home network security

By tallgadge ·

i have a home network - 1 pc connected to the router by cable, the others one wireless.

i've recently noticed that on my router, the "wireless" led is lit, even when i have switched the wireless laptop and pc off.

can anyone suggest a method where i can check if anyone else is using my bandwidth? is there a tool which would do this?

sooner try this before i have to change all the access codes on the router.

not worried about pc security as all are protected by zonealarm, just annoyed that someone is potentially nicking bandwidth from my broadband connection that i am paying for each month!!!

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

Your router

by huoml In reply to home network security

should have a tab/page where it shows 'currently attached devices' where it should show the devices connected (wired and wireless).

The other thing you could do is secure the wireless with WPA with proper length of the passphrase, which is deemed more secure than WEP and it would be difficult for people to use your wireless.


Collapse -

Router software

by mjd420nova In reply to home network security

You should have the router software that will allow you to look at the client list, the units using the router. This would also list the MAC address for those who use the router. If you find others are using your router, copy down their MAC address and then go to MAC address filtering and load in all the MAC addresses including those you own, enable filtering and block those that aren't yours.

Collapse -


by Neon Samurai In reply to home network security

Without knowing what model of router and how it's management webforms are layed out, I'll speak generally.

The other recommendations are a good start and provide the short answer; check our router's connected clients list.

I habitually check the connected clients to see how may of my house machines are in use and if I've got any neibours joining in. In one case, I spent a good half hour watching someone try passwords against my ftp server before I audited there machine and cut them off.

If you have someone piggy-backing already you may want to check over your router and lock it down:

- login from your wired machine and disable the wireless radio part of the network booting any prying eyes. Now change the network and admin passwords to something five or more characters since these are only temporary passwords then reboot the router. If the admin forms don't have a reboot button, pull the power cord out for five minutes then plug it back in.

- confirm if your router has a setting to allow administration from wireless connections in addition to the wired network and disable it. Anyone administrating your router should be sitting infront of your wired workstation.

- consider using mac filtering so your router only listens to network cards it thinks it recognizes. This is not security in and of itself but limits what network chatter your router cares about.

- check your wireless cards and router to make sure they both support 802.11g with WPA-PSK security then change your admin password and WPA-PSK (network password) to something ten characters or more in length with both numbers and letters; letters being in both upper and lower case. Admin and network passwords should be different.

- enable the wireless network radio again and confirm that you can connect with the new WPA (WPA2 is even better) ten digit network code. WEP is about as secure as a porch left unlocked for an hour with the engine idling so if WEP is your only option, consider a router firmware upgrade or new router.

- check the active clients list any time you see the wifi light on when it shouldn't.

There was recently some heated debate over the validity of mac filtering and similar security settings for wifi routers. The minimalists argue that WPA-PSK is all you need because it's the biggest speedbump while the other's argue that any partial security that adds another layer helps.

Both sides agree that WPA with the pre-shared key (PSK) is currently the fundamental setting. I continue to recommend the mac filter more as tuning for your router rather than locked-door security. Hiding your SSID is not necassary but it's up to you.

Related Discussions

Related Forums