How Did They Do That ?!
Sorry if this is a bit off-topic, but I cannot find a better place to ask this ...
I am located in Belgium, and live in a small town. I have bought and installed a wireless network about two weeks ago. I came across this WiGLE site, and was very, very surprised to see my network listed in the database (about a day or two after it went live!), coupled with the exact position where I live .....
This is beyond me - my neighbors cannot even 'see' my network, and still I end up being in a world-wide database two days after powering the thing up. How can that happen ?!?
Just out of curiosity, is there a way to contact/identify the person that found my network and added it to the database ... ?
I am located in Belgium, and live in a small town. I have bought and installed a wireless network about two weeks ago. I came across this WiGLE site, and was very, very surprised to see my network listed in the database (about a day or two after it went live!), coupled with the exact position where I live .....
This is beyond me - my neighbors cannot even 'see' my network, and still I end up being in a world-wide database two days after powering the thing up. How can that happen ?!?
Just out of curiosity, is there a way to contact/identify the person that found my network and added it to the database ... ?
hi pavink,
it just happens when people who drive around looking for networks drive close enough to see yours; WiGLE's point count is based on the number of users we have, and it's pretty large. i'm afraid we have a privacy policy which forbids the disclosure of submitting user identities (and we don't know anyway; the user ids are just to do stats for people; they're not coupled with any real-world info)... but we also respect *your* privacy, and will promptly remove your point from the database if you ask us to. (instructions are in the FAQ).
it just happens when people who drive around looking for networks drive close enough to see yours; WiGLE's point count is based on the number of users we have, and it's pretty large. i'm afraid we have a privacy policy which forbids the disclosure of submitting user identities (and we don't know anyway; the user ids are just to do stats for people; they're not coupled with any real-world info)... but we also respect *your* privacy, and will promptly remove your point from the database if you ask us to. (instructions are in the FAQ).
You must have a Net Stumbler nearby who happened to detect your network. What leads you to believe that your neighbor's can't "see" your network? Anyone driving by can most likely detect the network unless it's extremely low power, or you have some kind of Faraday shielding or something. Part of the reason for this project's existence is to make people aware of the security concerns involved with wireless technology.
Thanks for checking out our project!
Sorry, our policy is not to give out this kind of information. What people have uploaded to us stays safely anonymous to others.is there a way to contact/identify the person that found my network
Thanks for checking out our project!
Thanks for your replies ....
I can't really believe somebody is driving around our (somewhat remote, dead-end) street to look for signals ... Beyond me what some people do with their spare time
I understand how it is done, and that it is easy and effortless to scan for networks in a big city, from your favorite chair. But somebody driving along with a GPS ..... Just can't cope with the idea .....
About the neighbor-thing. They have a wireless, too. I cannot see or connect to theirs (using NetStumbler), and although they can see mine at times, it is too remote to actually use it. So it does take a dedicated scanner to find them ...
Not concerned about my privacy at all (encrypted, access based on known MAC addresses only) - just confused at the speed of the internet ....
Have to go now. Taking my laptop and GPS for a drive .....
I can't really believe somebody is driving around our (somewhat remote, dead-end) street to look for signals ... Beyond me what some people do with their spare time
I understand how it is done, and that it is easy and effortless to scan for networks in a big city, from your favorite chair. But somebody driving along with a GPS ..... Just can't cope with the idea .....
About the neighbor-thing. They have a wireless, too. I cannot see or connect to theirs (using NetStumbler), and although they can see mine at times, it is too remote to actually use it. So it does take a dedicated scanner to find them ...
Not concerned about my privacy at all (encrypted, access based on known MAC addresses only) - just confused at the speed of the internet ....
Have to go now. Taking my laptop and GPS for a drive .....
can a download a European MapPack somwhere from the site ... ?
this comes up every once in a while:
http://wigle.net/phpbb/viewtopic.php?t=237
basicly, we would love to produce mappacks for everywhere people stumble, but we don't know
of a good, free, map data source with the same level of detail as we have for the US.
the webmaps are world-wide, but again, are lower res outside the us.
if you know of any such geo data source, please let us know!
http://wigle.net/phpbb/viewtopic.php?t=237
basicly, we would love to produce mappacks for everywhere people stumble, but we don't know
of a good, free, map data source with the same level of detail as we have for the US.
the webmaps are world-wide, but again, are lower res outside the us.
if you know of any such geo data source, please let us know!
I just want to add to this that your AP having WEP enabled and restricting access to a MAC address does not mean solid security.
There are tools freely available that quickly crack WEP keys. Once done, other tools are available that allow the attacker to watch the wireless traffic (passively) to find the MAC that is being allowed access. Then, it's a simple case of changing (through software) the attacker's MAC and entering the WEP key. The attacker now has access to the AP and any resources the legit user has through it. Oh and BTW, I'm told that the AP will likely provide the attacker a DHCP IP address, even if the MAC is currently in use by the legit user.
WPA has far better security, but even it is not perfect. If you simply have a wireless router hooked to something such as a cable or DSL modem, you're probably only risking allowing an attacker use of your connection for access to the internet. It's unlikely he would be able to backtrack through the router to hack into any other computers in the house.
My feelings are that the world's wireless admins (incl home users) need to know these things to have a clear picture of the vulnerability they are engineering into their networks with the use of wireless. There is currently no consumer-grade wireless that is truly secure.
Apollyon
There are tools freely available that quickly crack WEP keys. Once done, other tools are available that allow the attacker to watch the wireless traffic (passively) to find the MAC that is being allowed access. Then, it's a simple case of changing (through software) the attacker's MAC and entering the WEP key. The attacker now has access to the AP and any resources the legit user has through it. Oh and BTW, I'm told that the AP will likely provide the attacker a DHCP IP address, even if the MAC is currently in use by the legit user.
WPA has far better security, but even it is not perfect. If you simply have a wireless router hooked to something such as a cable or DSL modem, you're probably only risking allowing an attacker use of your connection for access to the internet. It's unlikely he would be able to backtrack through the router to hack into any other computers in the house.
My feelings are that the world's wireless admins (incl home users) need to know these things to have a clear picture of the vulnerability they are engineering into their networks with the use of wireless. There is currently no consumer-grade wireless that is truly secure.
Apollyon
A very good point. It's good that the community has some consensus on the base checklist of things which must before done before a user deploys an AP, but it also makes it difficult to to explain that these things do not stop an attacker, they just make you a less convenient target for people who don't care whether their access comes from you or one of the N other points near them. That being said, I'll still run down the list of turning on WEP, turning on MAC filtering, turning off beacons, changing SSIDs, pushing traffic onto a seperate firewalled segment, etc. to the parents because it's more than likely they would only be a target of opportunity instead of a specific target.
I feel the problem primarily lies in the manufacturers. They do not include sufficient instructions with the hardware to aid the installer in securing the connection.
I own a computer business and have a lot of time in the field. I just updated the BIOS in my DWL-614+ the other day and it took (dumb?) me over half an hour to get its settings and WinXP's wireless settings to work together. The help files are pathetic and the settings for each do not match. Each has a WPA-PSK selection, but one asks for a key and one asks for a passphrase. It's like they are getting authentication and encryption confused. No info on the needed key length. Etc, etc. It was a pain and I'm really not positive I have it set for the best I can get with the given possibilities. I'm having to research the whole arena to understand it all better.
It's no wonder Joe User can't get it secure.
Apollyon
I own a computer business and have a lot of time in the field. I just updated the BIOS in my DWL-614+ the other day and it took (dumb?) me over half an hour to get its settings and WinXP's wireless settings to work together. The help files are pathetic and the settings for each do not match. Each has a WPA-PSK selection, but one asks for a key and one asks for a passphrase. It's like they are getting authentication and encryption confused. No info on the needed key length. Etc, etc. It was a pain and I'm really not positive I have it set for the best I can get with the given possibilities. I'm having to research the whole arena to understand it all better.
It's no wonder Joe User can't get it secure.
Apollyon
I use free radius and have setup 802.1X certs with key tumbling. There is over 1million different key combos that my AP to my PC will use. If someone breaks a key it's likely to change the next packet that is sent out from my PC. I used to get constantly hacked in the city but not anymore.
Honestly there is no way to stop people from seeing an SSID even with beacon suppression or secure access. This is how wireless works. The client (Pc) needs something to attach to. Once you add the SSID in the client, bang netstumbler picks up the packet from the client to the access point.
Honestly there is no way to stop people from seeing an SSID even with beacon suppression or secure access. This is how wireless works. The client (Pc) needs something to attach to. Once you add the SSID in the client, bang netstumbler picks up the packet from the client to the access point.
Also keep in mind all the different antennas, and how those can make otherwise "too far" distances become no problem. I use a modified DSS dish w/cantenna type feed horn to get around 20dBi gain which works wonders to connect to the neighbors reasonably solid whereas with even a 5.5dBi omni it usually doesn't work so good, if I can even "see" it.
So maybe someone is driving around with a stronger or directional antenna. Probably not a dish though, as that is hard to fit in a car.
Also, don't connect to your neighbors (without prior permission). I only do it because I'm a big jerk.
Sounds like you are friends already though.
So maybe someone is driving around with a stronger or directional antenna. Probably not a dish though, as that is hard to fit in a car.
Also, don't connect to your neighbors (without prior permission). I only do it because I'm a big jerk.
Sounds like you are friends already though.Bah! I drive with a dish. Fits in the back window of my car just fine.
http://www2.musatcha.com/musatcha/misc/my_car.htm
http://www2.musatcha.com/musatcha/misc/my_car.htm
Brad Isbell
brad@musatcha.com
http://www.musatcha.com
[img]http://www.musatcha.com/images/logo.jpg[/img]
brad@musatcha.com
http://www.musatcha.com
[img]http://www.musatcha.com/images/logo.jpg[/img]
I stand corrected. But I really meant "18 inch offset feed DSS dish" not just any dish (like your coaxial feed dish, similar to the Cisco dishes).
pavink,
Are you using no encryption, WEP, or WPA? (use WPA if you can)
Do you have SSID Broadcast disabled? (disable if you can)
Those two things should make it significantly more difficult to "see" your network.
Are you using no encryption, WEP, or WPA? (use WPA if you can)
Do you have SSID Broadcast disabled? (disable if you can)
Those two things should make it significantly more difficult to "see" your network.
Return to “Net Hugging Hardware and Software”
Who is online
Users browsing this forum: No registered users and 92 guests