How do I get the school across the street to stop flooding me off my own wireless network?

[Joemonkey]

Some info is here: http://forums.anandtech.com/me...=2185525&enterthread=y

Backstory: About 2 weeks ago our wireless started crapping out on us at regular intervals, eventually causing me to buy a new wireless router. No change, so I returned it and bought another, same thing. Borrowed air magnet card and software from work, and here's what happens:

Only SSIDs in range are mine and the 12-20 across the street at an elementary school. I check air magnet for the school's channels, they are all on 6, so I set up my SSID as ABCD on channel 1

About 10 minutes later, I see all the school's APs change to channel 1, my wireless drops, and air magnet now sees TWO SSIDs of ABCD, one of which is my router's MAC address and the other is one of the school's AP's MAC address.

So, I go into my router, change the SSID to WXYZ, lower the signal strength to LOW, change the signal strength of my two laptop's wireless cards to LOW, turn off SSID broadcast, change the channel to 11, and connect.

Guess what? 10 minutes later I see all the school's APs change to channel 11, my wireless drops, and now the air magnet sees TWO SSIDs of WXYZ, as well as an ABCD still, all matching the MAC address of one of the school's AP's MAC address. Not JUST air magnet either, windows still sees the previous SSIDs with only 1-2 bars of strength

WTF can I do? Call the school board and ask to talk to someone in IT? Is this even legal? No FCC violations or anything? What if they just tell me to go pound sand?

UPDATE: Received a call from the technology office today requesting I email my wireless MAC addresses to them, which I did. Now it's up to them to see what happens. Here is a portion of the email I sent:

"Good morning. I did some research about your Enterasys WAPs and found this information:

?RoamAbout simplifies roll-outs with enhanced automation tools, and comprehensively secures the wireless infrastructure with leading-edge encryption, authentication, rogue access point detection and WLAN intrusion defense.?

So, if you turned off the bolded portion we shouldn?t have an issue. In fact, this issue just started about a week and a half ago so I don?t think the rogue access point detection was turned on until recently. Also, adding my MAC addresses to your ignore list should take care of things, but wouldn?t that mean every time I had a visitor or bought a new wireless device I would have to report that MAC address to you as well? Same thing if I change my SSID?

I have attached an Excel document with some notes and screenshots I took while running Airmagnet software. It shows specifically your danville_domain WAP with MAC address 00:11:88:87:0D:90 performing a DoS attack on my wireless devices after spoofing my MAC address and changing to the channel my SSID is on. Give me a call if you need more information or need to discuss options. Thanks."

Waiting game now.

School's response:

About the same time you started having problems we performed a firmware and software update to our wireless infrastructure. What I didn?t see at the time was that some options were changed regarding the handling of RF countermeasures. Our control software still showed it was disabled, but on the security switch level it changed over to ?attack? anything detected.

I went ahead and placed the MAC of your AP in the ignore category. Searching through the logs I couldn?t find a mention of any of your other MAC addresses. The only mention I found of your AP?s MAC was it being detected as an ad-hoc client, but before I found the other problem the security switch was performing a disconnect attack.

So sorry for the inconvenience, it was never our intention to disable any network outside of our buildings. Unfortunately the change in settings wasn?t mentioned in the release notes we had and when I checked it the first time after you contacted us everything looked like it was normal and shouldn?t have been impacting you or anyone else.

Let either me or Jacob know if you have any further problems.

My response:

So will you be turning this off completely or will I have to inform you of any changes I make to my WAP settings, such as buying a new router or changing my SSID? What will happen if others in the neighborhood attempt to install a wireless network? Thanks again.

OK hopefully the final update:

From the school system

Yes the setting was meant to be off in the first place. But a configuration error had it switched on for everything not part of our network. It should be saved and turned off now so you shouldn?t have to do anything else.

 

[Inspector Jihad]

lawl pwnd.

 

[newb111]

elementary school > you

 

[Savij]

Call the school ask to speak with their IT guy?

 

[Kelvrick]

How fast is their connection. Obviously, just break into it and start using.

 

[yelo333]

Have you tried disabling SSID broadcast?

 

[PottedMeat]

Jam pencils in microwave oven door interlocks, point oven at school, get behind oven, turn on microwave.

 

[Joemonkey]

Originally posted by: yelo333
Have you tried disabling SSID broadcast?

I said I did that in the OP

Do I call the school directly or the school board? The SSID names are all like cityname_domain, cityname_staff, cityname_students, cityname_tech so I don't know if I need to get the city or the school on the line. This isn't a big town, and if I had to guess I'd say that there's only about 150 kids that go to the school, K-5th

 

[l0cke]

Buy a super-directional antenna and aim it away from the school?

 

[spidey07]

You're going to have to go with a somewhat direction antenna and direct your energy away from the school. 180 degree patch antenna would be perfect.

What they're doing is perfectly legal and within FCC regulations.

 

[cmetz]

According to my understanding, what this school is doing is most certainly NOT legal and NOT within FCC regulations.

The genesis of the FCC was that the airwaves were unregulated and unlicensed, and commercial radio stations would play dirty with each other by intentionally jamming each other's signals. Not to mention all the stupid radio setups that just did that as a side-effect. The FCC was created for the original purpose of requiring radio operators to operate in such a manner as to allow everyone to communicate, and to explicitly ban folks from intentionally interfering with others' ability to use frequency bands for which they are properly licensed. The Communications Act of 1934 is good reading here.

Fast forward to modern times and the ISM band rules. The regulations on the ISM band - which are backed by federal law and devices must comply with in order to get FCC approval to operate on the band - requires that devices comply with standards that encourage reasonably feasible sharing of the band among devices (e.g., notice that spread-spectrum is the norm), and that devices do not prevent others from also using the band. Even if a LAN device does this at the 802.11 level, in my opinion, a device that explicitly prevents others from using the ISM band for their 802.11 communications is deliberately interfering with your ability to use the band, which is not allowed.

In recent years, I've seen many sites who think they can implement whatever hostile security measures on 802.11 they want, in the name of securing "their" network. Folks forget that they are guests on the public's frequency band. Nobody has the right to prevent others from using the band. Trying it can get you in legal trouble. You can't jam others' signals. You cannot restrict others' ability to use that band, on or off your property.

Joemonkey, I would start with an FCC complaint. Call their 800 number. Have the offending AP's MAC address ready and reverse it to a vendor. If there's an approved device that is configured in such a way as to automatically interfere with the entire public's ability to use the ISM band, I think the FCC might want to know about that. The FCC can also give you more specific guidance about the law and penalties.

Also call the school and explain the problem. Be friendly and helpful, not threatening. But remember, you are right and they are wrong. Unfortunately, some public school system administrative folks are used to dealing with abusive students and having almost arbitrary authority, and might be hostile to you. This is why I'd start with the FCC, if the school folks turn out to be bad people, you have a stick to beat them with. If they're good people, fixing the problem will also satisfy the FCC, though hopefully the FCC will investigate the devices in question also.

 

[spidey07]

FCC only regulates power and frequency and energy. As long as they stay within that nothing is wrong here.

Shunning rogue APs with noise is totally legal and accepted best practice.

 

[cmetz]

spidey07,

>FCC only regulates power and frequency and energy. As long as they stay within that nothing is wrong here.

Call the FCC and ask them. The FCC has explicit authority to prevent emitters from intentionally or unintentionally harming the communications of other parties with approved emitters. That's the purpose of the FCC and what they have the legal authority to enforce. Regulations about bands, frequencies, emissions, etc. are only the means to that end. That's how they tell you what you can do, the space of what you can't do is nonspecific. If you or your device are intentionally preventing a properly licensed station from using a band for its intended use, and this is brought to their attention (sadly, the FCC's enforcement division has had huge budget cuts, so you pretty much have to report a problem or they won't know about it), they generally start with a warning letter, then it's fine time. And those fines can get big. My understanding is that they have authority to enforce compliance as necessary no matter the layer, that is, even if they're playing nice at L1 and doing totally hostile things at L2, you're still interfering with another user's ability to communicate on the band and the FCC still has the authority to stop that.

If I am properly licensed to use a band (in the case of the ISM band, everyone is, it's an unlicensed band), and I am using approved devices, you are not allowed to deliberately or even unintentionally(*) interfere with my use of those devices on that band. Call the FCC and ask them. (* - well, except for primary/secondary user kinds of bands, in which the primary users can trash the secondary users and the secondary users just have to deal)

Actively interfering with another AP's ability to use the ISM band is not legal AFAIK and is certainly not a best practice. I'd put it up there with IPS/"active defense" devices in terms of Not Getting It. What happens if the OP also deploys such an active defense solution on his nearby / within range network? They fight each other, and the result is that *nobody* communicates. If, instead, both networks are configured with non-harmful security measures, they can maintain security and both shared the band. Which would you call a "best practice" - the solution that leads to a devolution where nobody's network functions, or the solution where folks can share the public resource? I'd call the solution that leads to a civilized network "best practice" and the solution that leads to a wild west "worst practice." Specifically, I would call the solution that this school system has deployed a worst practice.

Joemonkey, also search around for a local amateur radio club. They usually know how to get the FCC's local enforcement bureau to act.

 

[NickOlsen8390]

I would fight fire with fire.
get a 28dbi directional dish or higher and a 600mW wireless card.
Giving you a output power of ~350watts
normal wireless routers are about 69mW you will have about 350,000.
Is this legal by the FCC standards? Hell no.
I think the limit for directional 2.4ghz wireless is 6 watts.
that would bring all wifi in a quarter mile from that dish in one direction to a stand-still.

 

[spidey07]

Cmetz,

I've already advised OP to take the kind approach rather than the cowboy approach. You take the cowboy approach and I bring on the lawyers backed by dollars and MANDATED federal security measures. This umbrella covers state and county installations.

Sorry, I'm a corporate whore. But in the end I win. I've had to deal with gubment regulations before so many times my head spins, right or wrong, an ace beats a queen.

As long as the equipment and it's final energy complies with current FCC rules and regulations there is nothing illegal about it.

 

[cparker]

From what you've described they are intentionally targetting you with interference. You should document this with a log, maybe with some photos or a little video of what you did, how you changed the channels, lowered the power, ssid changes, etc. and how they responded. Then contact the FCC enforecement division. The person in charge there is Riley Hollingsworth. You can google him and find out his contact info, phone nr. etc. He and his office has been very helpful to people who are victims of willful interference such as whatyou've described, which would in all likelihood be clear violation of the law. I would also second the suggestion about contacting a local radio club. You can find out their particulars by conting the american radio relay league (arrl.org), or possibly just calling them up and talking to the person in charge of interference -- they have a department at the national office in CT. I would urge you not to blast them with high powered signals using high gain antennas, etc. That's a clear violation of the law, not to mention the risk of lots of trouble if you are caught.

 

[spidey07]

OP has of yet said how far away from this source of noise is. He's picking up 15-20 APs. He must be very close.

 

[Joemonkey]

Originally posted by: spidey07
OP has of yet said how far away from this source of noise is. He's picking up 15-20 APs. He must be very close.

I'm right across the street, maybe 75-100 feet from their back door.

Here is an overhead view, the school is laid out weird Text My house is 28' by 36' so you can see it's not too terribly far away.

I found the name of the IT person at the school, called, they weren't in, called the school board, they gave me their technology office's phone number. Called that number and their network admin wasn't in so talked to a help desk person who had no idea what I was talking about. They took down my name and phone number and said they'd have the network admin call me, and if they don't call me back this morning I will call back this afternoon. Unfortunately I didn't write down the exact MAC address of the AP I see doing this most often, but I'm taking half a day so hopefully I can talk to them this afternoon and see what's up.

If they act like they have no idea what I'm talking about I guess I'll call the FCC and see what my options are.

 

[WarhammerUC]

get a 2.4ghz jammer and punish them

 

[JackMDS]

Originally posted by: WarhammerUC
get a 2.4ghz jammer and punish them

More like get a 2.4ghz jammer and punish yourself. :shocked:

 

[Lemon law]

Maybe I am getting into an area of my total ignorance regarding essentially the area of wifi. But the OP wifi signal seems to be totally overwhelmed by the school across the street only 120 feet away. And hence the OP's computer's prefer to join the school network.

1.My immediate reaction is this a job for wireless security. The OP needs to set up security such that they will not join the school network because their signal would not have the right security codes.

2. There are substances that are basically radio wave non transparent. A panel of such material between the OP's antennas and the schools would do much to cut down the school signal. It may not eliminate multipath, but once the OP signal is stronger, problem solved.

 

[chucky2]

If all else fails, you could get a 802.11n router that broadcasts on 5GHz...then again, you'd need wireless NIC's that broadcast on 5GHz as well...but, if you have that capability, then you could go that route.

I say talk to the school folks...it's entirely possible they don't know as much as you and will work with you to resolve the problem as long as you remain civil.

If they dismiss you, sigh and say 'I was afraid you'd say that, now I've got to get the FCC involved...do you know if I list you as the aggravating party, the principle, or would that be the board president? All 3?'

They may take the hint then that you're not going away....

Chuck

 

[spidey07]

Originally posted by: chucky2
If all else fails, you could get a 802.11n router that broadcasts on 5GHz...then again, you'd need wireless NIC's that broadcast on 5GHz as well...but, if you have that capability, then you could go that route.

I say talk to the school folks...it's entirely possible they don't know as much as you and will work with you to resolve the problem as long as you remain civil.

If they dismiss you, sigh and say 'I was afraid you'd say that, now I've got to get the FCC involved...do you know if I list you as the aggravating party, the principle, or would that be the board president? All 3?'

They may take the hint then that you're not going away....

Chuck

*chuckle*
The school is using a professionally installed system doing what it is supposed to do. Also they are probably already using the 5Ghz band so no guarantee there. 75-100 feet is nothing for open air wifi.

Since OP specifies 30 minutes, that's a magic timer for cisco's solution. It's when RF management kicks in and all the radios change.

I dismiss you easily as I am well within FCC regulations on total energy output.

 

[Old Hippie]

The school is using a professionally installed system doing what it is supposed to do.

Than I probably missed some kinda novice thing, but what is that system preventing?

I see a system that locates and overwhelms other wireless signals.

Is this a threat to that system, or a countermeasure against something?

 

[RebateMonger]

Originally posted by: Old Hippie
Is this a threat to that system, or a countermeasure against something?

It's intended to "drown" an unauthorized wireless access point inside a company's network. In this case, it's interfering with other people's networks outside their building.