User Panel
Quoted: You don't need their consent. It is YOUR NETWORK. Now you can't use your network to gain access to their computer... that would be illegal. But investigating their unauthorized traffic on your network? You are 100% within your rights. View Quote View All Quotes View All Quotes Quoted: Quoted: Users on your network in a company generally agree to such monitoring either in writing when hired or acceptance of that magic TOU when they login. As employees of the company they can always be monitored as they're using and accessing the data from company equipment. The key thing here is consent - somewhere along the line the user / employee has consented to such monitoring. An external user connected to your home wifi? Ehhhhhhh quite a bit different and I wouldn't want to get involved. You definitely don't have their consent. Especially if they're doing illegal shit. You don't need their consent. It is YOUR NETWORK. Now you can't use your network to gain access to their computer... that would be illegal. But investigating their unauthorized traffic on your network? You are 100% within your rights. Still not something I would want to be involved with due to: A. The time to capture all that info and review it. B. The odds of finding him doing something illegal and me now being involved as I'm the subscriber for the service. C. The legal buttfuckery that goes around in this country today. That said, its poor design to have your home wifi network: A. With a visible SSID (I know, still findable but not by your average joe) B. With weak encryption. C. With a weak password D. Not explicitly denying all other MAC addresses but your own. It's just not worth it to mess with people these days. 15, 20 years ago? Sure. Today? No thanks. Last thing I want to encounter is some overzealous prosecutor who wants to wrangle me up in someone else's troubles because I provided the service for them. Odds of that actually happening? Slim to none. Hence, just block them, take note of it, and call it a day. |
|
I had a family member just smart enough to get into the MAC address list for his WiFI/router, and was freaking out at how many people were attached to him.
Because he forgot about his: Wii Tablets Smartphones Smart TV Blu-Ray player... |
|
Quoted: OP sees the flashy traffic light on his router/modem when he is not on the computer and doesn't realize it is his phone catching email, text, and app updates. View Quote View All Quotes View All Quotes Quoted: Quoted: sideways question, what tipped you off? I wouldn't know what to look for if someone is hacking into my network OP sees the flashy traffic light on his router/modem when he is not on the computer and doesn't realize it is his phone catching email, text, and app updates. Long story and that's a good guess but not the case here. |
|
Quoted:
Did you miss the part about the guy breaking into a password-protected network? The criminal here, is the guy that broke in. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
Quoted:
That's a nice theory, but it's not true. And no, most routers don't log anything and don't have the capability to log anything. Are you kidding me? If you have a secure network then it is your line. Do whatever you want. If push comes to shove then you can always say you were troubleshooting a network problem (which is the absolute truth). Besides, if they are using your line then they can expect you are watching and have no reasonable assumption of privacy whatsoever. And yes, every router should have logging. I am an Microsoft, and Cisco certified, have been setting up networks for over 15 years with all sorts of wireless routers and especially firewalls. If your router has a firewall in it then it will log, just go into the advanced settings. Wireshark is a sniffer. Captures look like gibberish most of the time because the packets have headers and stuff that is encoded in hex/binary, but you can read the data if you filter it out carefully, including some plain text. With a good sniffer you can even replay the traffic on your workstation to see what the other person saw. Now, if you try and hack their computer, then that would be illegal for sure. OP, pretend this guy doesn't exist. The criminal here, is the guy that broke in. Read the whole thread. |
|
Quoted:
You aren't monitoring their communications. You are monitoring your own network, which they happen to be connected to without your authorization. They have no expectation to privacy in such a scenario. You have no idea what you are talking about. View Quote Really? Did you read the OP? He specifically wanted to monitor their communications on his network. You're wrong, and you obviously have no clue what the law says. I would recommend you read it, I even posted a nice link to it earlier. There's a significant difference between routine network monitoring for QOS or intrusion detection and specifically intercepting someone's traffic that is on your network, even if they're there illegally. Read the link I posted. |
|
Quoted:
Technically, again, you are full of shit. It is not the "cable or phone company's connection." It doesn't become their network until you pass beyond your router\gateway. You could shut that gateway down, and you will still have a fully functioning wireless network that is capable of passing data between devices connected to it. That is YOUR network, and you are well within your rights to examine any traffic on it. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Technically, it's not your connection either. It's the cable or phone company's connection. And there are significantly different rules for watching data on a line than for overhearing a conversation in another room. Just the way it is, read 18 USC 119 if you don't like it. Technically, again, you are full of shit. It is not the "cable or phone company's connection." It doesn't become their network until you pass beyond your router\gateway. You could shut that gateway down, and you will still have a fully functioning wireless network that is capable of passing data between devices connected to it. That is YOUR network, and you are well within your rights to examine any traffic on it. You do know this is a tech forum, right? I would recommend acting like it. |
|
|
Quoted: I'll just block the access, but I gotta say I find it incredible, if true, that it would be illegal for me to capture ANY data on a privately owned network. View Quote |
|
Quoted:
I believe there was a divorce case where a guy used a program to take screenshots on his own computer and caught his wife cheating. He got in trouble for doing so. This isn't the exact scenario, but what are you going to do with the information? If you were to report any questionable activities of the unauthorized user, I think you might end up in a bind. I'd just block the DB and secure the network better. View Quote View All Quotes View All Quotes Quoted:
Quoted:
I'll just block the access, but I gotta say I find it incredible, if true, that it would be illegal for me to capture ANY data on a privately owned network. Precisely. |
|
Quoted:
yes, as a courtesy flip all of the images upside down for the intruder. or you can blur them. here is a decent how-to: http://www.ex-parrot.com/pete/upside-down-ternet.html ar-jedi http://www.ex-parrot.com/pete/shot1.png http://www.ex-parrot.com/pete/shot3.png http://www.ex-parrot.com/pete/shot5.png View Quote View All Quotes View All Quotes Quoted:
Quoted:
Any ideas what might work? yes, as a courtesy flip all of the images upside down for the intruder. or you can blur them. here is a decent how-to: http://www.ex-parrot.com/pete/upside-down-ternet.html ar-jedi http://www.ex-parrot.com/pete/shot1.png http://www.ex-parrot.com/pete/shot3.png http://www.ex-parrot.com/pete/shot5.png This made me remember the Kittenwar hack. If I knew someone was mooching internet, I'd redirect them somewhere much worse! |
|
Yep, just redirect their traffic and call it a day. They'll very quickly get frustrated and move on to someone else's wifi. Win/win.
|
|
Wireshark will do it, but odds are they will be using https, so you wont get any interesting information for the most part, and you will have to sift through lots of bullshit. I have captured on my wifi network, and looked at the traffic, and It was a pain in the ass, and it was all https.
|
|
Two issues:
1. If you have a password and they're on your wireless then you've got a problem. Disable WPS if your router has it, change your SSID name to something uncommon (the SSID plays as a salt in the encryption handshake under WPA2) and adopt a password to 10 characters upper, lower, numbers, and symbols. 2. If someone is on your network they could be doing all manner of illegal shit under YOUR IP address. Get them the fuck off your network and stop worrying about being cute or clever. |
|
|
Quoted: Two issues: 1. If you have a password and they're on your wireless then you've got a problem. Disable WPS if your router has it, change your SSID name to something uncommon (the SSID plays as a salt in the encryption handshake under WPA2) and adopt a password to 10 characters upper, lower, numbers, and symbols. 2. If someone is on your network they could be doing all manner of illegal shit under YOUR IP address. Get them the fuck off your network and stop worrying about being cute or clever. View Quote Oh geez, if both cute and clever are out can I at least be one of the two? |
|
Quoted:
This made me remember the Kittenwar hack. If I knew someone was mooching internet, I'd redirect them somewhere much worse! View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
Any ideas what might work? yes, as a courtesy flip all of the images upside down for the intruder. or you can blur them. here is a decent how-to: http://www.ex-parrot.com/pete/upside-down-ternet.html ar-jedi http://www.ex-parrot.com/pete/shot1.png http://www.ex-parrot.com/pete/shot3.png http://www.ex-parrot.com/pete/shot5.png This made me remember the Kittenwar hack. If I knew someone was mooching internet, I'd redirect them somewhere much worse! Long ago, someone showed off a program called AirPwn, or something similar, at a security conference. It injected HTTP responses for images, and injected the "goatce" picture. I imagine that the workings of upside-down-ternit could do something similar. |
|
Quoted:
I have reason to believe someone who lives near me is tapping in to my house wifi network. And yes, I realize I could change the password at any time. What I'd rather do, at least for a while, is monitor and view the data being viewed/accessed. My network, my property, my prerogative and all that. Is there any product that will allow me to capture the data being viewed and accessed while on my personal wifi network? If so, what's it called, and how clear is the captured data? I'm not interested in a bunch of code, I'm looking for fairly lucid content.....though I'm only guessing that it's even an option. Any ideas what might work? View Quote Before you do that it's a good idea to reconcile the wired and wireless client list (in your router) with what is connected to your network in your house. Every "Hacked Wireless" situation I've been involved with has been a wild goose chase. |
|
Quoted:
Before you do that it's a good idea to reconcile the wired and wireless client list (in your router) with what is connected to your network in your house. Every "Hacked Wireless" situation I've been involved with has been a wild goose chase. View Quote View All Quotes View All Quotes Quoted:
Quoted:
I have reason to believe someone who lives near me is tapping in to my house wifi network. And yes, I realize I could change the password at any time. What I'd rather do, at least for a while, is monitor and view the data being viewed/accessed. My network, my property, my prerogative and all that. Is there any product that will allow me to capture the data being viewed and accessed while on my personal wifi network? If so, what's it called, and how clear is the captured data? I'm not interested in a bunch of code, I'm looking for fairly lucid content.....though I'm only guessing that it's even an option. Any ideas what might work? Before you do that it's a good idea to reconcile the wired and wireless client list (in your router) with what is connected to your network in your house. Every "Hacked Wireless" situation I've been involved with has been a wild goose chase. One of my neighbors asked for help, their internet was always slow, even wired. He had called and upgraded to 20mbit, still slow. Turns out he had no security on his WiFi. |
|
Quoted: Quoted: Quoted: That's a nice theory, but it's not true. And no, most routers don't log anything and don't have the capability to log anything. Are you kidding me? If you have a secure network then it is your line. Do whatever you want. If push comes to shove then you can always say you were troubleshooting a network problem (which is the absolute truth). Besides, if they are using your line then they can expect you are watching and have no reasonable assumption of privacy whatsoever. And yes, every router should have logging. I am an Microsoft, and Cisco certified, have been setting up networks for over 15 years with all sorts of wireless routers and especially firewalls. If your router has a firewall in it then it will log, just go into the advanced settings. Wireshark is a sniffer. Captures look like gibberish most of the time because the packets have headers and stuff that is encoded in hex/binary, but you can read the data if you filter it out carefully, including some plain text. With a good sniffer you can even replay the traffic on your workstation to see what the other person saw. Now, if you try and hack their computer, then that would be illegal for sure. OP, pretend this guy doesn't exist. Except he was correct. Someone cracking or brute forcing their way into your network is illegal. Sniffing traffic in an effort to maintain/secure your network is perfectly acceptable and legal. If you disagree, articulate your case with more than an insulting, non-technical one liner. |
|
Quoted: Well you are wrong sorry dude. You cannot listen to someone's calls made from your phone in your house without consent. Doesn't matter who owns the equipment. Federal wiretapping laws cover internet access as well. View Quote View All Quotes View All Quotes Quoted: Quoted: Quoted: Quoted: Quoted: Don't do it. It's illegal. Just change the password and call it a day. Why would it be illegal to monitor traffic on your wifi for evidence of a crime? Txl Because you're not LE and you don't have a warrant to conduct wiretapping operations. Wiretapping of your own network? Nope. Not going to bite on that one. I own the connection, I own the equipment. I didn't consent to them being on my network, ergo, I wasn't supplied with the opportunity to require them to consent to having their comms monitored. If they wanted privacy, they shouldn't be illegally using my connection. So by your analogy, companies that have their own internal networks are wire-tapping you when they allow IT department to look over why you visit/do on a work computer? You might think it's illegal, but it's my god damn connection. Do I not have a right to listen to communications that occur within my house, say, from another room? Yes, I sure fucking do. Have a problem, leave my house (or my internet connection). If you wanted to get around that (theory that I can't monitor activity on my own internet connection), find a way to make a prompt that they have to agree to being monitored or they can't use the internet. Well you are wrong sorry dude. You cannot listen to someone's calls made from your phone in your house without consent. Doesn't matter who owns the equipment. Federal wiretapping laws cover internet access as well. You're comparing purposefully listening into a private phone call with standard network security best practices. Apples-to-oranges; doesn't compute nor does it work that way. I've investigated many hackers by allowing them continued access to a system they breached while we monitored their activities; perfectly legal. |
|
"Computer trespasser” 18 U.S.C. § 2510(21) a person who - accesses a protected computer without authorization and, thus, has no reasonable expectation of privacy in any communication transmitted to, through, or from the protected computer, and - has no existing contractual relationship with the owner or operator of the protected computer for access to the protected computer http://www.olemiss.edu/depts/ncjrl/pdf/North%2520Dakota%25202012/ECPA%2520outline%2520-%2520DRM.pdf |
|
Quoted:
Except he was correct. Someone cracking or brute forcing their way into your network is illegal. Sniffing traffic in an effort to maintain/secure your network is perfectly acceptable and legal. If you disagree, articulate your case with more than an insulting, non-technical one liner. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
Quoted:
That's a nice theory, but it's not true. And no, most routers don't log anything and don't have the capability to log anything. Are you kidding me? If you have a secure network then it is your line. Do whatever you want. If push comes to shove then you can always say you were troubleshooting a network problem (which is the absolute truth). Besides, if they are using your line then they can expect you are watching and have no reasonable assumption of privacy whatsoever. And yes, every router should have logging. I am an Microsoft, and Cisco certified, have been setting up networks for over 15 years with all sorts of wireless routers and especially firewalls. If your router has a firewall in it then it will log, just go into the advanced settings. Wireshark is a sniffer. Captures look like gibberish most of the time because the packets have headers and stuff that is encoded in hex/binary, but you can read the data if you filter it out carefully, including some plain text. With a good sniffer you can even replay the traffic on your workstation to see what the other person saw. Now, if you try and hack their computer, then that would be illegal for sure. OP, pretend this guy doesn't exist. Except he was correct. Someone cracking or brute forcing their way into your network is illegal. Sniffing traffic in an effort to maintain/secure your network is perfectly acceptable and legal. If you disagree, articulate your case with more than an insulting, non-technical one liner. I did, multiple times, even posted the link to the federal law that governs it, and you're still incorrect. |
|
Josh, see the third post up from this one. This is from the legal definition of the law you posted. Unauthorized users have no right to privacy.
|
|
|
It most certainly does, since what I referenced is an amendment to the law you specified.
https://it.ojp.gov/default.aspx?area=privacy&page=1285 |
|
Stop broadcasting your SSIDs, lockdown rogues, allow only your internal private MAC addresses to join (block others via ACLs), etc.
Also - Not a bad time to see what channel(s) other nearby radios are using so you can manually set yours to something unique to avoid the service impact. |
|
Quoted:
If you're monitoring someone else's communications without their consent? Absolutely. View Quote View All Quotes View All Quotes Quoted:
Quoted:
Quoted:
Quoted:
Quoted:
Don't do it. It's illegal. Just change the password and call it a day. Why would it be illegal to monitor traffic on your wifi for evidence of a crime? Txl Because you're not LE and you don't have a warrant to conduct wiretapping operations. So monitoring your own wifi is considered wire tapping under the law? Txl If you're monitoring someone else's communications without their consent? Absolutely. Same reason, you cant walk into a sprint store and them print out your texts. They have to be subpoena'd |
|
OP, when you login to your router's admin console, MOST have a log section that you can filter based on the machine making the request (IP or MAC address usually). Not all routers have this feature, or they have it but they don't log anything useful. Additionally, more and more web traffic is going over https, and hardly any cheap routers support logging that traffic. They want you to buy the more expensive models for those features. Beyond that the way to do what you want is technical beyond the 'just dabbling' level of commitment, and are what the rest of the replies are talking about.
For locking it down, change the password, stop broadcasting the SSID, map all your devices to static IPs and then block everything else. If your router supports more fancy features, you can let them keep connecting but only give them a super slow connection, or use that link earlier in the thread to supply them with upside-down interest browsing, etc. Making the experience painful for them may be worth it for the amusement and learning experience. Good luck. |
|
Quoted: OP, when you login to your router's admin console, MOST have a log section that you can filter based on the machine making the request (IP or MAC address usually). Not all routers have this feature, or they have it but they don't log anything useful. Additionally, more and more web traffic is going over https, and hardly any cheap routers support logging that traffic. They want you to buy the more expensive models for those features. Beyond that the way to do what you want is technical beyond the 'just dabbling' level of commitment, and are what the rest of the replies are talking about. For locking it down, change the password, stop broadcasting the SSID, map all your devices to static IPs and then block everything else. If your router supports more fancy features, you can let them keep connecting but only give them a super slow connection, or use that link earlier in the thread to supply them with upside-down interest browsing, etc. Making the experience painful for them may be worth it for the amusement and learning experience. Good luck. View Quote Great reply, thank you. |
|
This happened to me about 2 years ago.
I considered some jokey stuff like upsidedownternet or redirecting all of his traffic to fuzzy kittens or something, but in the end I didn't have enough time to devote to it so I just changed my password and called it a day. |
|
There are several "standard" lock down procedures that always get posted when someone brings up wifi security. Most of them aren't worth the time or effort, and some can be counter productive.
1) Disabling SSID broadcasting Depending upon your security posture, disabling your SSID broadcasting can make you MORE vulnerable. Since your AP is no longer telling the world bout itself, your device now has to beacon for it. If anyone is listening, they can now setup a fake AP and sniff your data accepting any passphrase/key you give it. Another thing to note, if anyone is within range of the AP they can see you talking to it anyways. 2) MAC filtering Biggest fucking waste of time ever. It's so trivial to spoof MACs. 3) Static IPs Why? DHCP was invented for a reason. The best security you can do for wifi is to use the strongest encryption and create the strongest password possible your device will accept and rotate it a few times a year. |
|
Quoted:
There are several "standard" lock down procedures that always get posted when someone brings up wifi security. Most of them aren't worth the time or effort, and some can be counter productive. 1) Disabling SSID broadcasting Depending upon your security posture, disabling your SSID broadcasting can make you MORE vulnerable. Since your AP is no longer telling the world bout itself, your device now has to beacon for it. If anyone is listening, they can now setup a fake AP and sniff your data accepting any passphrase/key you give it. Another thing to note, if anyone is within range of the AP they can see you talking to it anyways. 2) MAC filtering Biggest fucking waste of time ever. It's so trivial to spoof MACs. 3) Static IPs Why? DHCP was invented for a reason. The best security you can do for wifi is to use the strongest encryption and create the strongest password possible your device will accept and rotate it a few times a year. View Quote I get what you're saying, but you're assuming the unauthorized person has sufficient technical skill to figure it out. And for #2+3 you will start getting collisions between 2 devices trying to use the same MAC+IP address and notice faster that someone has managed to brute force your password. The most likely situation is someone ran some app they found online to brute force an input ssid. Changing things up will foul up an amateur. Nothing he does will prevent a "master leet hacker" from messing with his wifi if they're determined, but those people have better things to do and can afford their own internet access. |
|
Quoted:
I get what you're saying, but you're assuming the unauthorized person has sufficient technical skill to figure it out. And for #2+3 you will start getting collisions between 2 devices trying to use the same MAC+IP address and notice faster that someone has managed to brute force your password. The most likely situation is someone ran some app they found online to brute force an input ssid. Changing things up will foul up an amateur. Nothing he does will prevent a "master leet hacker" from messing with his wifi if they're determined, but those people have better things to do and can afford their own internet access. View Quote How are you going to brute force a WPA2 key such as this: d8*3zw3pb@mUtj*Y*UAW2rF7*!WQhQQ*!$&!QSxZqauxRkrJ4^5DpZA5aCg&x^G ??? The other stuff is just bothersome to set up and unnecessary. |
|
Quoted:
How are you going to brute force a WPA2 key such as this: d8*3zw3pb@mUtj*Y*UAW2rF7*!WQhQQ*!$&!QSxZqauxRkrJ4^5DpZA5aCg&x^G ??? The other stuff is just bothersome to set up and unnecessary. View Quote View All Quotes View All Quotes Quoted:
Quoted:
I get what you're saying, but you're assuming the unauthorized person has sufficient technical skill to figure it out. And for #2+3 you will start getting collisions between 2 devices trying to use the same MAC+IP address and notice faster that someone has managed to brute force your password. The most likely situation is someone ran some app they found online to brute force an input ssid. Changing things up will foul up an amateur. Nothing he does will prevent a "master leet hacker" from messing with his wifi if they're determined, but those people have better things to do and can afford their own internet access. How are you going to brute force a WPA2 key such as this: d8*3zw3pb@mUtj*Y*UAW2rF7*!WQhQQ*!$&!QSxZqauxRkrJ4^5DpZA5aCg&x^G ??? The other stuff is just bothersome to set up and unnecessary. You're not going to brute force that. But the OP is unlikely to use such a password no matter how much you tell him to. You can tell him the only solution is to change his password to something annoyingly complex and when he has to provision some device that he can't copy and paste it in to and can't get WPS to work he will have to change it to something simpler and be annoyed at your advice. |
|
Quoted:
It most certainly does, since what I referenced is an amendment to the law you specified. https://it.ojp.gov/default.aspx?area=privacy&page=1285 View Quote To heck with the statutes, what does the case law say? |
|
Quoted:
There are several "standard" lock down procedures that always get posted when someone brings up wifi security. Most of them aren't worth the time or effort, and some can be counter productive. 1) Disabling SSID broadcasting Depending upon your security posture, disabling your SSID broadcasting can make you MORE vulnerable. Since your AP is no longer telling the world bout itself, your device now has to beacon for it. If anyone is listening, they can now setup a fake AP and sniff your data accepting any passphrase/key you give it. Another thing to note, if anyone is within range of the AP they can see you talking to it anyways. 2) MAC filtering Biggest fucking waste of time ever. It's so trivial to spoof MACs. 3) Static IPs Why? DHCP was invented for a reason. The best security you can do for wifi is to use the strongest encryption and create the strongest password possible your device will accept and rotate it a few times a year. View Quote WPA2-Enterprise / 802.1x is the only effective means to secure you're wifi. Any script kiddy can walk all over those 3 in short order. The next best thing is to honeypot and add hundreds of SSIDs, spoofed clients, bogus traffic and some other soft targets. |
|
Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!
You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.