think there might be some Android users stealing my Internet

[smoothvirus]

So my fiancee was having problems connecting to the network on her laptop, in the course if diagnosing her problems I do a scan to see who's connected to it.

Ran a NET VIEW command, I can see my PC, my laptop, and her laptop. Fine, that's what's supposed to be there.

Out of curiosity I download the iPhone app iNet and run that as well, now I see my router, my iPhone, my plasma TV, my wireless bridge that's running upstairs, and...

two IP's coming back to Motorola Mobility Inc??

Did a search, that's for Android smartphones. Neither myself or my finacee have Androids, I have a iPhone, obviously, and she has a Blackberry.

All I'm using on my network is WEP. I know it's not very secure, but honestly I didn't think anyone would care, I'm just one house in a big development of townhouses.

The android phones are connected to my cheap Trendnet bridge upstairs, I'm not even sure if it's capable of WPA.

Any help on securing this is welcome..

 

[smoothvirus]

I am assuming theres some android app out there that can crack WEP passwords quickly. Also there's a lot of teenagers and kids in my neighborhood. My guess is someone is hiding their internet use from Mommy & Daddy.

 

[MtnMan]

WPA2, MAC filtering

 

[mikeymikec]

Adding to MtnMan's comment, have a long password, IMO >10 chars.

 

[smoothvirus]

Adding to MtnMan's comment, have a long password, IMO >10 chars.

I had like a 20 character password but apparently with WEP it doesn't really matter. Just saw a Youtube vid of an android app that can crack into WEP passwords in about 5 seconds.

 

[JackMDS]

Basic routers are very inexpensive if your Router can do WPA (which also means that is very very old too), get a new Router.

 

[hennessy1]

You can also use this site for your WPA2 passwords.

https://www.grc.com/passwords.htm

 

[ImDonly1]

Do WPA or WPA2.

Mac filtering is useless. WEP is useless.

What do you mean you went on her laptop and did NEW VIEW? Why don't you just login to the router and look at connected devices or previously connected devices?

 

[Emulex]

wpa-AES or WPA2-AES , not -TKIP or auto (usually means wpa2-AES or WPA2-TKIP) - the AES is solid as long as your password is solid non dictionary and 16char or more. TKIP was a bridge because old routers didn't have hardware AES - i notice the 2WIRE routers that uverse gives you defaults to WPA-TKIP OR WPA-AES by default. you have to change that up.

 

[mammador]

WPA2, MAC filtering

This.

Also, get a strong password (mix it with upper case and numbers).

 

[bobdole369]

Aye, I can break any WEP key in like 5 minutes (provided theres enough traffic). Use WPA2 with 10+ char pass (just make it leetspeak, thats usu good enough to get past the bruters. )

MAC filtering is unnecessary and doesn't buy you anything. If an attacker wants he just listens and your MAC is revealed for him to spoof eventually. Same goes for not broadcasting your SSID, BUT if there is nothing there for a script kid to see, nothing to break into right? Well, the tools these days simply reveal the SSID, so its useless either way. Those 2 things will add nothing but trouble (ever have to get your mother in laws MAC address???!!)

 

[aylafan]

If you can't use WPA2 then try WPA (it's still more secure than WEP). If the device doesn't even support WPA then I think it's time for you to replace it with something new.

Good luck on securing your network.

 

[smoothvirus]

thanks for all the helpful advice everyone.

So, I went to WPA2 on my router, and went to MAC address filtering on my wireless access point, and I still see these two IP addresses that claim to be "Motorola Mobility Inc." using the iNet app on my phone.

What's odd is I don't see them listed as being connected from either the router or the WAP. But if I ping the addresses I get a response. I also physically disconnected the WAP and I still see them so they're not getting in that way.

So my router is a Actiontec MI424WR, and my PC is wired to it with Ethernet. My house came with Ethernet already in it so I have a little router in my laundry room that ties all the network drops in the house together. The TV, and the WAP are physically plugged into it.

I just went and unplugged the router in the laundry room, and I can still ping the Motorola Mobility addresses.

Disconnected the antenna from the MI424WR.. still there, can still ping it. It's not wireless at all then..

Scratching my head, I don't know what those IP's are connected to.

 

[Cr0nJ0b]

are you sure that you aren't seeing a phone or something else that is plugged into your PC? Local host?

unplug the network cable and ping that Ip.

Also look under Network properties to see if there are other networks running, like VPN or something.

 

[smoothvirus]

I got it! False alarm!!

It's the set top boxes from my two TV sets. The set top boxes are manufactured by, you guessed it, Motorola. They're connected to my network via a coax connection so don't show up on ethernet or wireless.

I unplugged one from the wall and bang that IP address went dead.

Mystery solved.. I feel a little embarrassed but it pays to be paranoid when it comes to security. Now my network is now much more secure that it was before.

 

[mikeymikec]

I had like a 20 character password but apparently with WEP it doesn't really matter. Just saw a Youtube vid of an android app that can crack into WEP passwords in about 5 seconds.

I did say "adding to MtnMan's comment", and he mentioned WPA2.

@ smoothvirus

It's much better to investigate something thoroughly and be sure at the end of the day. Well done.

 

[Emulex]

aes-256 is 32 min key length. you gotta be serious on key length or you reduce the effectiveness