Our new Indie Games subforum is now open for business in G&T. Go and check it out, you might land a code for a free game. If you're developing an indie game and want to post about it, follow these directions. If you don't, he'll break your legs! Hahaha! Seriously though.
Our rules have been updated and given their own forum. Go and look at them! They are nice, and there may be new ones that you didn't know about! Hooray for rules! Hooray for The System! Hooray for Conforming!

Interwebz thieves, help.

deadlydoritodeadlydorito __BANNED USERS
In 5 days, somehow with only playing videogames (tf2, hon,) online and surfing the web, we have spent 20 gigs of my household broadband. We have 5 left.

We have wireless mac adress filtering and firewalls and all that stuff, is it possible for someone to haxor through wireless mac filtering? Dad reckons that its impossible but i know theres assholes out there that want free interwebs.

anyways to sum it up, 20 gigs in five days, nobody is torrenting, just surfing the web. Mac adress filter or whatever the fuck its called.

Can i possibly spend 20 gigs of broadband playing too much team fortress? Is someone ninja'ing my interwebs? Can people hack mac adress filtering firewalls and all the security measures one can buy?

deadlydorito on

Posts

  • elliotw2elliotw2 Registered User
    edited October 2009
    You could from 5 days of TF2. You should put a WPA2 password on your router, and check it's logs for an mac address that's not from your house

    camo_sig2.pngXBL:Elliotw3|PSN:elliotw2
  • khainkhain Registered User regular
    edited October 2009
    Mac address filtering doesn't provide security and is pretty much completely worthless. WPA is pretty much the only option to secure a wireless network and that assumes that you use a good password.

    edit: This seems to come up in every thread, but hiding the SSID of you're AP only provides an illusion of security since it's relatively easy to find. The only option for actually security is to use WPA, and then there isn't any reason to have any of these other options that attempt to provide security through obscurity enabled.

  • Bionic MonkeyBionic Monkey Registered User, ClubPA
    edited October 2009
    You can get around MAC address filtering, it's just usually not worth the time for somebody looking for free internet. But like Elliot said, you should throw a WPA2 password on there too. No reason you can't have several levels of protection. Also, make sure your SSID is hidden, and for god's sake, make sure it's been changed from "linksys" or whatever the default name for your router may be.

    sig_megas_armed.jpg
  • Bionic MonkeyBionic Monkey Registered User, ClubPA
    edited October 2009
    khain wrote: »
    Mac address filtering doesn't provide security and is pretty much completely worthless.

    You know, I've heard people say this, but I've never seen someone explain why, beyond "haxxors can get through it." The way I understand it is, if someone wants onto your internet bad enough, there's nothing in the world that can stop it.

    How, exactly, is it so damn easy to spoof somebody's MAC address, without knowing what that address is?

    sig_megas_armed.jpg
  • elliotw2elliotw2 Registered User
    edited October 2009
    Mac address filtering can stop casual thieves, but it won't stop anyone who knows more than scan for SSID, try password and admin for the password

    camo_sig2.pngXBL:Elliotw3|PSN:elliotw2
  • deadlydoritodeadlydorito __BANNED USERS
    edited October 2009
    dammit we have wpa2 and the ssid is indeed hidden. maybe playing team fortress 2 is an interwebs killer...

  • elliotw2elliotw2 Registered User
    edited October 2009
    Your router should have a bandwidth monitor, take a look over it and see what it says

    camo_sig2.pngXBL:Elliotw3|PSN:elliotw2
  • Bionic MonkeyBionic Monkey Registered User, ClubPA
    edited October 2009
    elliotw2 wrote: »
    Mac address filtering can stop casual thieves, but it won't stop anyone who knows more than scan for SSID, try password and admin for the password

    Why? I'm not asking for a step-by-step guide here, I just can't figure out how guessing somebody's MAC address is any easier than guessing their WPA2 password.

    sig_megas_armed.jpg
  • khainkhain Registered User regular
    edited October 2009
    khain wrote: »
    Mac address filtering doesn't provide security and is pretty much completely worthless.

    You know, I've heard people say this, but I've never seen someone explain why, beyond "haxxors can get through it." The way I understand it is, if someone wants onto your internet bad enough, there's nothing in the world that can stop it.

    How, exactly, is it so damn easy to spoof somebody's MAC address, without knowing what that address is?

    The MAC address is in the packets that are sent so you can detect it and then change you're MAC address to it. I'm slightly unsure of what happens if you actually try to connect to the AP with the same MAC address while the other is connected, but given that most people leave their routers on 24/7 and turn their PCs off the majority of the time that shouldn't be a problem even though I would expect it to work anyway. It's the same thing with hiding the SSID. sure it may not show up in a scan, which actually isn't always true, but you can detect the name by sniffing packets and then enter it manually. Of course this may stop the casual thief that is computer illiterate, but I would expect a simple google search to turn up answers if the person is persistent enough, not to mention that the vast majority of routers support WPA and there are very few reasons to not use it. While on this topic, WEP is basically the as the above two methods of security as it will stop a casual thief, but is now easily breakable.

    dammit we have wpa2 and the ssid is indeed hidden. maybe playing team fortress 2 is an interwebs killer...

    I doubt that TF2 is using that much bandwidth. I remember doing a calculation for WoW a while ago and and putting in ridiculous figures and getting a max of 5GB a month. You should be able to download a bandwidth monitor and get an average of how much it uses though.

  • FoomyFoomy Registered User regular
    edited October 2009
    have you been watching a lot of videos on youtube or hulu etc. as part of your "just web surfing"?
    that can eat up bandwith pretty good if you spend an hour or 2 a day watching things.

    Steam Profile: FoomyFooms
  • ShogunShogun Hair long; money long; me and broke wizards we don't get along Registered User regular
    edited October 2009
    25 gigs a month? Where are you and please tell me you're paying like $5 a month for that internet connection because that's ridiculous. Are there no providers in your service area that do not have monthly limits?

    steam_sig.png
  • zanetheinsanezanetheinsane Registered User regular
    edited October 2009
    People really overestimate the power of their wireless routers. Unless you have some sort of external antenna mods, if you live in an actual residential house (and not an apartment), the neighbors on either side of you are extremely unlikely to get a good signal. Beyond that the signal would be entirely worthless (especially for the amount of bandwidth consumption you're seeing).

    Unless you've noticed any cars/vans with large antennas suspiciously parked outside your house for days, the problem is almost certainly coming from within.

    Even in an apartment complex you're only likely to be able to use a wireless signal maybe at most two units in any direction. One unit for bigger apartments.

    And for research purposes, you can download a copy of Backtrack (a linux live distro) and play around with aircrack-ng to find out how easy it is to spoof a MAC address. There are plenty of tutorials out there on google to get you started.

  • ZxerolZxerol The fullest, most luscious beard. Registered User regular
    edited October 2009
    elliotw2 wrote: »
    Mac address filtering can stop casual thieves, but it won't stop anyone who knows more than scan for SSID, try password and admin for the password

    Why? I'm not asking for a step-by-step guide here, I just can't figure out how guessing somebody's MAC address is any easier than guessing their WPA2 password.

    The header for an 802.11 frame, which contains (source/destination) MAC addresses, is transmitted in the clear. It takes like a minute to sniff data packets to get valid addresses and spoof it.

Sign In or Register to comment.