How to spot WLAN intruders?

Discussion in 'Networking Issues' started by WirelessInn, Feb 3, 2007.

  1. WirelessInn

    WirelessInn LI Guru Member

    I run a WLAN for the purpose of allowing my B&B Inn's Guest limited (i.e. no big downloads, etc... - I am using Satellite based internet service: not so great bandwith) access. Also, of course, I run my own back office computers on this network. All linksys, starting with WRT54G all the way down to NIVs, and via WET54G and WRE54G and WAP54G and wired switch and hubs.
    I use WAP encryption and a custom SSID (I leave SSID broadcast on however) and I change the encryption weekly. I end up issuing my Guests a little card with the current encryption code on it.
    I would like however to see when someone gets on the WLAN - of course, should be either me or Guests, just to make absolutely sure that I do not have hackers onboard!
    Any way to do this type of basic monitoring?
    - Roger T
  2. SimonMackay

    SimonMackay Network Guru Member

    Use of the DHCP Server client table as a rough guess

    The WRT54G would be the network's DHCP server, so it would be worth it to visit the management interface Web page, especially to go to http://%WRT54G_IPAddress%/StatusLan then click on the "DHCP Clients Table" button.

    You will have a list of IP addresses handed out to devices that have become part of your network and the MAC addresses of the devices. You could do a "rough count" of devices that have suddenly appeared on the list that night and work back on the number of cards taken that night by B&B guests in order to identify the presence of hackers.

    With regards,

    Simon Mackay
  3. WirelessInn

    WirelessInn LI Guru Member

    Ah! That might be my problem: my WRT54G is connected to my Satellite internet Service (HughesNet/Direcway formerly) via one of the router's LAN PORTS; that's how I have to connect since 1) the Sat Modem does the DHCP function (DHCP disabled in the WRT54G) and 2) the connection to thru a LAN port rather than the router's WAN port is required since I do not have a static IP from the Sat people. So, in a way, if I am not incorrect, the WRT54G does NOT really operate as a router, but as a glorified hub?? In fact, I have been trying to see if anything shows up also in the router's Incoming and Outgoing logs: nothing indeed.
    Thanks for your continuing help!
    - Roger T
  4. rockbeth

    rockbeth LI Guru Member

    Thats wild, can you connect the satelites modem output to the wrt45g's internet port? turn the DHCP on in the wrt45g's router and wala, that should allow you to check the logs. This will also alow you to have a better firewall I think. I think you will need to also set the settings on the wrt45g to work with the satelite modem. Some of the routers can be set up to record the log file on one of your local machines. If it is a small bread and breakfast how about just hard wiring the rooms in? most laptops nowadays have a port.
  5. WirelessInn

    WirelessInn LI Guru Member

    Ah, so being able to see the Incoming/Outgoing logs in the WRT54G might be a function of two things: 1) Have the B'Band Modem connected to the WAN port of the router; 2) Have to WRT54G set up with DHCP enabled. In my case, so far, up until I upgrade to Sat Modem plan with Static IP, seems that I have to stick to my current connection - so, no Logs available!
    - Roger T
  6. ifican

    ifican Network Guru Member

    I see no reason that you cannot rearrange the configuration. If you connect the sat modem to the wan port and set the wan port of the router to dhcp it will pull an ip just like any of the hosts. As long as you make sure the lan side dhcp is turned on and is issuing ip's on a different subnet then that you are getting from the sat modem all will work perfectly. You will have better control and you can see the logs. As far as getting the router to work the way you want, there is no easy way by the routers configuration pages. You could set up a server and use radius or other such programs to limit access but its really no different then you just changing the password every so often.
  7. HennieM

    HennieM Network Guru Member

    I think the logs provided by the router log connections through the WAN port only, so, even if you re-arrange your setup, you will not be able to see wireless connections logged.
  8. WirelessInn

    WirelessInn LI Guru Member

    Yes and thank you, Gentlemen: problem solved!
    - Roger T
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice