Re: Hiding unsecured wireless networks in Wireless Security

Re: Hiding unsecured wireless networks in Wireless Security http://www.dslreports.com/forum/r13575007 en Wed, 25 Nov 2009 12:14:36 EDT Wed, 25 Nov 2009 12:14:36 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,14102234 Glen T : Interesting idea, but it is kind of a moving target. At any given time I've seen two or three default routers within range. One client of mine who is in a commercial/condo complex sees 10 different different stations, 5 of which are unsecured.]]> http://www.dslreports.com/forum/remark,14102234 Wed, 10 Aug 2005 11:49:06 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,14101829 Anav : Probably already mentionned but why not setup another WIFI Router or AP in your house (but out of sight) set to the same SSID name and channel as the neigbour. It should cause enough interference within your house to disrupt their usage of the 'other circuit". The AP need not actually be connected to anything after being setup (WAN WISE or LAN WISE).
--
Ain't nuthin but the blues! "Albert Collins". Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner" LlamaWorks Equipment]]> http://www.dslreports.com/forum/remark,14101829 Wed, 10 Aug 2005 10:54:32 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,14085460 Glen T :

said by The OneTrue_glenn:

My solution is, make them go to the neighbor's house and inform them that their network is unsecured, and help them correct it.

Had you read all the postings on this topic, your would have noticed that this suggestion was made and that it is not practical because we would have to go door to door (maybe 50 condos within range) to locate the unsecured networks. Likely, the people who own these networks wouldn't know what you are talking about (that's why the routers are set to defaults in the first place). They wouldn't know what an SSID is, so they wouldn't know what their's is.

Given other threads on this forum, would you walk around the neighborhood with your laptop in plain view, with the possibility that someone could call the police and subsequently charge you with trying to log onto their private network?

Assuming that one did eventually find the correct "Linksys" and "Default" stations, would you let a complete stranger into your home and let them look at your computer because he/she claimed that it was not set up correctly???]]> http://www.dslreports.com/forum/remark,14085460 Mon, 08 Aug 2005 11:28:20 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,14079696 anon : My solution is, make them go to the neighbor's house and inform them that their network is unsecured, and help them correct it.

Social solution is best, because, face it, your kids are much more likely to be able to counter any technological fix you apply, than you are to be able to prevent them from circumventing it.

You don't want to play a game of 'spy vs spy' with your kids, because they will win. Insist on your parental authority and their respect of your wishes. Otherwise you will end up with kids on a leash, and straining to break the leash.

:huh:]]> http://www.dslreports.com/forum/remark,14079696 Sun, 07 Aug 2005 14:49:33 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13978986 Glen T : Wow. Definitely sounds like the kind of thing that I'm looking for. Will check it out. Thanks for the heads-up. :)

Edit:
Sadly, it begins to look like these aren't available north of the 49th. I'll keep my eyes open, though. :(]]> http://www.dslreports.com/forum/remark,13978986 Mon, 25 Jul 2005 11:37:28 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13970551 danielhaden : $45 Edimax, Jaht
client/AP/Repeater/all-in-one
$65 Hawking
client/AP
(all are the same Marvell based multi-purpose unit)

This small commercial AP can be set to client mode.
It offers WEP and WPA. I have the Edimax EW7203APG.

You plug it into the client computer by a short (you'll need one) ethernet patch cable. It sits atop the computer and has a short antenna. It works much like the similar-looking USB client devices.

There's one big difference:
Settings on associated network are internal (well-protected inside the $45 box) and cannot be changed without the password.

Upon setup, you initially set the PC to IP 192.168.2.whatever, and then change the client/ap's IP address to the same scheme as used by your home network.
Re-set the PC to automatic IP.

Log back into the client/ap with the IP address you just gave it.

It is probably necessary to either provide the Cient/AP a fixed IP address (if your home wireless router has this provision/feature) or
I just assigned mine outside of the DHCP range of my wireless router. My dumb Netgear automatically assigns IP from 192.168.0.2 through 192.168.0.50 so I set the Edimax client/AP on 51.

You set an internal password inside the client/AP.
Yes you do! Set the password. This will keep the kids from changing the internal settings.

Next, go to "client mode" and punch up site survey.

Associate with your home router.

Save settings.

You're done.

As you can see now, there is no way that this device will possibly associate with any other network but yours.

*WPA is very good at securing your network because it won't route easily. If possible, switch to WPA before you start.

*This small device works just like you ran a cord all the way, but you didn't have to run the cord. ;)

*I can't believe I read through 4 pages of opinions that do not answer your question. While not a direct answer, my solution will keep all other networks from appearing in windows. Maybe it was the 4 long pages of crap that stirred me into answering? It seems that it was useful after all.

Have fun!

*Those little AP's are "slightly" deaf, but pack a transmit punch that will carry for a good city block. Don't believe me: Put your thumb onto the antenna mount for a quick and very hot sensation of just how much power comes out.
Do set an admin password other than 1234 (it comes with 1234).

*If you have disconnects (and this is very unlikely) a $20 panel-type antenna can be added, or one of those 9dbi R-SMA replacement antennas from E-bay will do the job just fine. I would not expect trouble in AP mode till about 150' or client mode for about 90' distance indoors.

*If you should happen to use a casefull to cover a large building (as intended), plug them all into hubs (shared collision), not switches because hubs do fast roaming and switches cause drop-out. "String" the AP units along in order of ch3, ch7, ch11, 3,7,11 until you run out of building to cover. ;) Anyway, that's what they're actually made for. Well, that and pesky teenagers. ;)

*I got mine from newegg.com.

cheers!

EDIT:
If you have trouble setting it up in client mode then just set it up in AP mode exactly the same as your existing wireless router. Next, switch it to client mode. Press "Apply" and then associate it (site survey button) with your existing wireless router.
When using WPA, you will need one unit per client computer because WPA does not route easily.
Judy, webmaster of Edimax, has a good on-line tutorial in the FAQ, but setup shouldn't take longer than five minutes anyway. ]]> http://www.dslreports.com/forum/remark,13970551 Sun, 24 Jul 2005 03:01:30 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13852124 DaDogs : My Mistake ... Edit removed content.]]> http://www.dslreports.com/forum/remark,13852124 Sat, 09 Jul 2005 18:35:46 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13852021 Symtex : Glen T : All I have read is good people trying to help you resolve but you are only looking for 1 type of answer. You are focusing on the problem instead of focusing on the solution.

Windows XP Zeroless configuration has very limited option and by given your kids administrive rights to your Windows XP machine, they can undo everything you block. Instead of putting a plaster on a infected wound, you try to cure it from the source. How hard is it to go knock on your neighbors doors and offer them to secure their network ? I mean you are informing him of the security breach he might have with his setup. You would be offering a good deed to the community. Unless you like to access your neighbors AP from time to time to do illegal activities. j/k]]> http://www.dslreports.com/forum/remark,13852021 Sat, 09 Jul 2005 18:10:08 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13709642 Glen T : ****
Having scanned thru the many posts here, I offer apologies if this has been already covered.

And with all due respect, this is not advice on parenting. But this is just another example of expecting technology to solve a human behavior problem.
****

I'll try to explain again. I am interested in hiding unsecured wireless networks at the wireless client in a larger context based on the premise that if a user is unaware of the existence of such networks, then they cannot / will not connect to them.

Yes, of course, once the cat is out of the bag, once the genie is out of the bottle, you cannot put it back. However, in the context of a small, unmanaged, wireless network, such as the small business one I mentioned later, I would, by default, enable such an option as hiding unsecured networks if I was setting up such a network and if such an option existed.

Once again, I'm interested in the general issue of hiding unsecured wireless networks at the client -- not making them inaccessible, which is a different issue and considerably more complex.

Thanks, again, to everyone who offered alternative solutions.]]> http://www.dslreports.com/forum/remark,13709642 Tue, 21 Jun 2005 10:27:03 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13702947 WLiley :

said by Glen T

:

With all due respect, I don't really need parenting advice. This was a technical question.

Having scanned thru the many posts here, I offer apologies if this has been already covered.

And with all due respect, this is not advice on parenting. But this is just another example of expecting technology to solve a human behavior problem.

All the great suggestions have come with a "if your kids are sharp/smart they can bypass this..." So much for technological solutions.

Bottom line is this - you set forth your expectations. When those expectations are not met, you penalize them.

I'd decommission their pc's before I'd reside in letting people in my household that I expect to be accountable for thier own actions and responsible to me - knowingly defy rules I have set forth.
--
Team Z Member "The Edge... there is no honest way to explain it because the only people who really know where it is are the ones who have gone over." Hunter S. Thompson ]]> http://www.dslreports.com/forum/remark,13702947 Mon, 20 Jun 2005 14:34:45 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13698575 jpg366 : Put a software firewall on each PC. Say, ZoneAlarm Free. Set up your own network with a non-default IP range (eg. NOT 192.168.1.x for a linksys. Use something like 192.168.99.x) then allow only your network in the firewall. Put in the default ranges for the other networks (192.168.1.x for linksys, 192.168.2.x for belkin, etc, whatever is assigned by your unsecured neighbors' networks) and block those completely. Then password protect the firewall admin.

No need to hide the networks. The kids might be able to make radio contact, but no data will flow either way.]]> http://www.dslreports.com/forum/remark,13698575 Sun, 19 Jun 2005 22:36:45 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13685789 DaDogs :
said by funchords :

said by DaDogs :

Hence the "winkie" implying that since they are set at the defaults *YOU* could go in and configure them to not allow access from your MAC address. Once you have done that you won't be able to get back to the device to reconfigure it to allow your MAC addresses access. Problem solved.
That's brilliant!

You are leaving your fingerprint at the scene of the so-called crime without so much as an explanation, but if the AP owner doesn't have a clue, he might not know what to do with it.

;)
They don't track devices by MAC address at the point of sale. Therefore someone would have to sniff your MAC off of the ether to prove that the MAC address was even in use in the area. Then they would have to find the house (not all that hard). Then they would need a subpoena which would mean they would need a chargeable offense. Now we are talking about something most DAs would definately want to avoid because he would still have to prove it was YOU that put the MAC address in your neighbors AP. Why would ANYONE fix their neighbor's AP so that they CAN'T steal service?

Kinda like locking the neighbor's front door so the kids can't go into their house to play.

Lol... Yep. Nobody is ever going to be tried on that one.
--
»www.freeantennas.com]]> http://www.dslreports.com/forum/remark,13685789 Sat, 18 Jun 2005 00:30:04 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13685306 funchords :
said by DaDogs :

Hence the "winkie" implying that since they are set at the defaults *YOU* could go in and configure them to not allow access from your MAC address. Once you have done that you won't be able to get back to the device to reconfigure it to allow your MAC addresses access. Problem solved.
That's brilliant!

You are leaving your fingerprint at the scene of the so-called crime without so much as an explanation, but if the AP owner doesn't have a clue, he might not know what to do with it.
--
Robb Topolski
http://www.funchords.com/
Hillsboro, Oregon USA]]> http://www.dslreports.com/forum/remark,13685306 Fri, 17 Jun 2005 23:13:01 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13684102 Glen T : My sentiments are with you, DaDogs.

Hey, I don't mind crusading a bit here. I figure if enough industry people read this, maybe we can influence them a bit. It's worth a try and doesn't cost anything. :)]]> http://www.dslreports.com/forum/remark,13684102 Fri, 17 Jun 2005 19:46:41 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13683850 DaDogs :
said by Glen T :

*****
If your neighbors APs rejected your MAC addresses, would that help?
*****

It would, but it requires some action on the part of the neighbor.
Hence the "winkie" implying that since they are set at the defaults *YOU* could go in and configure them to not allow access from your MAC address. Once you have done that you won't be able to get back to the device to reconfigure it to allow your MAC addresses access. Problem solved. I do believe you should leave them otherwise unchanged and I do understand that you would be doing something which many people would say was hacking .... but beating the kids is out so .... :)

said by Glen T :

My opinion is that many people purchase wireless routers, plug them in, and use them with default settings because they work that way out of the box.
Perfectly reasonable assumption and perfectly reasonable behaviour.

said by Glen T :

Further, I know of people who have purchased a wireless router to use NAT firewall features (even though they only have one computer) or they have two computers sharing an Internet connection -- in both cases hardwired. Many (most) wireless routers available at retail include 4 wired ports. They are about the same price as hardwired routers alone, which are increasingly hard to find at retail stores. They might buy a wireless router thinking they might use wireless later when they get a new computer (I did).

These people may not even be aware that they are running an active wireless station. They are simply using it as a wired router. In fact, they would have no way of knowing it.
OK, so ... ?

said by Glen T :

To me, these are arguments why manufacturers should a) not enable wireless functions by default, and b) include a setup wizard that you must run to choose to activate the wireless features and offer to walk you through the option of setting up security -- before it starts working.

While I agree with your argument and I hate to be the one to point it out, this is not going to happen. If it were going to happen, it would have already happened. As a very early adopter of wireless I carried this flag quite some while before I gave up.

The vendors are in this business to make money, not to secure people's networks. While you and I may feel they have a moral responsibility not to harm a network by making it less secure when their device is installed, they apparently do not have a legal responsibility.

I'm not sure why it works that way, but Microsoft would be the first example of "shipping an unsecure system by default and getting away with it for twenty years" that I would point out to you.

I have come full circle WRT open access points which are set to completely default factory conditions. At one time I would try to notify the owner's but there is always the risk that they will demonstrate a very hostile attitude about the fact that you know how to intercept their wireless traffic. Don't make the mistake of pointing out to someone (like a doctor) who has a LEGAL responsibility to secure the information on their network, that their network is spraying all sorts of privacy act information out onto the street.

No, I handle things much differently now. If I find a network which is *obviously* unsecure and processing information which I know should be protected, I turn on encryption, change the password and ssid, and lock the damn thing down so that they can't use it without a reset. Then I drive away. When they figure out what is wrong with their network, they will have learned enough to secure it. Until that time, they are like a five year old with a loaded handgun and what adult would not gently remove a handgun from a five year old?

Just my two ... Kindly refrain from the flames ... I am not recommending this course to anyone else.
--
»www.freeantennas.com]]> http://www.dslreports.com/forum/remark,13683850 Fri, 17 Jun 2005 19:07:31 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13683603 antdude :
said by Glen T :

I did that with my nextdoor neighbor, but beyond that it gets hard to figure out who is who. The only thing you have to go on is signal strength. If you live in an urban high-density area it would be pretty difficult -- unless you're into meeting people.

Pickup line: "Hi. Do you have a wireless router I could borrow for a few minutes?"
Some wireless network adapter software show MAC addresses. You can use that too if you know your MAC address.
--
Ant @ The Ant Farm: »antfarm.ma.cx ... Please do not IM/e-mail me for technical support. Use the forum (I check almost daily)! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer.]]> http://www.dslreports.com/forum/remark,13683603 Fri, 17 Jun 2005 18:33:00 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13681188 Glen T : I did that with my nextdoor neighbor, but beyond that it gets hard to figure out who is who. The only thing you have to go on is signal strength. If you live in an urban high-density area it would be pretty difficult -- unless you're into meeting people.

Pickup line: "Hi. Do you have a wireless router I could borrow for a few minutes?"]]> http://www.dslreports.com/forum/remark,13681188 Fri, 17 Jun 2005 13:08:34 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13680858 JoeR : Some time ago I discoverd that my next door neighbor had gotten a Linky WRT54G set to the defaults. Occassionally I would accidentally associate to it.

Being good friends, I simply told them that I would hack their computers and upon booting in the very near future they would find that their wallpaper would be transformed into a picture of ME. :D

That was plenty of incentive to secure their router! ;)
--
The truth is out there... well, maybe not here..]]> http://www.dslreports.com/forum/remark,13680858 Fri, 17 Jun 2005 12:29:39 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13680164 Glen T : *****
If your neighbors APs rejected your MAC addresses, would that help?
*****

It would, but it requires some action on the part of the neighbor.

My opinion is that many people purchase wireless routers, plug them in, and use them with default settings because they work that way out of the box.

Further, I know of people who have purchased a wireless router to use NAT firewall features (even though they only have one computer) or they have two computers sharing an Internet connection -- in both cases hardwired. Many (most) wireless routers available at retail include 4 wired ports. They are about the same price as hardwired routers alone, which are increasingly hard to find at retail stores. They might buy a wireless router thinking they might use wireless later when they get a new computer (I did).

These people may not even be aware that they are running an active wireless station. They are simply using it as a wired router. In fact, they would have no way of knowing it.

To me, these are arguments why manufacturers should a) not enable wireless functions by default, and b) include a setup wizard that you must run to choose to activate the wireless features and offer to walk you through the option of setting up security -- before it starts working.]]> http://www.dslreports.com/forum/remark,13680164 Fri, 17 Jun 2005 10:37:36 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13677396 DaDogs : Your neighbors won't secure their AP's.

Your neighbors are using default passwords.

If your neighbors APs rejected your MAC addresses, would that help?

;)
--
»www.freeantennas.com]]> http://www.dslreports.com/forum/remark,13677396 Thu, 16 Jun 2005 22:54:21 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13671295 Shootist :
said by Glen T :

Sure wish that Microsoft would consider adopting this philosophy in their Wireless Connection wizard -- at least as an administrative option.

I totally agree. There should be a feature to stop any connections to other wireless networks other than the ONES you specify.
--
Shooter Ready--Stand By BEEP ********]]> http://www.dslreports.com/forum/remark,13671295 Thu, 16 Jun 2005 10:21:05 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13671272 Glen T : Sure wish that Microsoft would consider adopting this philosophy in their Wireless Connection wizard -- at least as an administrative option.]]> http://www.dslreports.com/forum/remark,13671272 Thu, 16 Jun 2005 10:16:34 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13669454 claudeo : Having accidentally used a neighbor's unsecured network when I thought I was connected to my own network, I can sympathize with those who have the problem. On the other hand, I recently bought a ThinkPad laptop that comes with network connection software that will not connect to "ANY". Unlike many wireless config utilities from Orinoco, Airlink+, Belkin, Linksys, etc., the IBM Access Connection software will only connect to APs by a specific SSID name according to one of the specified profiles. The software has some features that are mildly annoying to someone used to unrestricted roaming, but on the other hand it is very effective at preventing accidental connection to a network you don't want, and it looks like it can be administratively secured to prevent "normal" users from overriding it. I don't know whether something like it is available anywhere else than on ThinkPads though.]]> http://www.dslreports.com/forum/remark,13669454 Thu, 16 Jun 2005 01:15:47 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13648999 Glen T :
said by aeiouy :

...presented with no malice at all.

"...time for a meeting with the "board of education" and their bottoms"
"Your kids would be stealing..."
"...spoiled brat kids"

Maybe just a little malice? ;)

Sorry I lost patience. I just thought the discussion got sidetracked from the original question despite my best efforts to steer it back.

Obviously, there is no easy solution. However, I sure did find another situation similar to my own just this past week.

Client had me setting up a wireless network for a small business in multi-use commercial/condo (you can live where you work). There were no fewer than 10 wireless networks within range of the their comps.

Overlapping frequencies kept bumping their computers off the station. Within an hour two of my client's users were hooked up to other people's networks -- before we even had a chance to try alternative channels. Their SSID kept disappearing, so they just hooked up to another one named "linksys".

Half of the 10 networks in that building/block are not secured in any way. It would really be useful to have an easy way of hiding the non-secured networks.]]> http://www.dslreports.com/forum/remark,13648999 Mon, 13 Jun 2005 17:40:40 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13646182 aeiouy : The problem is you posed a specific problem and people were offering you alternative solutions. You didn't actually want a solution to your problem, you just wanted to know a specific piece of information.

So from that standpoint you are 100% right you should not have offered so much context, because it is second nature for most people to provide potential solutions to someone who poses a problem or dilema. People thought they were being helpful by trying to assist you with your problem.

I think you could have been a bit more gracious about the whole thing, myself. There was a lot of good advice in here to help you with your problem, presented with no malice at all. But you were dismissive and rude.

Good to see you take responsibility for misframing your initial query. ]]> http://www.dslreports.com/forum/remark,13646182 Mon, 13 Jun 2005 11:40:49 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13599263 jaa : The reality is a lot of theoretical chatter about the lack of security and privacy on unsecured wireless and hotspots. While perhaps interesting from an intellectual perspective, from a practical perspective it is just chatter. I have yet to see even ONE instance of someone having passwords or other sensitive information stolen through unsecured wireless. Phishing the www is much more productive for this purpose than capturing packets from some silly hotspot in East Podunk.

Sharing a broadband connection through wireless is technically a contract issue between the provider and subscriber.

The original poster asked that this not be a discussion on proper parenting, but rather a discussion on the technology. Therefore the is no reason to divert into the moral issues concerning connecting to unsecured wireless networks without permission or providing open wireless access to one's broadband connection.
--
NOTHING justifies terrorism. We don't negotiate with terrorists. Those that support terrorists are terrorists.]]> http://www.dslreports.com/forum/remark,13599263 Tue, 07 Jun 2005 13:51:30 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13598692 Glen T : *****
Glad to see that the parental advice you didn't seem to want, is really the solution afterall
*****

Actually, it is not the solution, but it will have to do for now.

I am interested in the larger issue of how to hide unsecured wireless networks at the client end because I'm sure I'll run into this issue again in my travels.

I understand the issue around using someone else's ISP. The point that I'm trying to make -- that no one is picking up on -- is this: the vast majority of people I have met who have unsecured wireless networks or who use other people's wireless networks are a)completely oblivious to the technical issues and/or b)unaware of the moral issues.

There have been well-publicized accounts in local papers here of people setting up their own hotspots -- particularly around universities. These are usually students who set up large antennas and boost their Linksys routers power output with alternative firmware. We do have DSL ISPs here who do not enforce traffic limits, so this is quite easy to do this with a home broadband account. Their philosophy is that Internet access should be free for everyone.

I'm not endorsing this -- not even close. If I was, I'd cancel my ISP and use my neighbor's and save $600 a year. My point is that the general public is getting mixed messages about wireless usage. Is it any wonder that there is a lot of confusion out there?

Here is the kind of issue that I'd be concerned about if I was a security professional (which I'm not): what if someone set up a 'free' hotspot around a university dorm, then used a sniffer to monitor traffic and grab charge card numbers etc? Who would be at fault -- the kids that used the 'free' unsecured connection?

This was never actually about my kids. This was a technical question that interested me professionally. And for those of you who made unwarranted comments about the character of my children, if you met them, you would then know how foolish you've been.

Next time, I won't provide so much 'context'.]]> http://www.dslreports.com/forum/remark,13598692 Tue, 07 Jun 2005 12:50:43 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13597911 Anav :
said by Glen T :

This would appear to be a strange position to take on a "security" forum. I think you are forgetting that the technology effectively hides this issue. To most people, this would appear to be no different than changing channels on your cordless phone to get a better signal.

My solution? I think I'll just set up some kind of logging on the network and tell the kids if they do log onto to someone elses network, that I will know and they will consequently lose access to the Internet for a week. School's almost over anyway.

Consider that if the 'stealing party' started downloading kiddie porn, whose door would the FBI come knocking down. Its serious chit, whether you want to admit it or not!!

Glad to see that the parental advice you didn't seem to want, is really the solution afterall ;-)
--
Ain't nuthin but the blues! "Albert Collins". Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner" LlamaWorks Equipment]]> http://www.dslreports.com/forum/remark,13597911 Tue, 07 Jun 2005 11:20:58 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13597689 Glen T : Well, this just seemed to me to be an obvious omission on the part of MS.

****
Sorry but I must disagree with you as to the manufacture of the equipment not making it mandatory to change the settings on the router or WAP. If that was the case I wouldn't buy that type of equipment.
****
I agree with Shootist. There is a moral issue at the center here regardless of how many unsecured routers are near by. Security wouldn't be needed if our neighbors didn't "borrow" or eavesdrop.

If a neighbor were to leave their car unlocked and the keys in visor, that doesn't make it a "free" car. Your kids would be stealing if they used it without permission.
****

This would appear to be a strange position to take on a "security" forum. I think you are forgetting that the technology effectively hides this issue. To most people, this would appear to be no different than changing channels on your cordless phone to get a better signal.

*Honestly* you can do this without even realizing it. When I first got a wireless router, I ended up connected to my next-door neighbor's WAP purely by accident. Both Linksys, same model (I have since set up security for him).

I am only suggesting that the router should be configured out of the box to not work if you just plug it in. You should have to run a wizard during first-time setup that offers you the OPTION of setting up security -- and something that will walk you through it if you agree.

My solution? I think I'll just set up some kind of logging on the network and tell the kids if they do log onto to someone elses network, that I will know and they will consequently lose access to the Internet for a week. School's almost over anyway.]]> http://www.dslreports.com/forum/remark,13597689 Tue, 07 Jun 2005 10:52:18 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13591755 Birds :
said by No_Strings :

Come on, guys. He has that part under control.

said by Glen T :

With all due respect, I don't really need parenting advice.

My apologies. Missed that point.

Haven't seen any quick and easy solutions that don't require administration/configuration/controls at some level or in some fashion.]]> http://www.dslreports.com/forum/remark,13591755 Mon, 06 Jun 2005 16:04:52 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13591404 SoonerAl : I would be curious to hear about your final solution...

Good luck with whatever you decide to do...:)
--
"When all else fails, read the instructions..."]]> http://www.dslreports.com/forum/remark,13591404 Mon, 06 Jun 2005 15:33:21 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13591300 No_Strings : Come on, guys. He has that part under control.

said by Glen T :

With all due respect, I don't really need parenting advice.

He wants a quick, painless fix without a lot of heavy lifting or a sermon about spoiled brat kids.]]> http://www.dslreports.com/forum/remark,13591300 Mon, 06 Jun 2005 15:23:52 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13590699 Birds : I agree with Shootist. There is a moral issue at the center here regardless of how many unsecured routers are near by. Security wouldn't be needed if our neighbors didn't "borrow" or eavesdrop.

If a neighbor were to leave their car unlocked and the keys in visor, that doesn't make it a "free" car. Your kids would be stealing if they used it without permission.

Your kids are knowingly connecting to someone elses network because they can't use yours. You don't pay for that connection. How is that not stealing?]]> http://www.dslreports.com/forum/remark,13590699 Mon, 06 Jun 2005 14:16:21 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13590505 Shootist : Sorry but I must disagree with you as to the manufacture of the equipment not making it mandatory to change the settings on the router or WAP. If that was the case I wouldn't buy that type of equipment. All they should do is supply the features and tools to do so. Ultimately it is your responsibility to secure your network NOT the makers of the equipment. And to go along with that it is your responsibility as a parent to do the same with your children, not to blame a hardware manufacturer or your neighbor for your problems.
--
Shooter Ready--Stand By BEEP ********]]> http://www.dslreports.com/forum/remark,13590505 Mon, 06 Jun 2005 13:55:10 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13589013 Glen T : Thanks to all who contributed their ideas to this discussion.

A few parting comments:

I never saw this as a security issue from my end. I brought this discussion to this forum because there is more expertise in this area.

From what I can gather from this discussion, the specific configuration/hack/switch that I was looking for does not exist within the limits of Windows XP configuration.

These kids are by no means hackers. They just used the helpful Windows tools available to them to locate a new connection when their's went off.

The 'real' problem is the availability of my neighbor's unsecured networks. However, these people can't exactly be faulted for bringing home a wireless router from Best Buy, plugging it in, following instructions and using it in its default state.

Ultimately, the fault lies with the vendors who don't make security setup a mandatory part of the wireless setup process IMHO.

Point taken on the admin. login.

As to whether it is "illegal" to log onto an unsecured wireless station using the unchanged default password, well, in my neighborhood you can actually do it by accident -- what with all the default SSIDs. ]]> http://www.dslreports.com/forum/remark,13589013 Mon, 06 Jun 2005 10:41:17 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13588503 SoonerAl :
said by Anav :

Ahh okay thanks shootist, yes apart from the other location applying security, there is no other option than removing wifi.....

Well, the use of limited accounts and parental control software (that blocks internet access on a per user basis during certain time periods) is certainly an option...although not one the original poster seems willing to use for some reason...
--
"When all else fails, read the instructions..."]]> http://www.dslreports.com/forum/remark,13588503 Mon, 06 Jun 2005 08:58:33 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13588299 Anav : Ahh okay thanks shootist, yes apart from the other location applying security, there is no other option than removing wifi.....]]> http://www.dslreports.com/forum/remark,13588299 Mon, 06 Jun 2005 08:12:16 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13588238 Shootist : That router will NOT stop a wireless PC, notebook or desktop, from logging on to a unsecured, and for that matter a secured wireless network if you know the password, AP or wireless router. The only way to stop that is to take the wireless card out and hard wire it to the router. NO wireless card NO logging on to someone else's wireless network.

If that fails because they buy there own wireless card and or wireless USB adapter then it's time to look at what you have done wrong as a parent and correct it ASAP.
--
Shooter Ready--Stand By BEEP ********]]> http://www.dslreports.com/forum/remark,13588238 Mon, 06 Jun 2005 07:52:24 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13588224 big greg : If the machines are using XP, I would set up an IPSec packet filter rather than using fixed IP addresses.

Change your router to use an IP address range that isn't 192.168.1.0 or 192.168.0.0 subnets... let's say your use 192.168.192.0. Go to each XP machine and install an IPsec packet filter that only allow traffic through to a an address that's on the private address range you selected. Your kids will probably take awhile to find it (you use the Local Security Policy in Administrative Tools to configure it). Leave DHCP and the rest of the software alone.

Now when they associate with your AP they are all set because the filter will let 192.168.192.* through, but when they associate with another AP not in your range the packets are blocked. That way it looks like they can associate but no packets get in or out. For problem solving, a quick ipconfig /all will show you which AP they are associated to.

As an aside, I don't think its a good idea to let everyone have full admin privs, particularly with teens. You can fix this easily. It is easy to do in XP, a bit more work in 2k. Make a new account called Glen or something like that, make it your administrative account access, and put a password on it. Go to the orig account that everyone uses and make it a restricted account. Everyone keeps the one desktop and you have a secure account for things you want under your control. :D]]> http://www.dslreports.com/forum/remark,13588224 Mon, 06 Jun 2005 07:48:12 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13588070 Anav : The ZyXEL HS100W is a possible alternative solution.
It applies to all computers in the house and is based upon logging into the router to get access to the internet.
The admin sets the accounts up with the appropriate permissions which includes how much daily access and between what times that access is allowed. There is an optional subscription content filter to BlueCoat(formerly cerberian) with over 50 topics covered/choosable.
In this way you do not have to change your current PC setup.
»www.us.zyxel.com/products/model.···88555542
--
Ain't nuthin but the blues! "Albert Collins". Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner" LlamaWorks Equipment]]> http://www.dslreports.com/forum/remark,13588070 Mon, 06 Jun 2005 06:57:37 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13584408 ff1324 :
said by wi-fi:

That is not legally allowed. If you are caught you will be in serious trouble. What ever you do, do not do that again.

Really? Show me the law where he is that says he can't do that.

And I think that Shootist has by far the best solution. If there's a hard wire, there's no chance of them getting on the neighbor's network.
--
The funny thing about firemen...night and day they're always firemen]]> http://www.dslreports.com/forum/remark,13584408 Sun, 05 Jun 2005 18:37:54 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13584336 Shootist : Simple PULL the wireless card out of the system and run a wire to it.
--
Shooter Ready--Stand By BEEP ********]]> http://www.dslreports.com/forum/remark,13584336 Sun, 05 Jun 2005 18:25:51 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13584299 anon :
quote:
Glen T

3. I actually went as far as to log on to one of them (of course they haven't changed the default password) and I changed the default SSID to "SecureMePlease".

That is not legally allowed. If you are caught you will be in serious trouble. What ever you do, do not do that again.

I think I know why "that did not help." They must, ex: by pressing the reset button, reset their router to connect to it.]]> http://www.dslreports.com/forum/remark,13584299 Sun, 05 Jun 2005 18:19:39 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13583093 jaa : I'm not sure how any solution will work. If you can set it up, can't they just unset it?

Right now, it is set to connect to your network, right? Unless they go and connect to the neighbors network (a deliberate act), they will stay connected to your network.

If you set zone alarm to block the neighbor's address range, couldn't they just set it back - they have admin privileges, right?

Like I said before, I've chosen a "social" solution to blocking internet off hours. If you want a technical solution, you are going to have to remove admin privileges.

Using a fixed IP address that is on your network's subnet (and not the neighbors') is sort of like not broadcasting your SSID and thinking the wireless network is secured.
--
NOTHING justifies terrorism. We don't negotiate with terrorists. Those that support terrorists are terrorists.]]> http://www.dslreports.com/forum/remark,13583093 Sun, 05 Jun 2005 15:15:15 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13582701 JTY : The static IP solution should work.

Another possible solution, is to use task scheduler to replace the hosts file at the designated time. Replace it with something that will redirect pretty much any hostname lookup to an invalid IP.]]> http://www.dslreports.com/forum/remark,13582701 Sun, 05 Jun 2005 14:12:09 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13582566 fccgrant : Let us know how that works out as I'm curious myself.

My solution is to disable Wireless Zero Configuration in the Services panel. The wireless utility I use takes over and does the connection to my wireless router. After configuring the wireless in the utility I remove the shortcut to the utility from the START menu and the Windows desktop. Reboot and make sure it works.

Of course...if you have really smart kids they'll have all of these steps reversed in minutes.

Good luck.

fccgrant]]> http://www.dslreports.com/forum/remark,13582566 Sun, 05 Jun 2005 13:50:48 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13582443 Glen T : I will try the IP range solution. I don't need to go overboard with this in terms of securing the solution.

The problem, in a nutshell, is that Windows XP SP2 just makes it too easy to browse and auto-connect to any available network. I have tried removing non-preferred networks from the list, but once you have logged on to one it remembers it -- and they just come back when you delete them from the list.

I will also inquire with Linksys to see if their client software would allow me to only connect to a profile account. They may have some undocumented switch to hide the others.

In general, people don't seem to distinguish between network resources. And no wonder: you buy a router, plug it in. Log on and it works. All you have to do is peruse the SSIDs out there -- most are still set to defaults like "default" (D-Link) and "linksys". Other than relative signal strength, the typical user wouldn't even know whose network they are connected to. The default treatment of this by the hardware vendors borders on negligent IMHO.

Most people don't have any knowledge of the issues or the protocol involved.

In my case, if those networks were not visible, this would be enough to deter the kids from connecting. As it is, they just see this as being no different then changing TV channels.

I think MS and the NIC vendors should get their act together on this. I can't believe that I'm the only one to have run into this issue. But then, I guess it runs counter to .Net philosophy -- connecting anywhere, anytime.]]> http://www.dslreports.com/forum/remark,13582443 Sun, 05 Jun 2005 13:30:06 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13582271 fccgrant : You may want to look at this topic below...

»Block access to unsecured networks?

This explains how a software firewall such as Zone Alarm can be used to reject certain IP's from connecting to your system. You could set up the IP range of your neighbor's router to be rejected by the Zone Alarm firewall when the router trys to connect to your computer. Of course you may have to re-configure your router so as to not conflict with your neighbor's range.

Another thought...I'm hoping you have a software firewall of some sort on that computer. If not, your kids accessing the neighbor's unsecured wireless router may allow all kinds of nasty things on to your system. If he hasn't set up wireless then he more than likely doesn't have the firewall configured leaving you vulnerable.

fccgrant
--
In Deo speramus, ceteros omnes observamus ]]> http://www.dslreports.com/forum/remark,13582271 Sun, 05 Jun 2005 13:00:06 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13581483 jaa :
said by Glen T :

For example, a client asked me to look at his kid's computer because one of his three kids could not print to the their networked printer. When I arrived, the child was not home, and no one knew her password, so we could not test the printing problem.

Solution to that is remove the password so you can do the testing, then let them add it back in later.

In my house we have implemented a non-technical solution that works well with the kids - technically they have full internet access 24/7. Client software is the best way to control it technically. There are plenty out there reasonably priced, and some ISPs offer it for free.

As long as they have admin privliges, there is nothing you can do in XP that they can't undo. Even installing the internet limiting software can often be uninstalled (though you would know they did that). I think some cannot be uninstalled without the password - if you lose the password you have to reformat the drive to get rid of it.
--
NOTHING justifies terrorism. We don't negotiate with terrorists. Those that support terrorists are terrorists.]]> http://www.dslreports.com/forum/remark,13581483 Sun, 05 Jun 2005 10:33:41 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13581263 SoonerAl :
said by jaa :

Cybersitter, Cyberpatrol, Guardian Monitor are all programs that will do what you want. There are many other solutions out there as well.

The original poster seems pretty set on not going that route...;)
--
"When all else fails, read the instructions..."]]> http://www.dslreports.com/forum/remark,13581263 Sun, 05 Jun 2005 09:38:03 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13580998 jaa : Cybersitter, Cyberpatrol, Guardian Monitor are all programs that will do what you want. There are many other solutions out there as well.
--
NOTHING justifies terrorism. We don't negotiate with terrorists. Those that support terrorists are terrorists.]]> http://www.dslreports.com/forum/remark,13580998 Sun, 05 Jun 2005 08:12:15 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13580526 funchords :
said by nwrickert :

I haven't tried this, so I am not sure if it will work. But it might be worth a try.

You could configure tcp/ip for your wireless card, to use a fixed IP address, fixed gateway, fixed DNS server (same as gateway).

Then as long as you choose a subnet different from that of your neighbors, you won't be able to connect via the unsecured neighbor's network because the subnet will be wrong.

This, in addition to the limited account (user account), will accomplish what the original poster is asking.

If the kids are logging on to the neighbor's AP, the "system built on trust" is already broken.

Furthermore, it is generally considered a poor practice to use an Administrator's / Owner's account for day-to-day use.
--
Robb Topolski
http://www.funchords.com/
Hillsboro, Oregon USA]]> http://www.dslreports.com/forum/remark,13580526 Sun, 05 Jun 2005 03:10:36 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13579541 TheWiseGuy : If they know what they are doing they can get around this, but you could set a static IP address, with your router and computers on a different subnet then the other Wireless networks, this will keep them from connecting without changing the IP address. This is easy to get around if you know what you are doing.

Also you could add a software firewall that has the ability to allow things based on time of day.
--
Dog and Butterfly]]> http://www.dslreports.com/forum/remark,13579541 Sun, 05 Jun 2005 00:00:21 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13579511 nwrickert : I haven't tried this, so I am not sure if it will work. But it might be worth a try.

You could configure tcp/ip for your wireless card, to use a fixed IP address, fixed gateway, fixed DNS server (same as gateway).

Then as long as you choose a subnet different from that of your neighbors, you won't be able to connect via the unsecured neighbor's network because the subnet will be wrong.]]> http://www.dslreports.com/forum/remark,13579511 Sat, 04 Jun 2005 23:57:11 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13577401 anon : The Intel card I use is Intel 2200b/g. I believe 2100b/g, 2915a/b/g all have wireless profile management capabilities. When you first start the Intel ProSet tools that come with the card, just disable the Window's Wireless Zero Configuration as part of the initial set up. You can switch back and forth but the Intel tool are far super then the Window's.

You can go up one level and get a Cisco wireless card. You can do a lot more but it is just too expensive for home use. ]]> http://www.dslreports.com/forum/remark,13577401 Sat, 04 Jun 2005 18:13:30 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13577078 Glen T : Tried using the latest software connection monitor that came with the WUSB54G. It does replace (turn off) the Windows wireless connection manager, but it is largely the same. No way to block/hide non-preferred networks.]]> http://www.dslreports.com/forum/remark,13577078 Sat, 04 Jun 2005 17:20:25 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13575060 Glen T : ****
Not true. For example, with Intel wireless card and Intel ProSet software tools, you can create profiles that connect to specific APs only.
****
I take it that in order to set this up, you would disable "Use Windows to configure my wireless network settings" and then use some proprietary software that came with the NIC?]]> http://www.dslreports.com/forum/remark,13575060 Sat, 04 Jun 2005 11:52:44 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13575007 Glen T : I really wanted to avoid setting up limited accounts. On my computers at home, there is only a single user account with no login or password and max. admin. privleges.

The reasons for this are many. Each user profile has its own desktop etc. And this just adds to administrative headaches.

For example, a client asked me to look at his kid's computer because one of his three kids could not print to the their networked printer. When I arrived, the child was not home, and no one knew her password, so we could not test the printing problem.

Files end up on different desktops in different profiles. Games and applications work in one profile -- not installed in another. Backup is a nighmare. Etc. etc.

I'm just looking for a *simple* solution here. My system is built largely on trust. The single kid computer is in the corner of the family room where everyone can see and use it.

I just need to make sure that the kids are getting enough sleep on a school night -- usually, I'm the first one in bed -- I'm not waiting around to police this.

I can't outright terminate Internet access as a punishment. The kids work on computers at school and then e-mail work home to themselves to finish, then e-mail back in the morning. One daughter is studying journalism. She is working on articles all the time for school publications.

I should also mention that there are plenty of parental controls in place. We have one TV in the house. There is a long-standing ban on TV viewing during the week -- for all family members. MSN messaging and instant messaging have always been banned (and removed -- I shot the messenger) on my computers. ]]> http://www.dslreports.com/forum/remark,13575007 Sat, 04 Jun 2005 11:45:50 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13574572 SoonerAl : I still like the idea of parental control software, limited accounts, etc...

This thread got me thinking about my grandkids visiting this summer for two weeks, so I installed a free parental control package from my ISP, Cox HSI, and started experimenting with it. My scheme so far is to...

1. Setup an individual limited account for each grandchild on both of my XP Pro boxes.
2. Use the parental control software to limit the hours each child can access the internet. In each of their cases I limit them to internet surfing 2 hours (120 minutes) per day during their six hours total of allowable time on the PC. During the remaining four hours they can play computer games, etc, but not surf the internet.
3. I use the Windows net user command to limit the actual times during the day they can log onto the computer. For example:

net user dallas /time:M-Su,9am-12pm,5pm-8pm

...allows my grandson Dallas to be able to log into his account only between the hours of 9 AM to 12 PM (noon) and between 5 PM and 8 PM daily.

4. I also setup each childs account so the windows screen saver activates after 15 minutes of idle time and kicks the display back to the Windows Login screen. That way idle sessions are forced to log back on, if they can...See item 3 above. Along with this I setup group policies that disable the screen saver tab for users. Go to User Configuration -> Administrative Templates -> Control Panel -> Display and look at the Hide Screen Saver tab, Screen Saver, Screen Saver Executable Name, etc. policies. That makes it impossible for anyone, except an Administrator, to disable this feature. Now with XP Home you can't use group policies, but you can use a small Windows XP Security Console utility created by Doug Knox, MS-MVP to also disable the screen saver tab.

»www.dougknox.com/xp/utils/xp_sec···sole.htm

I have attached a few example screen shots from the parental control software I am using. It may be of interest...

The nice thing about all of this is that everything is setup on a per user basis, so I can control the kids and still let the adults have access to the PC and public internet at anytime. Of course the adult Visitors account is a limited account and all accounts are password protected...

This is also configured so only the administrator can configure all of this...
--
"When all else fails, read the instructions..."

Child web controls

Child allowable surfing hours
]]> http://www.dslreports.com/forum/remark,13574572 Sat, 04 Jun 2005 10:29:17 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13573548 anon : "As far as I know, there isn't any way to create a "no connect" rule that prohibits you from connecting to a specific AP."

Not true. For example, with Intel wireless card and Intel ProSet software tools, you can create profiles that connect to specific APs only.

In the meantime, you need to create limited user account (with Windows XP Pro, not sure about XP Home) that only has limited capability, only admin can change the profile. Now you are in control. ]]> http://www.dslreports.com/forum/remark,13573548 Sat, 04 Jun 2005 04:29:37 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13570295 Glen T : One is a Dlink. The other is Linksys. At any given time I can 5 or 6 WAPs from this machine. The rest are secured.

I'm not looking to take drastic measures, here. If I was, I'd just drill some holes, string a bunch of Cat6 cable and hardwire the thing to the router...]]> http://www.dslreports.com/forum/remark,13570295 Fri, 03 Jun 2005 19:47:49 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13570188 Nerdtalker :
said by Glen T :

However, I *could* disable both of them. Maybe that's the best solution -- caveat emptor...

There are a few wireless APs/routers that'll allow you to decrease signal power through their web-based configuration interface.

A bunch of D-Link APs will let you do it without cracked firmware, and you definitely can with any WRT54G(S) alongside some 3rd party firmware.

While I'm not encouraging or condoning the practice of logging into the administrative pages of your neighbor's AP, it might work without you having to shut it down completely.
--
"Some people never see the light till it shines thru bullet holes." -Bruce Cockburn

iPod Shuffle=iPos

I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 6200+]]> http://www.dslreports.com/forum/remark,13570188 Fri, 03 Jun 2005 19:35:04 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13570152 javaMan :
said by Glen T :

. . .

As to canvassing the neighbourhood, how would you take it if a complete stranger banged on your door and asked if you had a wireless network in your home? I'd tell the guy to get lost. This is not a practical solution. However, I *could* disable both of them. Maybe that's the best solution -- caveat emptor...

Personally? I wouldn't mind at all if someone were to explain the situation. In fact, I would be thankful that it was brought it to my attention that someone was sucking my bandwidth. But I do understand your point of view. I have no clue what your situation is, especially if you live in the city. I live in a more rural area and tend to think in different terms I guess. :)
--
Woe unto them that call evil good, and good evil; that put darkness for light, and light for darkness. . . Isa. 5:20]]> http://www.dslreports.com/forum/remark,13570152 Fri, 03 Jun 2005 19:29:18 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13570150 Nerdtalker :
said by Glen T :

The ironic part is that, that's what we are using -- a USB54G Linksys dongle. It has a much better range than most PCI cards. I chose it because the PCI card was giving a lousy connection to our own WRT54G router.

These unsecured networks don't show up on my own Compaq laptop with built in 802.11g.

Ouch, that is pretty ironic! :D Although the WUSB54G does appear to have a nice antenna: »www.linksys.com/products/product···prid=665

Well, I guess you could try this NETGEAR USB adapter: »www.netgear.com/products/details/MA111.php it's only 13dBm.
Or this micro Linksys USB adapter: »www.linksys.com/products/product···prid=519 I can pretty much guarantee that it isn't going to have much range just by looking at it.

Better yet, swap out your wireless NIC with theirs.
--
"Some people never see the light till it shines thru bullet holes." -Bruce Cockburn

iPod Shuffle=iPos

I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 6200+]]> http://www.dslreports.com/forum/remark,13570150 Fri, 03 Jun 2005 19:29:01 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13570094 Glen T : ****
What you could do is get them a wireless NIC that doesn't have enough range or signal sensitivity to connect to your neighbor's AP. I'd look into one of those small little USB dongle Wireless Adapters, and simply remove their default MiniPCI or PC-Card adapters.
****

The ironic part is that, that's what we are using -- a USB54G Linksys dongle. It has a much better range than most PCI cards. I chose it because the PCI card was giving a lousy connection to our own WRT54G router.

These unsecured networks don't show up on my own Compaq laptop with built in 802.11g.]]> http://www.dslreports.com/forum/remark,13570094 Fri, 03 Jun 2005 19:19:30 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13570046 Glen T : I appreciate that you have taken the time to respond. However, I am not getting a clear indication from any posting so far that what I am asking is either impossible, or that the posters don't know the answer.

I kind of assumed that this would be something that a network administrator in a downtown office would have run into. Scenario: admin places restrictions on company access to Internet via wireless connection and enterprising employees find ways to circumvent by logging onto unsecured wireless network of John Doe, accountant, on the next floor.

I guess I figured that there would be some registry tweak that would simply hide all non-secured networks in the XP Wireless Network Connection viewer.

As to canvassing the neighbourhood, how would you take it if a complete stranger banged on your door and asked if you had a wireless network in your home? I'd tell the guy to get lost. This is not a practical solution. However, I *could* disable both of them. Maybe that's the best solution -- caveat emptor...]]> http://www.dslreports.com/forum/remark,13570046 Fri, 03 Jun 2005 19:12:26 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13570026 Nerdtalker : There isn't much you can do about your neighbors to make them "hide" their AP.

As far as I know, there isn't any way to create a "no connect" rule that prohibits you from connecting to a specific AP.

What you could do is get them a wireless NIC that doesn't have enough range or signal sensitivity to connect to your neighbor's AP. I'd look into one of those small little USB dongle Wireless Adapters, and simply remove their default MiniPCI or PC-Card adapters. There simply isn't any way they can connect to your neighbor's AP if they can't see it in WZC.

This might be suitable: »www.linksys.com/products/product···prid=669 Just rip-off the antenna.
--
"Some people never see the light till it shines thru bullet holes." -Bruce Cockburn

iPod Shuffle=iPos

I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 6200+]]> http://www.dslreports.com/forum/remark,13570026 Fri, 03 Jun 2005 19:09:06 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13569939 javaMan :
said by Glen T :

. . .

With all due respect, I don't really need parenting advice. This was a technical question.

I think your best bet is going to be locating the neighbor, explaining your situation, and see if he can secure his network. I don't think there's much you can do on your end other than trying some of the suggestions others have offered, social solutions though they may be.
--
Woe unto them that call evil good, and good evil; that put darkness for light, and light for darkness. . . Isa. 5:20]]> http://www.dslreports.com/forum/remark,13569939 Fri, 03 Jun 2005 18:56:16 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13569426 Glen T : My solution has been to restrict Internet access. With more responsible Internet usage, the restriction is removed or reduced. With irresponsible usage, access becomes more limited.

With all due respect, I don't really need parenting advice. This was a technical question. ]]> http://www.dslreports.com/forum/remark,13569426 Fri, 03 Jun 2005 17:58:25 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13569099 GadgetsRme : I had some friends who had a similar problem and they fix it by moving the computer to a corner of the living room, where they could see it at all times. They also restricted the use of it to homework only for 2 weeks, allowed other uses if the kids could show proof homework was finished after that. It stayed that way until the end of the school year. Then was put back with the warning that the restrictions would be worse if it happened again. The next year they had no trouble at all. Show your daughters this little scenario and ask them which they prefer to behave and act maturely, or be watched like little children. And then follow through if you have to. The other thing to do is buy an inexpensive printer and hardwire it for them and kill all access for a period of time.
--
Gadgets]]> http://www.dslreports.com/forum/remark,13569099 Fri, 03 Jun 2005 17:15:09 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13568631 Glen T : By the way, this problem may be more common than you think. My nephew, who is 3rd year university, has been running up the limit on my Brother-in-law's ISP account by downloading music and movies 24/7. Since B-in-L works out of a home office, this wasn't good. He tried restricting access, and now the 'kid' just logs onto his neighbor's wireless.

Be nice if manufacturers of consumer WAPs would amend their getting started wizards to included setting up security and encryption, instead of defaulting to nothing at all.]]> http://www.dslreports.com/forum/remark,13568631 Fri, 03 Jun 2005 16:24:58 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13568536 Glen T :
said by GadgetsRme :

1. Do what SoonerAl said plus ask your neighbor to secure his wireless.
2. If necessary take away wireless devices and or power cords at the appropriate time.
3. If that is defied it is time for a meeting with the "board of education" and their bottoms and take away all computer privileges

Not so simple:

1. I have three daughters who are high-school age. I have to allow them access to their computer (they share it) for actual school work. They can stay up as late as they want writing an essay, but Internet access is just a distraction. They know that they have to finish their online chatting and research by 10:00 pm.

2. They need access to the wireless network for printing, etc. I cannot disable all my computers too (I work from home). But I can shut down Internet access across all of them.

3. I'd have to go door-to-door to find out who owns what wireless access point. I actually went as far as to log on to one of them (of course they haven't changed the default password) and I changed the default SSID to "SecureMePlease". Didn't help.

I could just lock them out of their own routers by setting up security "for them" but that's a bit too nasty.]]> http://www.dslreports.com/forum/remark,13568536 Fri, 03 Jun 2005 16:14:49 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13568203 GadgetsRme : 1. Do what SoonerAl said plus ask your neighbor to secure his wireless.
2. If necessary take away wireless devices and or power cords at the appropriate time.
3. If that is defied it is time for a meeting with the "board of education" and their bottoms and take away all computer privileges
--
Gadgets]]> http://www.dslreports.com/forum/remark,13568203 Fri, 03 Jun 2005 14:17:16 EDT Re: Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13568047 SoonerAl : Why not use software that restricts the hours your kids can logon to their/the family/your XP PC? Software like Netnanny, etc does that.

»www.netnanny.com/products/net_na···res.html

If your kids are limited users then that should solve the problem...

Since I don't use that type of software perhaps others can comment further...

Good luck...
--
"When all else fails, read the instructions..."]]> http://www.dslreports.com/forum/remark,13568047 Fri, 03 Jun 2005 13:54:25 EDT Hiding unsecured wireless networks http://www.dslreports.com/forum/remark,13566512 Glen T : Is there a way in WinXP to hide unsecured wireless networks and prevent automatic connection to same?

I have set up my wireless router to put time restrictions on Internet connection to prevent my kids from staying up until 2:30 am playing NeoPets. However, my ever-resourceful kids have discovered that they can just log onto my neighbour's unsecured wireless networks when ours goes off at 10:00 pm.

I want to block selected networks from the available networks list on their computer.

Suggestions appreciated.]]> http://www.dslreports.com/forum/remark,13566512 Fri, 03 Jun 2005 10:17:42 EDT