Jump to content

Wireless connection hacked?


Barfy
 Share

Recommended Posts

Hi,

 

For the first time in some time, I logged on to my ISP's member pages as I've been having a few speed issues lately. Alarm bells started ringing when I noticed that last Thursday between 1am & 6am nearly 2GB of data was downloaded through my broadband connection (the mrs and I were sound asleep at the time) with a further 2.5GB during the day on Thursday.

 

I then looked back at a few previous months and discovered that nearly 70GB of data was downloaded between October and December 08, yet my average use prior to that has been 3 - 5GB per month.

 

I assume there are two possible causes for this: 1) the ISP has f*cked up, or 2) someone has hacked into the router. Before I go shouting at the ISP, is there some way of checking if the router has been hacked?

 

For info, the router is a 3Com model with WPA-PSK and MAC address filtering enabled.

 

Ta,

Barfy

Link to comment
Share on other sites

where is the ISP member pages?

 

On their website - freedom2surf

 

Have you noticed a Taxi parked outside your house regularly?

 

No, but I did wonder why that guy took so long delivering a pizza across the road :p (Sorry, no I haven't noticed anyone lingering around outside!)

Edited by Barfy
wrong place for sarcasm
Link to comment
Share on other sites

Hi,

 

For the first time in some time, I logged on to my ISP's member pages as I've been having a few speed issues lately. Alarm bells started ringing when I noticed that last Thursday between 1am & 6am nearly 2GB of data was downloaded through my broadband connection (the mrs and I were sound asleep at the time) with a further 2.5GB during the day on Thursday.

 

I then looked back at a few previous months and discovered that nearly 70GB of data was downloaded between October and December 08, yet my average use prior to that has been 3 - 5GB per month.

 

I assume there are two possible causes for this: 1) the ISP has f*cked up, or 2) someone has hacked into the router. Before I go shouting at the ISP, is there some way of checking if the router has been hacked?

 

For info, the router is a 3Com model with WPA-PSK and MAC address filtering enabled.

 

Ta,

Barfy

 

If you have MAC address filtering enabled then the chances of it being hacker are very very slim. Were any of your pcs/laptops left on? Maybe you have some BIT torrent shares running.

Link to comment
Share on other sites

If you have MAC address filtering enabled then the chances of it being hacker are very very slim. Were any of your pcs/laptops left on? Maybe you have some BIT torrent shares running.

 

I tend to shut down all the pcs at night, even if a torrent is running, though the router tends to be left on 24/7 (or was until today).

 

It's not so much the volume that concerns me, although if that has been affecting the speeds, that migh change my opinion. What does concern me, is if someone is using my connection, what are they downloading? Is this something to go to the ISP about?

Link to comment
Share on other sites

Maybe you have some BIT torrent shares running.

 

 

Log into your F2S members area, you can see if the traffic has been inbound or out.

 

You may be able to interrogate your router through a web browser and check to see the MAC addresses of any equipment that may have wirelessly connected in the past. Have a read of your manual to see if and how.

 

tbh, with WPA-PSK and MAC filtering, I'd be surprised if it's a neighbour "borrowing" your connection.

Link to comment
Share on other sites

Log into your F2S members area, you can see if the traffic has been inbound or out.

 

You may be able to interrogate your router through a web browser and check to see the MAC addresses of any equipment that may have wirelessly connected in the past. Have a read of your manual to see if and how.

 

tbh, with WPA-PSK and MAC filtering, I'd be surprised if it's a neighbour "borrowing" your connection.

 

Don't get me wrong, I like my neighbours a lot, but from what I know of them, I wouldn't have said they were capable of getting past the WPA & MAC filtering if they wanted to.

 

Almost all of the traffic has been inbound, and sadly the 3Com routers log gets wiped when ever power is cut to it and I rebooted it at the weekend to get the PS3 connected.

 

I'll contact f2s for some advice. In the meantime, I'm just going to double check the security that I can.

Link to comment
Share on other sites

I choose not to encrypt my connection as i have no problem if someone wants to use my connection to check their e-mail. Am i being really really naive?

Seriously, am i?

 

Col.

 

 

That's fine if you think that's all they're doing. Who do you think it'll come back to if they happen to be using your connection for illegal purposes? Or they're a skate?

Link to comment
Share on other sites

Guest Dark Sotonic Mills
I choose not to encrypt my connection as i have no problem if someone wants to use my connection to check their e-mail. Am i being really really naive?

Seriously, am i?

 

Col.

 

As Al said, what if they use your connection to download and/or sign up to a Child Porn site. It's your IP address the police will have and it'd be interesting to see you talk your way out of it.

Link to comment
Share on other sites

I'd also suggest you run an AV, malware, spyware and adware scan on any and all PC's on your network.. Also, do you have the PS3 run the Folding@Home application at all??

 

I started running all of those thing last night, there were a few cookies picked up, but nothing apparently serious. I've still got a couple of other programmes to run (from the sticky on this board). The PS3 is only on when I'm playing games. I don't even leave it on standby much. I have run folding@home but haven't done for a few months.

 

As Al said, what if they use your connection to download and/or sign up to a Child Porn site. It's your IP address the police will have and it'd be interesting to see you talk your way out of it.

 

That is what concerns me most. I would be held liable for what is downloaded through the connection. The volume isn't so much a problem (apart from strangling my speeds) as it's an unlimited service.

 

Initial response from the ISP is that they think someone is piggybacking the connection, but they need to investigate more. In the meantime they've told me to beef up security as much as possible (change passwords, check MAC addresses etc), but a colleague sent me this link:

 

http://www.businessknowledgesource.com/technology/protecting_your_wireless_network_from_hacking_025027.html

 

Which didn't fill me full of confidence!

 

Out of interest could Linux (Ubuntu 8.10) be a weak point?

Link to comment
Share on other sites

As Al said, what if they use your connection to download and/or sign up to a Child Porn site. It's your IP address the police will have and it'd be interesting to see you talk your way out of it.

 

Oh ******, you try doing people a favour and they take advantage. Guess i will be enabling all the encryption this weekend now. Cheers guys.

Oh and as an aside if someone did do that surely plod would confiscate all PC's in the house and realise (about 2 years later) that none of my PC's have accessed any paedo sites?

 

Cheers again.

 

Col.

Link to comment
Share on other sites

I choose not to encrypt my connection as i have no problem if someone wants to use my connection to check their e-mail. Am i being really really naive?

Seriously, am i?

 

Col.

 

i actually lol'd

 

they can also, with the right tools, hack in and drop a keylogger on your network, then watch as you type in your bank details, buy stuff online, online banking etc.

 

Encrypt it all. Now. Not at the weekend. Now

Link to comment
Share on other sites

i actually lol'd

 

they can also, with the right tools, hack in and drop a keylogger on your network, then watch as you type in your bank details, buy stuff online, online banking etc.

 

Encrypt it all. Now. Not at the weekend. Now

 

Point taken but it will have to wait 'till the weekend, it's been unencrypted for donkeys now so hopefully 2 more days, hopefully, wont make a difference.

Cheers for the advice (and Al).

 

Col.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...