how do find a hacker on my wireless network

Asked by Dolaufankid on 2007-04-29

I have Ubunutu 6.06 LTS. I have recently found that my linksys wireless modem routers, internet activity led is often showing furious internet activity,although I am not using the net. I have tried Nessus but I dont know how to use it to detect who may be conecting, using my ISP. or even if its capable of giving me this data. any info please

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu gnome-nettool Edit question
Assignee:
No assignee Edit question
Solved by:
Alessandro Pascali
Solved:
2007-05-03
Last query:
2007-05-03
Last reply:
2007-05-02
Bump (bump55) said : #1

The router is a hardware device independent of the computer, that has nothing to do with it. With software tools running on your computer, you see traffic in your computer, but not in the router itself. What you can do with a computer is spy which stations are connected to you access point, and that does rely too much on the hardware. You should go to aircrack-ng website and search forums and docs.

Cesare Tirabassi (norsetto) said : #2

With Linksys you can also check browsing to http://192.168.1.1/setup.cgi?next_file=Setup.htm (username and password are admin/admin unless changed).
Go to Status -> Wireless get MAC number from Wireless Clients Connected and block it in Wireless Access.

This way I caught my neighbour's teen boy .....

xcxcx112 (xcxcx112) said : #3

you can only catch the boy by identify his MAC number. This is the unique number of his hardware, also the number of this PC-Card.
To identify it, you can look at the Network tools in your ubuntu or you can monitor his activity by using Wireshark.
To prevent strange people using your network, you can add his MAC number to block as Cesare Tirabassi said. On that way, you only allow your and/or known MAC to connect to your network.
But, there are tools that can fake and change the MAC number like Macchange, in this battle you will lost.
Cracking private wireless network you only need some hours and to decrypt your password only some seconds. The chance depends on your internet activity and the collected IVs
My better recommendation, use wire network instead of wireless. WEP, WPA and all that sorts do not help you.

Hope that helps

xcxcx112 (xcxcx112) said : #4

> But, there are tools that can fake and change the MAC number like Macchange, in this battle you will lost.
Adding more info: But if you set up to allow only your MAC number to use your network, then you will probably win. Because he must know your MAC number to fake it as his own to attack on the Access Point. You can find your own MAC number usually printed on the backside of your Card, it looks like this, eg.: 000FE52B29C2

The ONLY way to impede that your wireless network is used in a fraudulent way, is using WPA or WPA2, but this depend from your router (mine can't handle WPA).
With WPA, if you don't have a really good router, you will experience some reduced net performance, in terms of frequent lost of connection...

Good luck!

Phoenix (phoenix-dominion) said : #6

If you don't even use WEP, then this guy is far from being a hacker, he or she simply connected to your network. There are known ways to crack a WEP encryption, but nevertheless this requires some knowledge and tools - and IF then someone uses your network, then we may start arguing if the term "hacker" applies....

So for startes, activate WEP :) - though, anything stonger is recommended...

Dolaufankid (brian-hill25) said : #7

Thanks for all your help on this. but mine can't handle it either

Sorry about not replying for a while my wife was taken ill since then

Regards
Brian

Dolaufankid (brian-hill25) said : #8

Thanks guys I will just do as suggested and restrict to just allowing my MAC Nos on the Linksys.
as you say they are probably just using my wireless because its there and they are able to.

Regards

Brian