How to put fear of God (law) into Wi-Fi hacking neighbors

I live in an apartment and some new guys have apparently moved into one of the apartments. They have been shamelessly hacking into my WiFi.
Mine was initially a WEP encrypted network and out of laziness I just limited and reserved the IPS on my router for the people in my house.
Yesterday I had to free up an IP for a guest in my house but before he could join the network these guys connected in.
I have changed my encryption to WPA2 and hope they dont have the hardware/patience required to hack into it, but there are many wi-fi networks in my apartment most of which are secured using WEP. I don't really want to call the police on them. Is there any way to deter them from misusing other people's wi-fi ?

I have gone through I think someone else has access to my wireless network. What next? but I have already taken the steps mentioned there.

Shekhar

Posted 2012-03-28T12:34:49.733

Reputation: 4 815

17If you're really concerned I'd whitelist MAC addresses too. Yes, they can be spoofed, but it's an extra layer of hassle that someone has to go through and might be enough to put them off. – ChrisF – 2012-03-28T12:37:50.763

Already done that ,its just that i hate freeloaders and dont really like that they would be helping themselves to other peoples bandwidth – Shekhar – 2012-03-28T12:48:50.057

1The only way to break WPA2+AES is by trying every combination possible. This is of course only true if you disable WPS. – Ramhound – 2012-03-28T14:13:33.743

A counterpoint to all the people complaining about "freeloaders": Why We Need An Open Wireless Movement

– endolith – 2012-03-28T15:10:20.673

@endolith I'm all for open WiFi, but while individuals are paying for their own, theft is not the answer. – Aaron Bertrand – 2012-03-28T15:34:15.260

Can't you go round to their house? – Chris S – 2012-03-28T15:40:36.953

@AaronBertrand: It's not theft, and the people paying for their access aren't being harmed by others using it. – endolith – 2012-03-28T15:45:55.163

3@endolith really? What about people with data caps, or who pay by the MB, or are trying to download large ISOs and their bandwidth is crowded by people watching porn on borrowed WiFi instead of paying for their own? – Aaron Bertrand – 2012-03-28T15:56:56.603

4It might not literally be theft, but that's essentially what it is if you break into my WEP network to gain access to the line I paid for. You are taking away some of my speed, some of my bandwidth and you are potentially exposing me to criminal charges if you misuse the network. Saying it is not theft is completely ridiculous. – gparent – 2012-03-28T15:57:51.710

1Using someone else's wifi is most certainly not theft, but some might consider it trespassing. – Eroen – 2012-03-28T16:08:49.840

@gparent in most jurisdictions, you are not potentially exposed to criminal charges because someone is able to use your WiFi. Also, I think in a lot of jurisdictions accessing bad protected WiFi's is not even a crime, but that is a different question. Edit: do note that if you are actively altering/filtering the traffic, the legal situation may change as you are now actively taking part into their usage of the network! – Legolas – 2012-03-28T16:36:25.163

1@Legolas I should've made my point more clear: the simple risk of being accused and having to defend yourself in court is, to me, a good enough reason not to have an open network, whether you would be charged guilty or not. – gparent – 2012-03-28T16:50:44.077

@gparent: WEP-protected ≠ "open wireless" – endolith – 2012-03-28T18:37:26.743

@Eroen: You mean the person running the Wi-Fi node is trespassing by broadcasting their signal onto my property, right? :) – endolith – 2012-03-28T18:42:24.257

@endolith: Obviously. Did you know that 0 does not equal 1? – gparent – 2012-03-28T18:44:30.343

@endolith: Nah, we've go the ITU to bestow Glorious Freedoms upon us for EIRP <= -10 dBW, f in [2.4, 2.4835] GHz (provided int_f^{f+1 MHz} EIRP(v) dv <= -20 dBW for all f)

– Eroen – 2012-03-28T19:05:18.960

Answers

One cool thing that I did back in the day was created a separate router off of my normal network. I created a VLAN with the router and had the router plugged into a separate machine.

The separate machine had two NICs, one for the router and the other to my normal network. I made the separate machine act as a gateway for the router. Any and all traffic from the "guest" router would be sent through the gateway machine.

I then tweaked the wifi experience for my "guests":

I throttled the bandwidth down to dial up speeds. Anyone who used the guest access point would pull their hairs out.
I did allow JPG/PNG/TIFF/BMP files to download at full speeds. Unfortunately for the end user, I made them all blurry and upside down.
Certain sites like Facebook, MySpace, random torrent sites (based on key words), and any site flagged as pornography, would automatically redirect them to a Rick Roll Video.

It was more of an educational project to see how I would handle manipulating traffic going through a gateway. Ended up retiring the project since I didn't wan't to upset the neighbors too much.

To directly answer your question about instilling the fear of God into WiFi leechers: Another option, never did this but shouldn't be too hard, is to on any page that the users visit while on your guest network, have a floating div, following their mouse within the browser saying "Jesus is watching you...".

Tutorial

A quick search, I found a tutorial on how to accomplish some of these items. Mess with your neighbors enter image description here

kobaltz

Posted 2012-03-28T12:34:49.733

Reputation: 14 361

3+1 Like the floating div idea ,as i already have the persons PC name I know his name . I think i will tweak it to XYZ I am watching you ... – Shekhar – 2012-03-28T15:13:47.023

that tweaking of pics won't work over a encrypted conneciton though – ratchet freak – 2012-03-28T15:35:22.213

Obligatory reference xkcd of course. @Shakehar this might give you other ideas.

– Zenon – 2012-03-28T16:07:23.297

--- xkcd ftw --- – kobaltz – 2012-03-28T16:09:25.173

how very XKCD of you – Sam Axe – 2012-03-28T16:14:52.580

I would redirect all their url queries to known infected websites sporting multiplatform 0-day exploits. – Moab – 2012-03-28T20:43:21.303

Watch out, depending on your jurisdiction this might be highly illegal! – Peter Smit – 2012-06-07T10:21:24.463

While stealing bandwidth can cost the bill payer (in high usage fees etc.), I wouldn't expect it to be treated as a serious crime in all places. NOTE in places where the act of breaking in to the network (assuming it's got some security) then you could get a prosecution on that basis, but as securing a conviction could be time consuming and expensive - especially if the access point is either unsecured or only lightly secured, there's no direct action you can really take.

I think that the only thing that would be reasonable for you to do is to talk to your other neighbours individually and privately to explain the problem to them and possibly offer to help them secure their networks too. In fact you should informing them of the problem so that they are aware of the potential issues (possibly higher bills, legal issues if the freeloader downloads something illegal, etc.).

Obviously if you do offer assistance and they accept, this will mean that they'll come back to you with all their IT support questions in the future, but that's really your call.

ChrisF

Posted 2012-03-28T12:34:49.733

Reputation: 39 650

1I already run an IT support for my extended family , I don't think I can take the load of helping my neighbors too , but I guess I can talk to them or maybe just post an anonymous not explaining the situation – Shekhar – 2012-03-28T12:51:09.447

Depending on the ISP, they may cap bandwidth per month. Penalties vary, usually just costing extra money if you go over. In these cases, theft of bandwidth really can be taking money out of someone's wallet. – Izkata – 2012-03-28T14:01:15.557

@Izkata - this is true, but I think you'd have a hard job getting a conviction. – ChrisF – 2012-03-28T14:01:57.807

1It's very much illegal in most jurisdictions, but yeah, actually getting anything to come of it would be a problem. – Shinrai – 2012-03-28T14:46:41.207

"Unauthorized access of a computer network" is illegal in most places, and people are arrested and fined for it. Hacking WEP or WPA is clearly unauthorized access and therefore illegal. Accessing an open network is clearly authorized and therefore legal. Your computer asks permission to join the network, and the network grants you permission. https://en.wikipedia.org/wiki/Legality_of_piggybacking

– endolith – 2012-03-28T15:07:15.560

@endolith Is right, this is illegal in most places. – Andy – 2012-03-28T15:38:46.647

@Andy - I agree which is why I've changed the answer to reflect that. – ChrisF – 2012-03-28T15:39:42.337

I'm still not sure I agree that its not treated as a serious crime in most places – Andy – 2012-03-28T15:45:44.610

@Andy - I think it will depend on what the freeloaders are doing. If it's just "regular" browsing then it might be harder to get a prosecution than if it was anything actually illegal (e.g. child porn). – ChrisF – 2012-03-28T15:55:00.900

1Chris, at least in the US, it doesn't matter what they freeloaders do. The point is that they are accessing a computer network they are not authorized to access. Breaking the encryption and just connecting to the AP would be enough to violate the law. – Andy – 2012-03-28T15:59:23.860

@Andy - fair enough. – ChrisF – 2012-03-28T16:00:18.363

People have been arrested for accessing public networks without breaking encryption, which is ridiculous. The enforcement is all over the place. – endolith – 2012-03-28T18:45:32.587

Here's something similar to what kobaltz described, with more technical details on how do achieve it : http://www.ex-parrot.com/~pete/upside-down-ternet.html (a bit dated).

Laurent Couvidou

Posted 2012-03-28T12:34:49.733

Reputation: 155

If you set up WPA encryption and MAC address filtering, I'd say you've done most of what's reasonable. If your router supports WPS (Wi-Fi Protected Setup), make sure to disable it, as well, due to its glaring security flaws.

I ran into the same situation when at school, but instead of hacking WEP, they guessed my passphrase and changed the ssid of my network (setting it to "changeyourpassword" or something).

If you're still fuming over it, I'd say instead of perpetuating the cycle of ill will, channel that hate into something more constructive. Look into further ways of hardening your network, or perhaps redirect that energy into a constructive project of some sort until you've forgotten about it or have gotten past the incident and don't care about it anymore.

Ben Richards

Posted 2012-03-28T12:34:49.733

Reputation: 11 662

2MAC filtering is useless. Lets not forget that every router that exists today is vulerable to WPS exploit unless its been patched to disable it. Based on the specs for WPS there is no solution to the massive design flaw. – Ramhound – 2012-03-28T14:15:15.240

3@Ramhound The point is that it is another tool to use in conjunction with WPA encryption. Correct, it cannot stand on its own, because you can easily spoof MAC addresses. However, it forces the offender to spend that much more effort to find a valid one and then spoof it. Unless they have significant desire to get into your network (like if you were the CIA) then at a certain point it has become prohibitively hard. Prohibitively hard is not the same as impossible, and is not meant to be. But for home users, it's good enough. – Ben Richards – 2012-03-28T14:48:40.763

@Ramhound Also, I did not mention WPS at all. I'll add mention to disable it. – Ben Richards – 2012-03-28T14:50:19.030

3@sidran32: You don't have to outrun the bear, you just have to outrun the other guy being chased by him. – endolith – 2012-03-28T15:13:54.440

2@endolith Precisely. With the proliferation of WiFi networks, if yours is hardest to crack, compared to the others, you'll be safest. – Ben Richards – 2012-03-28T16:08:19.707

If you are already using WPA2 with MAC address filtering and they still get in then you could consider the following ideas.

Use a REALLY long random password which will take forever to crack and change it frequently.

Although I could never legally reccomend this (lets call this a theory), a way to more than likely permanently "scare them off" would be to capture all of their traffic and note all of their credentials. Then confront them with "non-public information about themselves" off of one of their social media sites, etc. If that's not enough, they could "re-unite with their Ex publically which could stir some things up with the current partner" however this might open you up to legal action against you so again I can not advise it, I would only call it a "theoritical application".

Email them (get their email address(es) by sniffing their traffic) that you are monitoring your network and that you have all LOGS that they are connecting without permission and that you will be suing them for the use of your bandwidth and report them directly to any organizations if they are breaking any laws (illegally downloading movies, music, etc. since your Internet provider will hold YOU responsible for what's done on your network). I would look up small claims court in your state and see what the maximum damages are allowed and file suit. Also if you can get video with audio or even just audio recordings of the neighbor telling you off while admitting guilt that they are digitally tresspassing and stealing you may be able to use that in court depending on your state without getting permission from them to record everything. If you can use the recordings, I don't know a judge who wouldn't rule in your favor regardless of how computarded they might be since the neighbor admitted guilt in a recording.

Good luck.

Brad

Posted 2012-03-28T12:34:49.733

Reputation: 11

+1 Drastic, but it should work. – Lukas Stejskal – 2012-03-28T20:16:27.203

You can always run WireShark and do a little "hacking" yourself. For the Novice user, you should be able to pinpoint the IP address the free loaders are using, maybe look into a site or two they happen to be browsing and leave a sticky note on their front door of some of the more embarasing sites. This lets them know that you know, but gets your point across.

Chad Harrison

Posted 2012-03-28T12:34:49.733

Reputation: 5 759

a) I'd be very wary about letting the freeloaders know you know they are hacking the WiFi. b) the OP has already stopped them hacking his system - he'd either have to open it up again or run WireShark on his other neighbours systems. – ChrisF – 2012-03-28T12:46:36.837

well, this is assuming the OP gets hacked again. Then, it would be on the OP's wire. I most certainly am not advocating that the OP should hack the hacker's network. – Chad Harrison – 2012-03-28T12:53:27.060

Changing to WPA and using a MAC whitelist should prevent all but the most determined/well resourced hackers. – ChrisF – 2012-03-28T12:54:19.727

This could invite exactly the trouble I'm sure the OP would like to avoid. S/He has handled it quite well so far, following advice like this could give the hacking neighbors enough taunting to entice them to try harder, or even do something more rash. Additionally, as was mentioned by @ChrisF, they would have to open it back up, which is not in line with his or her ultimate goals here. – Paperlantern – 2012-03-28T12:55:58.853

Unless his router uses WPS in which case it's pretty easy to get in even with WPA. – EBGreen – 2012-03-28T12:59:48.297

ISPs, at least mine, will let you know what you have been pirating through a letter in the mail. The hacker is essentially hijacking the internet connection. The note does not have a publicly posted, but at least let the hacker's know they are being monitored. Is this different in Shakehar's case? – Chad Harrison – 2012-03-28T13:09:22.237

@hydroparadise Since he's not an ISP, monitoring their connection would be exactly as illegal as their connecting in the first place. – EKW – 2012-03-28T14:11:03.770

2Not really: if they are breaking into his network, it is his traffic he is monitoring, not theirs. – horatio – 2012-03-28T14:16:34.930

@EKW - monitoring your own connection is not illegal. There is no expectation of privacy if you use a public wifi connection which his connect basically was because he foolishly used WEP and likely still has WEP enabled. – Ramhound – 2012-03-28T14:16:39.513

2"pinpoint the IP address the free loaders are using" Wouldn't that be your own IP address? o_O – endolith – 2012-03-28T15:14:44.377

@endolith If the whitelist was implemented, then yes, it could potentially be the same IP address as one of the whitelisted IP addresses. Doesn't necessarily mean that it would be the same IP, it just means its going to take more effort deciphering which IP is being spoofed. Nice catch there m8. – Chad Harrison – 2012-03-28T15:51:52.410

@hydroparadise: I'm not sure what you're talking about. If someone is using my internet connection, then they have the same IP address as me. "Pinpointing the IP address they are using" would tell me they are using my connection, which I already know. – endolith – 2012-03-28T15:54:31.910

1@endolith They would have the same external IP, but internally everybody else connecting the wireless router would have their own internal IP. Wireshark monitors the network from the perspective of the user which is assumed to be internally to the wireless router. – Chad Harrison – 2012-03-28T16:16:47.857

@Ramhound It depends on the locality, but in a majority of US states, it is illegal to monitor without notice, no matter who owns the network. – EKW – 2012-03-28T16:40:58.920