Need help securing router...hacker idiot is using my internet! HELP!

[InlineFive]

Help, what do I do? Here's what I have right now...

1. MAC Address Filtering specific to my laptop. Even though the router Connected Devices screen shows this imposter using a different MAC address.
2. 128-Bit WEP Privacy: Nobody else knows this password except me.

His laptop is using the same name as my laptop (LAPTOP, BTW) but his MAC address is different. Apparently he hacked my WEP even though I use this router's wireless aspect very rarely. It's a Netgear MR814v2.

From the looks of things he's also looking at inappropriate sites on the internet which my provider will disconnect me for (by viewing logs). :| He has also sent a Trojan horse through but my firewall caught it. It seems that he has been connected for several months because I have got this Trojan before but never though much of it.

Would a Static IP Address System with a maximum of three users block him or what can I do? I have temporarily turned off Wireless Server also.

-Por

 

[JackMDS]

Change the WEP passphrase every day. It will keep him very busy.

 

[InlineFive]

But if my router can see his MAC address why dosent it block him?

-Por

 

[BoKingWen]

Try Hard reset your router, this will require you to re-enter all your information. This time on your router enter MAC address for you laptop, this way only your laptop will be able to get internet acess.

Most important is change your router password, do not use the default password. Also change your WEP name, I suggest you change somthing that is not a dictionary word, this will be harder for the hacker if he use any password hacking program to hack your router.

 

[Chadder007]

Dang....I wonder how far away from you he is... Go knocking on doors if your in an appartment.

 

[InlineFive]

Originally posted by: BoKingWen
Try Hard reset your router, this will require you to re-enter all your information. This time on your router enter MAC address for you laptop, this way only your laptop will be able to get internet acess.

Most important is change your router password, do not use the default password. Also change your WEP name, I suggest you change somthing that is not a dictionary word, this will be harder for the hacker if he use any password hacking program to hack your router.

I had MAC Address FIltering enabled but I had the router enter it. SHould I enter it manually?

-Por

 

[gunrunnerjohn]

MAC address filtering is next to useless. In truth, there is no way to absolutely secure 802.11b WiFi right now. Your best bet is to do three things.

- Enable WEP with the maximum size key your equipment supports
- Disable SSID broadcasts
- Enable MAC filtering

In addition, change your WEP key regularly, because cracking programs need to monitor a significant amount of data to develop the new key.

Of course, if you just run a wire to where you want to use your laptop regularly and disable the wireless for a while, that might discourage him.

 

[InlineFive]

Originally posted by: gunrunnerjohn
MAC address filtering is next to useless. In truth, there is no way to absolutely secure 802.11b WiFi right now. Your best bet is to do three things.

- Enable WEP with the maximum size key your equipment supports
- Disable SSID broadcasts
- Enable MAC filtering

In addition, change your WEP key regularly, because cracking programs need to monitor a significant amount of data to develop the new key.

Of course, if you just run a wire to where you want to use your laptop regularly and disable the wireless for a while, that might discourage him.

Question for you. Does this data have to come from the router's broadcasts or an exchange between my laptop (which I presume is broadcasting the WEP Code)? Because if the password and whatnot come from the router he could hack it in less then a day.

Another question, is it more secure to specify a passphrase to create a 128-Bit WEP code with or just make up a new WEP Code? The Passphrase is easier especially if it's going to be an alphanumeric code.

-Por

 

[gunrunnerjohn]

The cracking programs analyze the data stream and develop the WEP key. It takes a few hours of traffic to crack the WEP key, so if the traffic is light, it might take 2-3 days to have enough information.

As long as you mix up the passphrase, I imagine it's as good as typing in the hex key. I have different brands here, so I have to invent new hex keys.

 

[bobcpg]

find out what ip he is using and block port 80 to it.
maybe he'll think you have him licked and stop


-bob

 

[Thoreau]

Originally posted by: gunrunnerjohn
MAC address filtering is next to useless. In truth, there is no way to absolutely secure 802.11b WiFi right now. Your best bet is to do three things.

- Enable WEP with the maximum size key your equipment supports
- Disable SSID broadcasts
- Enable MAC filtering

In addition, change your WEP key regularly, because cracking programs need to monitor a significant amount of data to develop the new key.

Of course, if you just run a wire to where you want to use your laptop regularly and disable the wireless for a while, that might discourage him.

One other item you might consider, and I think you already mentioned it earlier, disable DHCP and go static. Moreover, go with something other than the default IP ranges (192.168.0.*), something like 10,blah might be a good idea. The theory behind ditching DHCP is that say this person does make it through the lack of SSID broadcasting and MAC filtering, they still won't even know what IP to assign themselves (assuming they havent gotten past the WEP encryption yet.)

Until i returned my wireless router, I had actually left the AP portion disabled unless I actually needed it at that moment. In the end, the fact that most AP/Router combos keep the wireless network together with the wired LAN turned me off of the idea. I'd love to see manufacturers seperating the wireless network a bit more, even if it's nothing more than putting it in a DMZ so that someone can't drive by with a laptop and be able to skip past my router and into my private network.

 

[Cheetah8799]

If this is a home wireless router, then you probably don't get much range from it. This hacker punk is probably one of your neighbors! Do you have any teenagers or college age people living nearby who might do this? Do you know your neighbors well enough to ask them if they know who might do this?

I say figure out who it is and go pay him a visit. And maybe call the cops too. Isn't breaking into wireless networks a federal crime?

 

[Matthias99]

Breaking the router's encryption (or more specifically, writing or using software that breaks its encryption) is a violation of the DMCA, I believe. I don't know what statutes using your system without authorization would fall under, but I'm sure the police would love to hear about it.

 

[buleyb]

Just as an added note, if the attacker knows any plaintext/ciphertext pair (which in some traffic situations is can be guessed fairly easily), he can get your key, as RC4 is a simple XOR stream cipher.

 

[gunrunnerjohn]

Originally posted by: Matthias99
Breaking the router's encryption (or more specifically, writing or using software that breaks its encryption) is a violation of the DMCA, I believe. I don't know what statutes using your system without authorization would fall under, but I'm sure the police would love to hear about it.

Get real! There are programs readily available, and it's happening all over the place. This falls into the same crack as all of the p2p guys, there are so many that they can only grab a handful. I think hell will freeze over before anyone gets prosecuted for hacking his neighbor's wireless and borrowing a cup of Internet.

 

[Hyperfocal]

Don't fool around. Call the cops. Check if your local cops have access to a computer crimes task force.

This guy is hacking your system -- apparently to satisfy his illegal sexual tastes.

On top of that, he tried to infect your system with a trojan.

He is a malicious hacker and should be dealt with harshly.

 

[Matthias99]

I didn't say it's not happening, just that it's not legal. People speed every day, and drive drunk, abuse illicit substances, and do all sorts of other stupid and illegal things. It doesn't make it right.

Logging into your neighbor's unsecured wireless network and surfing the web is one thing. Cracking their router's security and using their connection to plant trojan viruses is another -- and that *will* get the attention of any police department that cares at all about cybercrime. Or the FBI.