Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Squashy

I hate a thief... WiFI thief

Recommended Posts

Posted · Original PosterOP

Am I just old and the term "Stealing Wifi" isn't really like "stealing" in the eyes of others?

 

Long story short, Have been fighting issues with Fusion 360 software. So much so I felt like I couldn't run the software on my 2020 Mac Book Pro and started building a PC. I finally get all my parts, assemble everything and get it up and running. Well I get to the point where it's time to download MS updates and it flies thru them! Next drivers,,, all of a sudden it says 2h42min to download AMD driver. After 3hrs it kicks off and says something went wrong! 

  I can't figure out why everything slowed down so I decided to look in my modem and there I see 1. WiFi extender 2. Roku 3. Google Home Mini & I have none of these!! This is suppose to be my broadband connection for my business only, my wife doesn't even use this service. We use the old DSL for surfing and watching tv!!

 

What really trips me out is that the box is in my home office and I haven't given anyone the Wifi access code. I'm guessing while they was in my house they purposely sought the box out..... Makes me mad, there I have lost a eye, been out of work, trying to figure out what I'm going to do, selling everything I can and feeling horrible about spending money on the service. Then some one else just thinks it's their right to my internet service.. I try so hard to help people and not get mad but then they do this BS.. 

 

I have turned off the WIFI but it won't let me kick off the WiFi extender. (It appears they keep connecting to the extender.) Every time I see a new device I block it and reboot the extender. I don't know how they got the extender attached, it's acting like it's paired to the modem/switch. So I have just pulled the power plug.

 

Looks like I will have to get AT&T out here to give me another box. I tried changing the WiFi password's but it won't accept and I can't get rid of that extender. When I have AT&T come out what should I tell them I need in order to lock this system down? It is a Fixed Wireless 

Link to post
Share on other sites

Dont you have a password? Change that to something else.


CPU: i7-2600K 4751MHz 1.44V (software) --> 1.47V at the back of the socket Motherboard: Asrock Z77 Extreme4 (BCLK: 103.3MHz) CPU Cooler: Noctua NH-D15 RAM: Adata XPG 2x8GB DDR3 (XMP: 2133MHz 10-11-11-30 CR2, custom: 2203MHz 10-11-10-26 CR1 tRFC:230 tREFI:14000) GPU: Asus GTX 1070 Dual (Super Jetstream vbios, +70(2025-2088MHz)/+400(8.8Gbps)) SSD: Samsung 840 Pro 256GB (main boot drive), Transcend SSD370 128GB PSU: Seasonic X-660 80+ Gold Case: Antec P110 Silent, 5 intakes 1 exhaust Monitor: AOC G2460PF 1080p 144Hz (150Hz max w/ DP, 121Hz max w/ HDMI) TN panel Keyboard: Logitech G610 Orion (Cherry MX Blue) with SteelSeries Apex M260 keycaps Mouse: BenQ Zowie FK1

 

Model: HP Omen 17 17-an110ca CPU: i7-8750H (0.125V core & cache, 50mV SA undervolt) GPU: GTX 1060 6GB Mobile (+80/+450, 1650MHz~1750MHz 0.78V~0.85V) RAM: 8+8GB DDR4-2400 18-17-17-39 2T Storage: 1TB HP EX920 PCIe x4 M.2 SSD + 1TB Seagate 7200RPM 2.5" HDD (ST1000LM049-2GH172), 128GB Toshiba PCIe x2 M.2 SSD (KBG30ZMV128G) gone cooking externally Monitor: 1080p 126Hz IPS G-sync

 

Desktop benching:

Cinebench R15 Single thread:168 Multi-thread: 833 

SuperPi (v1.5 from Techpowerup, PI value output) 16K: 0.100s 1M: 8.255s 32M: 7m 45.93s

Link to post
Share on other sites
Posted · Original PosterOP

I tried changing the password. ( I was probably doing something wrong as I was PO'd )

It's acting like they are connecting to the extender which is bypassing the Wifi gateway. They must have set this up when we was gone one day. I believe the extender to be a AT&T box from how well it's buried into the system. 

 

If I had to guess, they took a picture of the box with all the access information, setup a extender while we was on vacation. The mother once bragged about having a friend that could get her onto my wifi no matter what I did. I'm so tired of people always taking what's not theirs and then laughing when you catch them.  

Link to post
Share on other sites

I think some companies wised up to this.

 

My router details are in my safe, the unit itself has no info on it.


i5 8600 - RX580 - Fractal Nano S - 1080p 144Hz

Link to post
Share on other sites

I realize this is a pay solution but if its a real problem you might consider buying Glasswire and just blocking devices on your network as you see them. Pretty sure this block the MAC address of the device so it may be quite effective after a while. 

https://store.steampowered.com/app/355000/GlassWire/

Link to post
Share on other sites

@Squashy it is possible they set up a MAC specific address that allows them direct access to your router regardless of the password you change to, the MAC address allows a "work around to this" I would suggest you reset your MAC access or Full Factory reset your modem. Then go in and change the Username and Password for your router.

What is the Make, and Model of your router?

 

*edit

correction - Wireless MAC Authentication


Tech News Posting Guidelines - READ BEFORE POSTING | Community Standards | Forum Staff

LTT Folding Users Tips, Tricks and FAQ | F@H Contribution | My Rig | Project Steamroller

 

Spoiler

 †  

 

Character is like a Tree and Reputation like its Shadow. The Shadow is what we think of it; The Tree is the Real thing.  ~ Abraham Lincoln

You have enemies? Good. That means you've stood up for something, sometime in your life.  ~ Winston Churchill

Docendo discimus - "the best way to learn is to teach" ~ Benjamin Jantz

 

I am a StarCitizen are you? My ships: Aegis Eclipse, Aegis Sabre, Aegis Gladius, Aopoa Nox, KI P52 Merlin, KI P72 Archimedes and the RSI Constellation Aquila.

 

My Phones are a Nokia Lumia 925 with WM10 and a Microsoft Lumia 950 XL with WM10 running the Fast Ring insider updates. Broke :(

Samsung Note 9 and a Samsung S9+

 

About Myself:   https://linustechtips.com/main/profile/229093-sansvarnic/?tab=field_core_pfield_46

 

 CHRISTIAN MEMBER 

 

 

Link to post
Share on other sites
Posted · Original PosterOP

I have been using MAC filtering on my DSL to keep them off but I hadn't given this service out to anyone. The MAC filtering seems to work but I just can't kick off that extender. I can reboot the extender thru my AT&T Smart home app and then watch them log devices on to it. I block the devices thru my WIFI gateway but the way my service slows down I don't think it has kicked them off,

 

I'm going to try turning on MAC filtering and doing the reset to see if I can kick off that extender. 

 

Just ticks me off that I have to do all this. Especially them coming into my house and looking for the box.

Link to post
Share on other sites
22 minutes ago, Squashy said:

I have been using MAC filtering on my DSL to keep them off but I hadn't given this service out to anyone. The MAC filtering seems to work but I just can't kick off that extender. I can reboot the extender thru my AT&T Smart home app and then watch them log devices on to it. I block the devices thru my WIFI gateway but the way my service slows down I don't think it has kicked them off,

 

I'm going to try turning on MAC filtering and doing the reset to see if I can kick off that extender. 

 

Just ticks me off that I have to do all this. Especially them coming into my house and looking for the box.

Honestly I would do a full factory reset.

The change the username and password.

Then set up your MAC Filtering again, using different setting.

Keep the info in a safe place (of course) so they cannot get back in.

If there is a sticker with the factory info on the back I would remove that and place it in a safe (or locked) place.


Tech News Posting Guidelines - READ BEFORE POSTING | Community Standards | Forum Staff

LTT Folding Users Tips, Tricks and FAQ | F@H Contribution | My Rig | Project Steamroller

 

Spoiler

 †  

 

Character is like a Tree and Reputation like its Shadow. The Shadow is what we think of it; The Tree is the Real thing.  ~ Abraham Lincoln

You have enemies? Good. That means you've stood up for something, sometime in your life.  ~ Winston Churchill

Docendo discimus - "the best way to learn is to teach" ~ Benjamin Jantz

 

I am a StarCitizen are you? My ships: Aegis Eclipse, Aegis Sabre, Aegis Gladius, Aopoa Nox, KI P52 Merlin, KI P72 Archimedes and the RSI Constellation Aquila.

 

My Phones are a Nokia Lumia 925 with WM10 and a Microsoft Lumia 950 XL with WM10 running the Fast Ring insider updates. Broke :(

Samsung Note 9 and a Samsung S9+

 

About Myself:   https://linustechtips.com/main/profile/229093-sansvarnic/?tab=field_core_pfield_46

 

 CHRISTIAN MEMBER 

 

 

Link to post
Share on other sites
Posted · Original PosterOP

Thanks, I'm gong to try all this.. 've just been to PO'd to think straight. Is it only me,, a thief will make you feel like an idiot and dumb as dirt once you find out they have been stealing from you? I just assume they physically take something rather than steal from me like this. Almost like they are bulling me.

Link to post
Share on other sites
Posted · Original PosterOP
46 minutes ago, SansVarnic said:

Honestly I would do a full factory reset.

The change the username and password.

Then set up your MAC Filtering again, using different setting.

Keep the info in a safe place (of course) so they cannot get back in.

If there is a sticker with the factory info on the back I would remove that and place it in a safe (or locked) place.

I found what I believe was the MAC address for the extender and slapped it with the BAN stick when I turned on MAC filtering. (kinda makes you wonder why they have an "Approved" and "Blocked Devices") Hold on,,, says I need to disable WPS

Link to post
Share on other sites
Posted · Original PosterOP

Ok, MAC filtering is up and running. I guess I'm good until they start spoofing MAC addresses.. 

Link to post
Share on other sites
5 hours ago, Squashy said:

Am I just old and the term "Stealing Wifi" isn't really like "stealing" in the eyes of others?

I the US using WiFi without permission that isn’t yours is legally punishable under law. Though it’s rarely enforced. 

Link to post
Share on other sites

MAC filtering is generally useless.

 

Disable WPS as it has vulnerabilities that can expose WPA keys.

 

What issues are you having setting a new password?  


PC : 3600 · Crosshair VI WiFi · 2x16GB RGB 3200 · 1080Ti SC2 · 1TB WD SN750 · EVGA 1600G2 · Define C 

Link to post
Share on other sites
5 hours ago, Donut417 said:

I the US using WiFi without permission that isn’t yours is legally punishable under law. Though it’s rarely enforced. 

It depends where in the US whether piggybacking (stealing or sharing WiFi) is legal or not. It doesn't become a Federal crime until data theft is involved. It's up to each State to make the laws needed and enforce them. When such a law exists (not all States have them), it's not always clear which jurisdiction is responsible for enforcement, then there is the problem of proving who is stealing the WiFi (most local Law Enforcement Agencies do not even know how to determine a crime is being committed). Many LEAs feel piggybacking is a victimless crime (it isn't, by the way) so they consider enforcement of it to be a very low priority.

 

ISPs are more likely to enforce against piggybacking because it results in a loss of revenue so one may have better results reporting WiFi theft to their ISP.


Jeannie

 

As long as anyone is oppressed, no one will be safe and free.

One has to be proactive, not reactive, to ensure the safety of one's data so backup your data! And RAID is NOT a backup!

 

Link to post
Share on other sites

Would be nice to know the make and model of the gear so we could assist you better, but with that said...

There are a few things I would do. Connect to your modem with a WIRE... not wireless. Then first of all, if you do in fact have the stock password info for the modem/router, do a factory reset. Put it back to scratch. Any password that is on it now will cease to exist if it isn't stock. Then immediately go in and change the password. Being as a-holes like this are usually home all day doing nothing and sponging off of others, you need to be pretty quick about it as they will probably be in there right behind you once they realize that they no longer have wifi to steal. Once the password is changed, then turn off WPS and turn ON MAC address filtering and deny everything that isn't your system. That in itself should stop them from reconnecting the extender. Remove that sticker that has any login info, even if you have changed the password so if they do decide to break and enter again, they have squat to work with. And if you do catch them in your home unrequested, hit them with an end table. Sounds like the person doing this is some level of stupid that has access to sniffing software that is grabbing your authentication info. MAC address filtering will make it so even if they can get the password info from a packet, they can't get data connectivity without some brute force measures. At that point, it IS a confirmed crime, though would take some major forensics to prove their actions.

 

And again, if you are still having this issue after the changes you made, post your make and model so we can do research and help you fix it. People like this need to be stopped.

Link to post
Share on other sites
2 hours ago, THEGURUOFNOTHING said:

MAC address filtering will make it so even if they can get the password info from a packet, they can't get data connectivity without some brute force measures

macchanger -a vi:ct:im:ma:cl:ol wlan0

Circumvented.

 

Association MACs are in clear text which you can just sniff out of the air.


PC : 3600 · Crosshair VI WiFi · 2x16GB RGB 3200 · 1080Ti SC2 · 1TB WD SN750 · EVGA 1600G2 · Define C 

Link to post
Share on other sites
4 hours ago, beersykins said:

macchanger -a vi:ct:im:ma:cl:ol wlan0

Circumvented.

 

Association MACs are in clear text which you can just sniff out of the air.

Then the easiest way to kick them in the dick is to wire your network and disable wifi.

Link to post
Share on other sites
6 hours ago, THEGURUOFNOTHING said:

Then the easiest way to kick them in the dick is to wire your network and disable wifi.

Or you can just do it correctly and not give up the convenience.


PC : 3600 · Crosshair VI WiFi · 2x16GB RGB 3200 · 1080Ti SC2 · 1TB WD SN750 · EVGA 1600G2 · Define C 

Link to post
Share on other sites
Posted · Original PosterOP
17 hours ago, THEGURUOFNOTHING said:

Would be nice to know the make and model of the gear so we could assist you better, but with that said...

There are a few things I would do. Connect to your modem with a WIRE... not wireless. Then first of all, if you do in fact have the stock password info for the modem/router, do a factory reset. Put it back to scratch. Any password that is on it now will cease to exist if it isn't stock. Then immediately go in and change the password. Being as a-holes like this are usually home all day doing nothing and sponging off of others, you need to be pretty quick about it as they will probably be in there right behind you once they realize that they no longer have wifi to steal. Once the password is changed, then turn off WPS and turn ON MAC address filtering and deny everything that isn't your system. That in itself should stop them from reconnecting the extender. Remove that sticker that has any login info, even if you have changed the password so if they do decide to break and enter again, they have squat to work with. And if you do catch them in your home unrequested, hit them with an end table. Sounds like the person doing this is some level of stupid that has access to sniffing software that is grabbing your authentication info. MAC address filtering will make it so even if they can get the password info from a packet, they can't get data connectivity without some brute force measures. At that point, it IS a confirmed crime, though would take some major forensics to prove their actions.

 

And again, if you are still having this issue after the changes you made, post your make and model so we can do research and help you fix it. People like this need to be stopped.

Appologies for the delay.

 

Yes, they was right there as I was making changes. Once I kicked off the "extender" I stopped seeing new devices. (as I saw them I copied the MAC addresses to add to the "blocked" list)

 

With MAC filtering enabled it won't allow me to change the passwords (Technically it says cannot use WPA with MAC filtering enabled) I agree the easiest way to avoid all this is to use a wired connection and would actually prefer that. The Modem is a PACE 5268AC FXN

 

 There are people in all walks of life and professions that will do things for a fix.  

 

Link to post
Share on other sites
9 hours ago, Squashy said:

With MAC filtering enabled it won't allow me to change the passwords (Technically it says cannot use WPA with MAC filtering enabled)

That doesnt sound right...  Never seen anything that does this.

Link to post
Share on other sites
Posted · Original PosterOP
15 hours ago, jagdtigger said:

That doesnt sound right...  Never seen anything that does this.

It seemed odd that it has an Approved list and Blocked list. All of my previous modems only had an "Approved" list and If it wasn't in that list it wasn't allowed. 

 

First thing I tried was to change the Password before I did anything but it wouldn't allow me. I figured I must have to log everything off to change the password. After I reset I tried changing the password, hit save and it wouldn't accept the change. It kept going back to default without any error codes but it did allow me to change the name of the Gateway.

I figured I would gain some time by changing the Name by forcing them to re-enter the default password. That allowing me to turn on MAC filtering and typing in the small list of MAC addresses into the "blocked" section. ( I caught a couple of phones logging on when I was rebooting their wifi extender. I can only imagine what the Google Home was doing every time it lost and reconnected.) 

 

One more thing I did was disable 2.5ghz as the only two Items I wanted to use is running 5ghz. 

 

Needless to say, I am interested in learning more about networks as well as upgrading my home security system and maybe even a CCTV system. I stayed up last night studying monochrome surveillance cameras. Surprisingly not many B&W cameras on the market or they keep them hid from the general public. You want B&W because you can get a much sharper image with the same amount of Lux available. (Better in low light) 

Link to post
Share on other sites
On 2/23/2020 at 7:43 PM, Squashy said:

(Technically it says cannot use WPA with MAC filtering enabled) I agree the easiest way to avoid all this is to use a wired connection and would actually prefer that. The Modem is a PACE 5268AC FXN

 

Are you sure its not saying "cannot use WPS with MAC filtering enabled", as that would make more sense.

 

Did you disable WPS as recommended earlier and try again?

 

If the above error IS correct then its worrying as it suggests WPA is NOT enabled, this could explain how you were able to get hacked in the first place.  Ideally you want to be using WPA2 AES only, as its the only version that hasn't been compromised in some way.


Router: i5-7200U appliance running pfSense.
ISP: Zen Unlimited Fibre 2 (66Mbit) + Plusnet Unlimited Fibre Extra. (56Mbit)

Link to post
Share on other sites
Posted · Original PosterOP

Yes I double checked. 

It wouldn't allow me to enable MAC Filtering until I disabled WPS. After it allowed me to enable MAC filtering I went back to try changing the password. It then gave me the error saying I couldn't change from the default to a custom WPA with MAC filtering enabled. 

 

Don't makes sense why it won't allow me to change from the default password. I am going to go try changing it again just to make sure I'm telling you right. 

Link to post
Share on other sites

You should take and post screenshots. Seems you're mixing some stuff up.


F@H
Desktop: i7-5960X 4.4GHz, Noctua NH-D14, ASUS Rampage V, 32GB, RTX2080S, 2TB NVMe SSD, 2x16TB HDD RAID0, Corsair HX1200, Thermaltake Overseer RX1, Samsung 4K curved 49" TV, 23" secondary

Mobile SFF rig: i9-9900K, Noctua NH-L9i, Asrock Z390 Phantom ITX-AC, 32GB, GTX1070, 2x1TB NVMe SSD RAID0, 2x5TB 2.5" HDD RAID0, Athena 500W Flex (Noctua fan), Custom 4.7l 3D printed case

Dell XPS 2 in 1 2019, 32GB, 1TB, 4K / GPD Win 2

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×