED)

Disable this. It can be causing problems.
posted by damn dirty ape at 2:35 PM on June 11, 2007


Is there anyway to lock the router to 2 MAC addresses so no one else can connect?

Yes. Point your web browser at 192.168.0.1, enter the username and password (probably "admin" and "password"), then under Wireless Settings choose Setup Access List. Those numbers are the MAC addresses mentioned in my previous post. It would be worthwhile you reading the documentation that came with your router.
posted by caek at 2:35 PM on June 11, 2007


Response by poster: Disable Port Scan and DOS Protection is now (TICKED)
posted by spinko at 2:37 PM on June 11, 2007


Response by poster: Yes. Point your web browser at 192.168.0.1, enter the username and password (probably "admin" and "password"), then under Wireless Settings choose Setup Access List. Those numbers are the MAC addresses mentioned in my previous post. It would be worthwhile you reading the documentation that came with your router.

Wireless Station Access List

Turn Access Control On

Trusted Wireless Stations (TICKED)
Device Name MAC Address
LAPTOP 00:16:6F:46:19:60
VINNIELAPO 00:13:02:A1:B3:7D

Just done it. Fingers crossed.
posted by spinko at 2:43 PM on June 11, 2007


Response by poster: Have you changed the default password on your router?

Yes, Im not that much of a noob. I changed the password when I got the router.
posted by spinko at 2:43 PM on June 11, 2007


Response by poster: C:\Documents and Settings\Vinnie>ping 192.168.0.1

Pinging 192.168.0.1 with 32 bytes of data:

Reply from 192.168.0.1: bytes=32 time=2ms TTL=255
Reply from 192.168.0.1: bytes=32 time=2ms TTL=255
Reply from 192.168.0.1: bytes=32 time=1ms TTL=255
Reply from 192.168.0.1: bytes=32 time=2ms TTL=255

Ping statistics for 192.168.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 2ms, Average = 1ms

----

Ping in WoW is still 400ms.
posted by spinko at 2:47 PM on June 11, 2007


The IP conflict still troubles me, as I have doubts that leeching is causing the IP conflict.

Is there anything plugged into the router via a wired connection? Is the router 192.168.0.1 ?
posted by stovenator at 2:47 PM on June 11, 2007


If someone is sophisticated enough to break your WPA they are sophisticated enough to spoof a MAC address so don't count on this for much security, although it can't hurt.

Try wiring into the router when things get slow. If that improves things it is likely a bad radio connection. If that doesn't help try putting a tinfoil hat over the router antenna (thwarting any WiFi hijackers) while you are still hardwired in. If your situation changes then you might have a hijacker. I doubt it will change and I doubt anyone is hijacking your WiFi with WPA enabled.
posted by caddis at 2:50 PM on June 11, 2007


Response by poster: My details now, was on Channel 8, changed it to 1.

Wireless Port
Name (SSID) ThisIsntForSharing
Region Europe
Channel 1
Wireless AP Enabled
Broadcast Name Enabled
posted by spinko at 2:50 PM on June 11, 2007


Response by poster: I went to www.speedtest.net.

http://www.speedtest.net/result/138736732.png

My results on a bad day.

http://www.speedtest.net/result/136449548.png
posted by spinko at 2:53 PM on June 11, 2007


Response by poster: Ping in WoW is now 241ms, already an improvement.
posted by spinko at 2:55 PM on June 11, 2007


Response by poster: Is there anything plugged into the router via a wired connection? Is the router 192.168.0.1 ?


Router: 192.168.0.1
Laptop1: 192.168.0.2
Laptop2: 192.168.0.3

Nothing else connected.
posted by spinko at 2:56 PM on June 11, 2007


Best answer: 1. Turn off the wireless connectivity on your router.
2. Connect your laptops to the router via Ethernet cable and use it this way for 1-2 days.
3. If you still have issues, then it obviously has nothing to do with leechers and you need to troubleshoot your internal network settings, check for spyware, torrent applications hogging bandwidth, etc.
posted by junesix at 2:58 PM on June 11, 2007


Response by poster: Yep, both computers get a spyware check every 2 weeks, no bit torrents installed due to bad download speeds.
posted by spinko at 3:00 PM on June 11, 2007


Response by poster: Is this problem persists, can you recommed a decent secure router? im not on a budget, but its for home use.
posted by spinko at 3:01 PM on June 11, 2007


Its probably not you - a lot of WoW europe players are having the same problem. Are you with Virgin Media? If you ping the WoW servers usually you'll see it struggling when it gets to Telia.
posted by missmagenta at 4:19 PM on June 11, 2007


Response by poster: Im with Vispa ADSL
posted by spinko at 4:29 PM on June 11, 2007


This IP conflicting business has me intrigued.

What do you get if you stop whatever you're doing as soon as you get that popup, and run ipconfig /all on both laptops?
posted by flabdablet at 6:10 PM on June 11, 2007


Best answer: I'd like to suggest a few things to help you troubleshoot, that might make a little more sense to someone non-technical like yourself.

First: just to rule out any IP conflict wierdness, consider changing your laptops to 192.168.0.100 and 192.168.0.110, or two other 192.168.0.x numbers that are up in the 20-200 range. This will get you away from a conflict with anything wired that might be grabbing a low default address.

Second: move your laptops within 10 feet or so of the wireless router (but not within 3 feet) and with line-of-sight unobstructed.

Third: connect a wired computer to your router, one that has a windows networking share running on it. Perhaps one of your laptops via wired connection instead of wireless.

Make sure you can surf into the share and download files from it on your laptop. Once you can do this, download a huge file and look at the speed you're getting; you'll find one of two things:

1. The speed is terrible. If so, there's some kind of crazy radio interference going on, or something similar. Leeching won't impact this, because a leecher is surfing the web, and your bandwidth via the Internet is much lower than your in-house (wired computer to wireless computer) bandwidth.

2. The speed is great. If so, then move your laptops back to their normal locations and go about your business. When performance on the network goes to heck again, run the download test. If the speed is terrible NOW, it's sporadic radio interference; if the speed is still good, you're looking at a latency issue that has nothing to do with your wireless connection directly.

I hope that helps.
posted by davejay at 6:21 PM on June 11, 2007


If the DHCP server allows you to make reservations, create them for both of your computers. This will lock the IPs to the MAC addresses of the wireless cards. Then, shrink the DHCP IP Address pool down to two addresses. Nobody else will be able to connect. Some APs allow you to just lock the MACs to the AP so that only those MACs can connect, regardless of DHCP pool size. The latter is the simpler way.
posted by rhizome at 11:46 PM on June 11, 2007


caddis is right, MAC address filtering is trivial to bypass (as is most WEP). It is not "[a] more complex system and MAC address filtering does not "actively hide the network from unauthorized devices".

You want to change to WPA2, change the WPA2 password to a strong alphanumeric password, change the router pass again and leave SSID broadcast on.
posted by dance at 1:52 AM on June 12, 2007


« Older Finding combinations in PHP   |   Ambient bad apartment smell? Newer »
This thread is closed to new comments.