News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Suggestions for keeping neighbors off your Wi-Fi

    Posted on Michael432 Comment on the AskWoody Lounge

    Home Forums Networking – routers, firewalls, network configuration Suggestions for keeping neighbors off your Wi-Fi

    Tagged: , ,

    This topic contains 35 replies, has 19 voices, and was last updated by  wavy 3 days, 13 hours ago.

    • Author
      Posts
    • #1945164 Reply

      Michael432
      AskWoody_MVP

      FYI: If you have neighbors that you do not trust, here are some steps you can take to keep them away from your Wi-Fi network(s). Also applies to most everyone living in an apartment building.

      https://www.routersecurity.org/bad.neighbors.php

      Get up to speed on router security at RouterSecurity.org

      4 users thanked author for this post.
    • #1946169 Reply

      Bundaburra
      AskWoody Plus

      If you have any doubts about who is on your network, Wireless Network Watcher will show a list of who or what is connected.

      3 users thanked author for this post.
      • #1946236 Reply

        Alex5723
        AskWoody Plus

        If you have any doubts about who is on your network, Wireless Network Watcher will show a list of who or what is connected.

        Why should anyone be on your network if your router/network is password protected ?

        • This reply was modified 1 week, 5 days ago by  Alex5723.
        5 users thanked author for this post.
        • #1946362 Reply

          doriel
          AskWoody Lounger

          Good question. I work in IT for several years and still I do not know hot to connect to wifi protected network without password. You can say I am lame, but show me some typical user who can do this. You can still hide your SSID to prevent neighbours from connecting to it. I use program InSSIDer to see what channel to use and not to interfere with other networks.

          I use Network Scanner for finding devices on network.
          Softperfect Network Scanner

          I have not failed. I've just found 10,000 ways that won't work.
          --- Thomas A. Edison

        • #1946577 Reply

          Ascaris
          AskWoody_MVP

          Indeed!  If someone has the wherewithal to get past your WPA2 personal password, things like MAC filtering and hidden SSIDs would be no bother at all to bypass.

          Personally, I use a 63 byte (the longest possible) string of randomly-generated characters as my wifi password.  If they can guess that, I am really impressed!

           

          Group "L" (KDE Neon User Edition 5.16.5).

          2 users thanked author for this post.
        • #1946903 Reply

          Michael432
          AskWoody_MVP

          There are multiple ways:

          1. WPS is often enabled by default and it is, in every sense, a backdoor. No password needed.
          2. Short passwords are vulnerable to off-line brute force guessing
          3. WPA2 comes in two flavors: AES and TKIP with AES being more secure. Not everyone uses it.
          4. Bugs in the router software
          5. Human factors: you gave the password to someone who gave it to someone else.

           

          Get up to speed on router security at RouterSecurity.org

          1 user thanked author for this post.
      • #1946905 Reply

        Michael432
        AskWoody_MVP

        I am a big fan of Nir Sofer and his software. That said, this program only works on Windows and can only handle one SSID at a time. The better approach, to see who is on your network(s), is to communicate directly with the router, either using its web interface or a mobile app.

        Get up to speed on router security at RouterSecurity.org

        1 user thanked author for this post.
    • #1946334 Reply

      MrJimPhelps
      AskWoody_MVP

      Pick an SSID (network name) that doesn’t identify you. For example, if your name is John Smith, don’t pick “JohnSmith” as your SSID. Pick a nondescript name, such as “FootballFan”. If you live in Chicago, pick “ChicagoBears” or “ChicagoCubs”. There are so many Bears and Cubs fans that no one will know that it is you. However, if it is known that you are a Green Bay fan, and you live in Chicago, don’t pick “GreenBayPackers” as your SSID! Not only will they know it is you, but they will likely try to do mischief just because they hate Green Bay!

      Group "L" (Linux Mint)
      with Windows 8.1 running in a VM
      1 user thanked author for this post.
      • #1946493 Reply

        zeddy
        AskWoody_MVP

        Here are my suggestions for SSID names:
        DOWNLOADING VIRUS
        or
        DEA Enforcement Unit
        or
        Mob Tracking Unit

        zeddy
        Excel Panic Dept

        3 users thanked author for this post.
        • #1946701 Reply

          Mr. Natural
          AskWoody Plus

          I’ve used “disabled” a number of times when the home router is broadcasting the ssid.

          Red Ruffnsore reporting from the front lines.

          1 user thanked author for this post.
        • #1947083 Reply

          Kirsty
          Da Boss

          Here are my suggestions for SSID names:
          DOWNLOADING VIRUS

          I saw a great one on Twitter a few months ago, which kept their teenagers off:
          Windows Updates

          3 users thanked author for this post.
      • #1946507 Reply

        F A Kramer
        AskWoody Plus

        Sorry to be a wet blanket but caution is required,. Names like Chicago Cubs and Green Bay Packers are copyrighted and/or registered trademarks. Using them could get you into legal difficulties.

        I suggest that you stick with simple names like “&tyK42bxR4”. At least until I use them first!

        1 user thanked author for this post.
      • #1946917 Reply

        Michael432
        AskWoody_MVP

        Good point.

        Get up to speed on router security at RouterSecurity.org

    • #1946381 Reply

      doriel
      AskWoody Lounger

      Example of inSSIDer usage

      I have not failed. I've just found 10,000 ways that won't work.
      --- Thomas A. Edison

      • This reply was modified 1 week, 5 days ago by  doriel.
      Attachments:
      • #1946578 Reply

        Ascaris
        AskWoody_MVP

        And for Linux users, LinSSID is a close match for InSSIDer (at least the free versions, now that it has turned commercial, as I have never seen the paid version).  It is available in the Ubuntu repo for users of Ubuntu, Mint, Zorin, Neon…

        Group "L" (KDE Neon User Edition 5.16.5).

        2 users thanked author for this post.
    • #1946594 Reply

      AlexEiffel
      AskWoody_MVP

      Thanks Michael.

      I think it is important to remind people that hiding the SSID might be a less secure move as some older devices configured to log to a hidden SSID network might actively broadcast their intentions. I think people should not hide the SSID and they should choose a somewhat uninteresting and uncommon name to prevent rainbow tables type attacks.

      https://www.howtogeek.com/howto/28653/debunking-myths-is-hiding-your-wireless-ssid-really-more-secure/

      I also wrote a few other suggestions in another post, based on things I learned from you and others:

      Patch Lady – reboot your routers

      1 user thanked author for this post.
      • #1952543 Reply

        doriel
        AskWoody Lounger

        Thanks a lot for your insight. I never thought, that hiding my SSID could lower my security, but I see it differently now. Thanks again.

        I have not failed. I've just found 10,000 ways that won't work.
        --- Thomas A. Edison

    • #1946625 Reply

      ScotchJohn
      AskWoody Plus

      I strongly recommend Fing.  Buy a Fing box from Amazon, connect it to your router, and download the Fing app to your iPhone or Android.  You can set it to alarm you if any new user tries to connect to your router, and can set the option to refuse them connection.  Fing also monitors your internet connection speed and drop-outs, so that you may document your claims for loss of service, should your ISP offer that guarantee.

      Dell E5570 Latitude, Intel Core i5 6440@2.60 GHz, 8.00 GB - Win 10 Pro

      • #1946952 Reply

        Michael432
        AskWoody_MVP

        I have used the Fing app (happily) but not a Fing box. For a brief overview of the Fing box and its competition see the Add On Security section here

        https://routersecurity.org/resources.php

        Get up to speed on router security at RouterSecurity.org

        • #1952610 Reply

          rc primak
          AskWoody_MVP

          That same article also mentions BitDefender’s Box which is a full-service security appliance. One of the advantages of such boxes with subscription services is that Internet of Things devices (Alexa, Google Home, etc.) can be set up with their own sub-net, and security can be forced onto even the least secure out of the box appliances. Configuration is consumer-grade, meaning simple enough for Home Users to set up and maintain. And all devices you own can be covered with the security suite subscription.

          -- rc primak

          • This reply was modified 5 days, 21 hours ago by  rc primak.
          • This reply was modified 5 days, 21 hours ago by  rc primak.
          1 user thanked author for this post.
          • #1952899 Reply

            MrJimPhelps
            AskWoody_MVP

            Most of the devices mentioned in the article plug into a port on your router. One of them plugs in between your modem and your router. That one will potentially be more secure, because it controls all connections, as opposed to only those plugged into it.

            An encouraging sign is that some router manufacturers are going to offer malware protection in the router. I wonder why they have waited until now to address such an obvious vulnerability.

            Group "L" (Linux Mint)
            with Windows 8.1 running in a VM
    • #1946739 Reply

      PKCano
      Da Boss

      For sure change both the default SSID and password.
      Case in point.

      Some years back, a friend called for help. He could not send email when he was on his laptop downstairs, but when he went upstairs, he had no problem.
      Back in the day, the default SSID for every Linksys router was “linksys: and the default password was “admin.” The average home user has no clue: they hook it up, it works, everything is good.

      The friend and his neighbor had different ISPs. Both had Linksys routers, neither knew to change anything. When the friend was downstairs, the signal from the neighbor’s router was strongest, so his laptop connected to the neighbor’s network (same SSID, password). But when he tried to send his email through the other ISP’s outgoing mail server, it wouldn’t go. Upstairs, the signal from his router was stronger, so he connected to the right network/ISP and could send mail.

      Needless to say, we changed both the SSID and the password.

      8 users thanked author for this post.
      • #1952613 Reply

        rc primak
        AskWoody_MVP

        Also a good argument for changing to a less congested channel, if you can figure out how to do that.

        -- rc primak

    • #1946938 Reply

      Mr. Natural
      AskWoody Plus

      If you want to get really fancy you can actually create an SSID with emoji’s.

      Red Ruffnsore reporting from the front lines.

    • #1947088 Reply

      discorallado
      AskWoody Plus

      If you’re looking for a great low-/no-cost wifi survey utility for Windows, check out WinFi Lite. Here is a link to a recent GHacks article covering the utility. I have a habit of trying to stay equipped with slick utilities, and this one is in the kit, now.

      For Android, here are a couple of apps I’ve used for nearly 7 years:

      In my experience, a commonly overlooked setting is the channel (frequency range) being used by 2.4GHz and 5.0GHz routers. When performing the survey, see if any particular channels are making up the lion’s share of the results. Most well-known wifi routers permit you to manually set channels. For newer standards, channel bandwidth can be increased as well.

      Don’t go down the rabbit hole unless you have to, though. It’d be more prevalent in environments like apartments, condos and other “connected” housing. One common symptom of this can be an inexplicable drop in part of your coverage area not explained by a wall/partition or some other device.

      For folks that I would assist with this, I drew an analogy to the cordless phones of olden times – the handset jumped channels in conjunction with the base to avoid call noise and static. Same exact principle.

      Good luck!

      Rugged indoorsman.

      • This reply was modified 1 week, 4 days ago by  discorallado. Reason: Notice regarding previous double post
      • This reply was modified 1 week, 4 days ago by  PKCano.
      1 user thanked author for this post.
      b
      • #1952616 Reply

        rc primak
        AskWoody_MVP

        I can’t find any download links for their desktop version. Are you sure this product is still in development?

        -- rc primak

        • #1954383 Reply

          Mark
          AskWoody Plus

          https://www.microsoft.com/en-us/p/winfi-lite/9pfrnjrf22f1?activetab=pivot:overviewtab

          Windows 10 Pro x64 v1709, Windows 7 Home Premium x64, Windows Vista Home Premium x64
          • #1954525 Reply

            wavy
            AskWoody Plus

            That looks like an App, I would also like a link to a portable version but I see neither .

            🍻

            Just because you don't know where you are going doesn't mean any road will get you there.
            • #1954531 Reply

              b
              AskWoody Plus

              There isn’t a portable version. See the developer’s comments below the ghacks article.

              Knuckle dragger Cannon fodder Chump Daft glutton Idiot Crazy/Ignorant Toxic drinker Blockhead Unwashed mass Seeker/Sucker "Ancient/Obsolete" (Group ASAP) Win10 v.1903

    • #1952346 Reply

      Alan_uk
      AskWoody Plus

      Both my Draytek modem/router (MR) and my TP-Link WiFi Access Point (AP) allow me to  strictly bind MAC addresses to an IP address so only pre-defined devices have access to my LAN.Currently I have about 30 devices defined.

      Maybe cheap MRs and APs (including those free ones provided by the ISP) don’t have this feature but to me it’s well worth investing in more capable MRs and APs.

      Alan

    • #1952882 Reply

      wavy
      AskWoody Plus

      Both my Draytek modem/router (MR) and my TP-Link WiFi Access Point (AP) allow me to  strictly bind MAC addresses to an IP address so only pre-defined devices have access to my LAN.Currently I have about 30 devices defined.

      Maybe cheap MRs and APs (including those free ones provided by the ISP) don’t have this feature but to me it’s well worth investing in more capable MRs and APs.

      Alan

      Of course MAC spoofing is not too difficult…😒
      But +1 for a better than isp router..

      🍻

      Just because you don't know where you are going doesn't mean any road will get you there.
    • #1954619 Reply

      wavy
      AskWoody Plus

      That looks like an App,

      Ok I see the dev says it is not an App. I thought that coming from the MS store meant it would be an App.

      🍻

      Just because you don't know where you are going doesn't mean any road will get you there.
      • #1954809 Reply

        b
        AskWoody Plus

        I think the distinction went away a couple of years ago:

        The Windows Store now includes traditional desktop apps

        Knuckle dragger Cannon fodder Chump Daft glutton Idiot Crazy/Ignorant Toxic drinker Blockhead Unwashed mass Seeker/Sucker "Ancient/Obsolete" (Group ASAP) Win10 v.1903

        1 user thanked author for this post.
    • #1956478 Reply

      wavy
      AskWoody Plus

      I guess I am just behind the times. Been staying away from the store…
      I no knowledge of what makes a Win32 apps vs an UWP app. I do note that the store does the install and I do not end up with an MSI or setup.exe that I can use some place else. I am not a fan of MS mediating the install….

      🍻

      Just because you don't know where you are going doesn't mean any road will get you there.
      • This reply was modified 3 days, 13 hours ago by  wavy.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Suggestions for keeping neighbors off your Wi-Fi

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.