Wireless Network Security Help Required

[Skeptical]

A few months back, we started going over out bandwidth limit, which we'd never done before. This happened to coincide with when I bought my new laptop, so naturally enough, my parents decided that it was my fault. Then, I cut my internet usage to the bare minimum (IRC, IM'ing, Email, and a tiny bit of browsing.) And we went over anyway. Way over, $30 worth. This continued for a while, with my parents eventually agreeing that it must be one of my siblings use of the internet. So my Dad and I blocked YouTube, and stopped torrenting anything. Still went over.

 

At this point, I added trackers (BitMeter) to every computer in the house. We still went over our 60gb limit, even though the usage of the computers in the house never approached anything near that. Since then, I've got nuts tracking everything. According to the Cogeco bandwidth meter, we're using about 1,500 mb every day (on average: that works out to about 1.5gb).

 

My Mom insisted on calling Cogeco to see if they could do anything (I knew that they couldn't) and we were told to swap our modem in for a new one. We did so, and I now have it hooked up. They've said to leave my wireless on and protected to see if that is indeed the problem. I doubt that it is, but it's still worth a try.

 

I've had MAC address limits suggested to me, but I can't get my router to accept any of them being input, and I've been told that it's fairly easy to clone them.

 

My current security is:

• Hidden SSID
  
• 25+ character password
  
• Broadcast power turned down to the router's lowest setting.
  
• WPA encryption active
  

 

So really, my questions are:

 

Could it be the modem's fault? Circling packets or something equally strange? I doubt that it is, but I'm still curious (and currently testing it).

&

Is there any way to make my network more secure? I can't find anything else, but then again, this is not one of my areas of expertise.

&

Does anyone know how to find any firmware upgrades for a Dlink DIR-601 router? I can't find any anywhere, and I wonder if that's why the MAC address functions refuse to behave.

 

Thanks for the help, if you can offer any, and thanks for the time if you can't. I'll keep watch and respond to any questions anyone has.

[Sbrideau]

Encription is WEP or WPA? I know you made a typo, but which one?

To me it pretty much looks like someone was hijacking the internet and using it though.

[Skeptical]

Encription is WEP or WPA? I know you made a typo, but which one?

To me it pretty much looks like someone was hijacking the internet and using it though.

 

Oops, I read it over, but missed it.

 

I meant WPA.

[Dracion1]

I suppose there could be someone on there, WPA can be cracked, though apparently it takes a fair while longer than WEP (About 15 minutes I think). If you can switch to, or get a router with WPA2 then try that with a new strong password; though with the other settings you've got it looks like someone is being pretty determined to get on your net if they are. My only other guess is that the ISP has mucked up somewhere on their end and is possibly confusing someone else's data with yours, though that's very unlikely.

[VARN]

On the router page under the settings button, click on network settings; under Dynamic DHCP Client List you should see a list of all the computers that connect to your router. You can verify if any unknown computers have connected. At least that is how it works on my dlink.

[Orpheus]

I'd suggest to find the MAC addresses of all compters in your house, look at all that have connected to the router, and ban any of them you don't recognize.

[RSBDavid]

I'd suggest to find the MAC addresses of all compters in your house, look at all that have connected to the router, and ban any of them you don't recognize.

 

 

To add to this:

 

If you don;t know how to view your MAC, open up command prompt and type in "ipconfig /all". Your MAC is what is labeled as "Physical Address". If you have multiple networks, add the MAC which corresponds to the network you use with the router.

[Solartide]

Well, my reply got deleted, but if you ask any tech guy, my response was quite possibly the most likely scenario.

 

Of course, in real life, we tech guys would phrase it differently.

[das1330]

I'd suggest to find the MAC addresses of all compters in your house, look at all that have connected to the router, and ban any of them you don't recognize.

 

This. Additionally, move the router to non-broadcasting, either buy a new one or use your current one with WPA2 as it's harder to crack, and change the password regularly - if nothing else it will frustrate whoever is using your bandwidth. Alternatively, you could get an ISP without download caps - I push ~700 GB a month through my connection and there are no extra charges.

[Sbrideau]

Wow, how can one push that much in a month? I find it very hard to believe you can push that much in a month.

[Racheya]

Wow, how can one push that much in a month? I find it very hard to believe you can push that much in a month.

HD video, torrents, gaming... you can do it if you try. Though that's quite incredible :mellow:

 

Anywho, on topic, definitely sounds dodgy to me and I do recommend you try to ban any MAC addresses that you don't recognise. Also, do you know any neighbours that you have which are pretty internet/technologically savvy? Either that, or someone is regularly coming by in a car or something.

 

Having someone be on your internet connection is extremely dangerous, they could be downloading illegal materials and it would be your parents seen as responsible for things.

[Skeptical]

So far the use has dropped back to normal, in the 3 days since the modem was swapped. I'm hoping that it was the modem, but it seems really unlikely: I can't even find a record of that ever being a problem.

 

My router refuses to accept the MAC address.... it insists that it's invalid, even though I've confirmed over and over that it's correct.

 

Thanks for the help so far guys.

[Sbrideau]

Wow, how can one push that much in a month? I find it very hard to believe you can push that much in a month.

HD video, torrents, gaming... you can do it if you try. Though that's quite incredible :mellow:

 

Ok, but I won't try, being on a 95GB cap.

 

To OP: Looks like it's better, hope your problem get's resolved.

[Skeptical]

Wow, how can one push that much in a month? I find it very hard to believe you can push that much in a month.

HD video, torrents, gaming... you can do it if you try. Though that's quite incredible :mellow:

 

Ok, but I won't try, being on a 95GB cap.

 

To OP: Looks like it's better, hope your problem get's resolved.

 

Seems to be. Usage is back to normal. Seems unlikely though that it was the modem. I'm personally quite suspicious that they just stopped using it.

 

I've been narrowing down the locations that it can be used from, wandering around measuring signal strength (I live in a widely spaced subdivision, and removed anyone over 60, the computer inept, and children under 10, although I am making an assumption there). To be moving as much data as that, they must have been fairly close. Is there any way for me to see the sites visited/data transferred? I doubt that my ISP would release this information, even if it was to the owner of the connection.

 

What I'm really concerned with is someone doing something illegal.

[Sbrideau]

You can easily see the data transferred, you just have to have a web account. I know that's how it works with my ISP. To know the websites visited, You could go and call them up to see if they would release that information, especially if you're the owner.

[Skeptical]

You can easily see the data transferred, you just have to have a web account. I know that's how it works with my ISP. To know the websites visited, You could go and call them up to see if they would release that information, especially if you're the owner.

 

I meant specifics: I want to know what it was used for. I don't think that they'll release that info, although I'll call customer service tomorrow to find out.

[das]

You can easily see the data transferred, you just have to have a web account. I know that's how it works with my ISP. To know the websites visited, You could go and call them up to see if they would release that information, especially if you're the owner.

 

I meant specifics: I want to know what it was used for. I don't think that they'll release that info, although I'll call customer service tomorrow to find out.

 

 

I work for an ISP, in 5 years we've never had that request, but i'd say if it's over billing (We dont cap data) and a dispute at least in America you would be legally obligated to at least give some data.

[Skeptical]

You can easily see the data transferred, you just have to have a web account. I know that's how it works with my ISP. To know the websites visited, You could go and call them up to see if they would release that information, especially if you're the owner.

 

I meant specifics: I want to know what it was used for. I don't think that they'll release that info, although I'll call customer service tomorrow to find out.

 

 

I work for an ISP, in 5 years we've never had that request, but i'd say if it's over billing (We dont cap data) and a dispute at least in America you would be legally obligated to at least give some data.

 

Thanks, I'd been wondering about that.