Not necessarily neighbors steal Wi-Fi, but someone shamelessly does it. And it seems that the connection speed allows you to share with neighbors, but sometimes it drops. What should be done to load the network in this way? At least the conscience to lose and use someone else's Internet without permission. But more to the point.

Situation - you are surfing the Internet through your wi-fi router. And suddenly the speed drops sharply so that pages are difficult to open. And this is not the first time. It is quite a reasonable idea that someone is stealing Wi-Fi. How to find out if someone is connected to my file and how to disable strangers.

Important! All descriptions of the router are not universal - we are talking about a specific TP-LINK model and may differ for other devices. If you are not confident in your actions, do not continue.

Find out if someone is connected to Wi-Fi

Method one. Program. SoftPerfect WiFi Guard

This method is for those who do not want to bother too much and who will carry out diagnostics through a personal computer. To determine who is connected to the router, you will need SoftPerfect WiFi Guard. We find it, for example, through Google and install it. The program is in Russian, it is installed quickly. A minimum of settings is required.

In the tab "main" of the item "settings" of the program, we find the column - "network adapter". We select the item, in my case it is Qualcomm Atheros. Click "OK". Then in the program window, click "scan".

The program will show all devices that are connected to our wi-fi. If only you are connected, you will see two devices (column "Info"), which will be designated as "This computer" and "Internet gateway". That is, your computer and the router itself.

If there are strangers, the program will show them - the devices of the neighbors will be displayed with red circles. These are either neighbors or your other devices.

Method two. Router admin panel

This method does not require additional software. We go to the admin panel of the router. After connecting to the network file, we type the IP address of the router. As a rule, this is 192.168.1.1. The address can be different on different models - you can specify it on the device case. Then we enter the username / password. As a rule, this is admin / admin (you can check it on the device case).

This is where the complexity begins. On different models of routers, the menu may be different. On my device in the "Status" tab we find the item "Wireless". There is a plate with the MAC addresses of the connected devices. If you are connected alone, then there is only one MAC in this table. There are other addresses - neighbors steal Wi-Fi. But it is important - at this point you can get information about the devices that are connected right now.

More information can be seen in the "Interface Setup" tab, "DHCP" item.

How to disconnect neighbors from Wi-Fi

We offer the easiest and most effective way to protect your Internet. Namely, we set a password. Neighbors connected to our Internet either because they hacked your password, or you didn't set it at all.

The algorithm can be different on different devices. On mine so - in the admin panel of the router go to the "Interface Setup" tab, the "Wireless" item. In the column "WPS Settings" we find the item "Authenticatio n Ty pe ". If it is "Disabled", then change to "WPA-PSK". After that, the "WPA-PSK" column appears below in the same tab. In the "Pre-Shared Key" field, write a password - at least 8 characters. It remains only to press "save". We reconnect to our wi-fi, now we are required to enter a password.

As a rule, the password on each device (laptop, tablet, smartphone) needs to be entered only once. The device will remember it and enter it automatically.

If you forgot your wi-fi password

If you forgot the password from the Wi-Fi, then it is impossible to recover it - it is stored in the device itself. It can only be reset. To do this, hold down the "reset" button for a few seconds. The router settings will be deleted and must be configured again.

19.10.16 62 705 0

How to protect your home router from hackers and neighbors

Why breadth of soul can cost you money

Eugene did not set a password for the wifi in his apartment. Why bother? You can forget your password. And the fact that neighbors can use is not a pity, all the same, the Internet is unlimited. Eugene thinks so, and he is grossly mistaken.

Nikolay Kruglikov

young hacker

Let's figure out why an open internet at home is a bad idea and how it can threaten you.

Listening

Access points without a password are also called open, and it's not just a password. At such points, data over Wi-Fi is transmitted without encryption, in clear text. Since Wi-Fi is the same radio waves, it is very easy to intercept traffic: just tune the antenna to the desired frequency and you will hear everything that is transmitted between the router and the computer. Without a password on the router, you simply broadcast to the whole district what you are doing on the Internet.

If you are on a porn site, any of your neighbors can find out which video you are watching. If you are sending a letter, it will most likely be intercepted at the time of sending. If you have "Vkontakte" without encryption, then any neighbor will be able to read your private messages.

Wi-Fi without a password is easy to listen to

How to protect yourself

You need to put a password on the wifi. Of course, connections to some sites are encrypted using HTTPS, and you can also enable VPN, and yet it is much more reliable to protect the entire communication channel at once.

Exercise: setting a password on wifi

Open your browser and enter 192.168.0.1 in the address bar. If nothing happens, try 192.168.1.1 and 10.0.0.1. A window will appear with fields for login and password.
Enter login admin and password admin. If you do not fit - see the standard password in the instructions for the router. Most likely it's something simple. Sometimes the login and password are written directly on the router case.
Find the link on the page that says Wi-Fi or Wireless. A screen will open where you can change the password.

If all else fails, call the wizard. The task of the master is to password-protect your wifi.

Set a password for the wifi with a length of at least ten characters from numbers and letters. Password 12 345 678 is the same as no password.

All instructions are for a home router. At work or in a cafe, they are unlikely to work, because network administrators disable access to the settings of the router for strangers

There may be several encryption options in the settings. Each router has a different set of options, so choose the option that most closely resembles WPA2-PSK (AES). It is the most secure encryption protocol available today. Combined with a good password, it will give you the best possible protection.

A strong encryption protocol is important. A bad protocol, like a bad password, makes it easier to crack. For example, legacy WEP can be cracked in a few hours.

Selecting an encryption algorithm in the router settings. WPA2-PSK is the best option in this set

Make sure you have WPS turned off. This technology allows you to connect to the router using an eight-digit pin. Unfortunately, after the massive implementation of WPS, it turned out that it is extremely insecure: it only takes 10 hours to crack a connection even with the most reliable protocol. The WPS settings are somewhere in the same place as the Wi-Fi settings.

Manipulating router settings

When hackers connect to your Wi-Fi, they gain access to the router's control panel and can reconfigure it in their own way. To get into your router, you just need to connect to Wi-Fi - you don't need to be in an apartment. Some nasty schoolboy might be tinkering with your router's settings right now.

Usually, getting into the settings of the router is not so easy: you need to enter your username and password. But most people have a standard username and password on their router - admin / admin. Unless you changed this setting on purpose, chances are good that any hacker will be able to break into the router.

Having gained access to the control panel, hackers can easily carry out a middleman attack: they will make it so that a malicious service that steals passwords stands between you and the site. For example, at the address tinkoff.ru, not a real, but a fake site will open, which will send them everything that you enter. You will not even know that you have entered a malicious service: it will look exactly like a real Internet bank and even let you in with your username and password. But at the same time, the username and password will be with the hackers.

A router with standard settings can be easily redirected to a fake site

How to protect yourself

Change the default administrator password to your own in the router settings. It should be no less reliable than the password from the WiFi, and at the same time should be different.

Remote access

Hackers are rarely interested in you specifically unless you are a top manager of a large company. More often than not, ordinary people fall under automated attacks when a hacker program looks for potential victims and tries to apply a standard hacking algorithm.

Some routers have the ability to connect to the web interface from an external network - that is, you can enter the router settings from anywhere with an Internet connection, not just from home.

This means that not only nasty schoolchildren can attack your router. The attack may not be targeted: it's just that some hacker in Peru is scanning a certain range of addresses for open routers. Its program sees your router. Connects. The hacker doesn't even know who you are or where you are - he just sets up a redirect and goes back to his business. And your Facebook login falls into his hacker program, for example.

Asking how to secure a WiFi network. In this article, we will look at several techniques that will significantly complicate access to your network by unwanted users.

But when you create a Wi-Fi network, there is a threat to the security of your data. Everything that is transmitted over the wireless network is broadcasted over a fairly tangible distance and attackers can gain access to this data. In order to protect a WiFi network from such an attack, you need to take a few simple steps.

Use a strong password to access your router settings

When setting up, be sure to change the default password. It does not follow the password path to access the router with a password (key) to connect to the network.

Use strong security mode.

Wireless -\u003e Wireless Security (Wireless -\u003e Wireless Security).
In field Version (Version) select WPA2-PSK.
In field Encryption (Encryption) select AES.
Click Save (Save).

Disable WPS

Was the information helpful?

General Articles: General Articles

When you connect to public Wi-Fi, for example, in a cafe, the data is transmitted unencrypted. This means that your passwords, logins, correspondence and other confidential information become available to intruders. Email addresses can be used to send spam, and the data on your social network page can be changed.

A home Wi-Fi network can also be at risk if:

The network is protected by an easy password.
The network has a common name.
Disabled encryption.

Open your router settings

Enter the IP address of the router in the address bar of the browser, you will be taken to the authorization page for the router settings. The router's IP address is located on the back of the device and in the user manual.
On the authorization page, enter your username and password. They are indicated on the back of the router.

Come up with a strong password to access your router

As a rule, a standard username and password are used to access the router settings. An attacker can find out the login and password from your router by downloading the user manual for the device from the manufacturer's website.

To prevent this from happening, change the password for the router. Use guidelines for creating strong passwords.

Come up with a unique name (SSID) for your Wi-Fi network

Often, rainbow tables are used to crack passwords. Predefined rainbow tables for popular SSIDs store millions of possible passwords. If your SSID and password are in such a table, an attacker can instantly recover the password to the network using special programs.

To improve the security of your home wireless network, create an uncommon SSID.

Router interfaces differ depending on the manufacturer, specific model and firmware version. To navigate the settings of the router, use the user manual for your model. As a rule, it comes with the router, or you can download it from the device manufacturer's website.

Enter the IP address of the router in the address bar of the browser, you will be taken to the authorization page for the router settings. The router's IP address is located on the back of the device and in the user manual.
On the authorization page, enter your username and password. If you have not changed them, they are indicated on the back of the router.
On the router settings page, select Wireless -\u003e Wireless Settings (Wireless -\u003e Wireless Settings).
In field Network name (Wireless Network Name) come up with and enter a name for the Wi-Fi network.
Click Save (Save).

Come up with a strong Wi-Fi password

Without a password, your Wi-Fi network will be available to everyone. A strong password will prevent unauthorized people from connecting to it. Use guidelines for creating strong passwords.

For example, we show the configuration of the TP-Link TL-WR841N router. To change your password:

Enter the IP address of the router in the address bar of the browser, you will be taken to the authorization page for the router settings. The router's IP address is located on the back of the device and in the user manual.
On the authorization page, enter your username and password. If you have not changed them, they are indicated on the back of the router.
On the router settings page, select Wireless -\u003e Wireless Security (Wireless -\u003e Wireless Security).
In field PSK password (PSK Password) create and enter a password for the Wi-Fi network.
Click Save (Save).

Make your Wi-Fi network invisible

Hide the network name in the router settings. As a result, your Wi-Fi network will not appear in the list of available wireless networks. It will be impossible to detect it without special software.

Turn on encryption

When you work on a network with weak encryption, your data can be intercepted by attackers. If you are connecting to your home network and you receive a message about weak encryption, change the encryption type to a stronger one. Common types of wireless encryption:

The main difference between them is the level of protection. WEP is not as reliable as others, but it is supported by older hardware. WPA2 is the most secure.

For example, we show the configuration of the TP-Link TL-WR841N router.

To change the encryption type of a wireless network:

Enter the IP address of the router in the address bar of the browser, you will be taken to the authorization page for the router settings. The router's IP address is located on the back of the device and in the user manual.
On the authorization page, enter your username and password. If you have not changed them, they are indicated on the back of the router.
On the router settings page, select Wireless -\u003e Wireless Security (Wireless -\u003e Wireless Security).
In field Version (Version) select WPA2-PSK.
In field Encryption (Encryption) select AES.
Click Save (Save).

As practice shows, most users forget or neglect to protect their home network immediately after setting a password on Wi-Fi.

Securing your wireless network is not the easiest, but very important task.

Having gained access to your network, an attacker can post illegal content with impunity or occupy your channel and significantly reduce the connection speed for which you, by the way, pay... It can also access not only your computer, but all devices on your network.

Instead of tempting fate - let's go through simple and obvious activities that users often neglect.

Hide SSID

The name of the network or SSID (Service Set Identifier), which we see when scanning the area around, looking for Wi-Fi. Knowing this network name, you can connect to one or another Wi-Fi network. By default, routers and access points show the SSID of your network to everyone. However, it can be disabled in the section of your router or access point. This section has an option Enable SSID or "Disable SSID" (Disable SSID)... We set or uncheck the box, depending on the option name in the corresponding router setting.

Turn on encryption

The next point is channel encryption. This option is also located in the section "Wireless Settings" and called "Encryption type" (Encryption settings)... We open the drop-down list and see pieces of 5 options to choose from ( depending on the router model). How do some types of encryption differ from others?

WEP (WIRED EQUIVALENT PRIVACY).
It was released back in the late 90s and is one of the weakest types of encryption. In many modern routers, this type of encryption is completely excluded from the list of possible encryption options. The main problem with WEP is a design error. WEP actually transmits several bytes of the encryption key (password) along with each data packet. Thus, regardless of the complexity of the password, any WEP-encrypted access point can be hacked by intercepting enough packets to crack the password.

WPS / QSS
WPS, aka QSS - allows you to forget about the password and connect to the network by simply pressing a button on the router. WPS allows a client to connect to an access point using an 8-character code consisting of numbers. But not everything is so rosy. By using only numbers, cryptographic strength of WPS is much lower than that of WEP and getting access to your network is easy.

WPA and WPA2 (WI-FI PROTECTED ACCESS)
Some of the most modern types of encryption at the moment and new ones have not yet been invented. WPA / WPA2 support two different initial authentication modes (password checking for client access to the network) - PSKand Enterprise.

WPA PSKor WPA Personal - This is the most common encryption option for home Wi-Fi networks. Connection to the network is carried out using a single password, which is entered on the device upon connection.

WPA Enterprise differs from WPA Personal in that it requires a separate server - RADIUS (Remote Authentication Dial In User Service). Basically, a RADIUS server is a remote user authentication service that validates user credentials for authentication.

Configuring the MAC address filter

The most radical way to secure your home Wi-Fi network is to filter devices by MAC address. A MAC address is a unique identifier for your device on the network. By it, you can filter devices that are allowed access to your network, or vice versa.

We go to the router settings section, which is called “MAC Filtering”... In it we add MAC addresses that can be authorized in your network. The MAC address of your device can be viewed either in the properties of the wireless connection, in the section "additionally", if it is a computer, or in the settings of a smartphone or tablet, in the section "About device"... The MAC address consists of 6 blocks of 2 hexadecimal digits, separated by hyphens. For example: A0-23-1D-14-8C-C9.

Turning on guest access

By limiting access to your network by MAC address, you will greatly increase the security level of your network. But what about friends and acquaintances who want to access the Internet through your connection, from their smartphones or tablets? Adding the MAC address of each device obviously takes longer than just giving the Wi-Fi password. For such a case, most modern routers provide guest access. Guest access implies that the router creates a separate network with its own passwordthat has nothing to do with your home. You can enable guest access (if any) in the section "Home network settings" or in “Wireless network settings”.

Wi-Fi security has evolved continuously since the advent of this wireless technology. Recently, it has evolved so much that almost all modern routers are shielded from possible attacks with strong passwords, sophisticated encryption methods, built-in firewalls, and many other means of protection against intruders. But what happens if the encryption algorithms that have made Wi-Fi one of the most secure protocols until now turn out to be compromised?

This is exactly what happened in the fall of 2017, when Belgian researchers from the University of Leuven found several critical vulnerabilities in the WPA2 protocol and published a detailed report on it. WPA2 is used to secure most of the world's Wi-Fi networks and is considered the most reliable security available for mainstream use.

Content

How to protect your data when Wi-Fi no longer guarantees security?

That WPA has been hacked is disturbing news that affects many electronic devices, but there is no cause for alarm.

In fact, the researchers found a vulnerability in the Wi-Fi protocol that makes wireless traffic potentially eavesdropping on intruders. In other words, anyone can use this flaw in network security to spy on other people's actions on the Internet, steal credit card numbers, passwords, intercept messages in instant messengers, etc.

Fortunately, manufacturers of many gadgets have already managed to improve and modify their devices, eliminating the vulnerability found. And besides, WPA2 is far from the only wall of protection between the hacker and the personal data of users.

To hack someone else's Wi-Fi, an attacker, firstly, needs to locate his receiving antenna within the range of the radio channel, and secondly, most of the information on the Internet is transmitted in an already encrypted form, and the hacker will not be able to read it anyway.

The https protocol, which most web servers run on, adds an extra layer of security to the connection, as does the use of VPN services.

That is why you should always remember about the lock icon in the browser address bar. If a small padlock is not displayed there, it means that the site does not use the https protocol, and all information entered into forms, including passwords, may be available to third parties.

That is why, before sending your home address or payment details somewhere, you should always make sure that there is a padlock in the address bar.

Almost immediately after the news about the vulnerability of the Wi-Fi protocol, all the leading software developers released the corresponding patches for their products. For example, Microsoft released an update for Windows in October 2017. Apple also patched its macOS and iOS operating systems around the same time.

Google released an update to Android in November, so every Android device owner should check the About section of their phone or tablet settings to find out when the last security update was released. If it was running before November, and the phone has Android 6 or earlier, then an update must be done.

What is the preferred wireless security standard?

Wireless routers can use a wide variety of different protocols to encrypt data. There are three main standards that most home and office routers work with:

1. Wired Equivalent Privacy (WEP): This protocol was introduced in 1997 immediately after the development of the 802.11 Wi-Fi standard; currently WEP is considered insecure and since 2003 it has been replaced by WPA information security technology with TKIP encryption method.

2. Integrity Key Temporal Key Protocol (TKIP)... This standard is also deprecated and is being phased out. But unlike WEP, it can still be found in the firmware of many models of modern equipment.

3. Advanced Encryption Standard (AES)... This standard was introduced immediately after TKIP in 2004 along with an updated and improved certification system for WPA2 connections. Routers working with this particular technology should be preferred when choosing new network equipment. Gadgets that connect to a wireless network must also support AES to work well with these routers. Despite the vulnerability mentioned above, WPA2 is still considered the best method for securing Wi-Fi. Currently, router manufacturers and ISPs generally use WPA2 as their standard; some of them use a combination of WPA2 and WPA to make it work with the widest range of wireless gadgets.

In technical documentation for routers, you can also sometimes find the letters PSK, which stand for Pre-Shared-Key or Personal Shared Key. When you have a choice, it is always better to give preference to models with WPA2-PSK (AES) instead of WPA2-PSK (TKIP), but if some old gadgets cannot connect to the router, then you can stop at WPA2-PSK (TKIP). TKIP technology uses the modern WPA2 encryption method, leaving older TKIP-dependent devices able to connect to wireless routers.

How to secure your Wi-Fi

Disable WPS

WPS stands for Wi-Fi Protected Setup, it is a standard and at the same time a protocol that was created to make setting up wireless connections easier. Despite its practicality and functionality, this solution contains a serious flaw: an eight-digit PIN, consisting only of numbers, is easy to break using a primitive selection method, and this creates a convenient starting point for hackers who want to take over someone else's Wi-Fi.

To find out whether or not a wireless router uses the WPS protocol, you need to take a closer look at the box in which it comes: WPS support is marked by the presence of a special logo on the package and a separate physical button on the device body. From the point of view of protection against hacking, it is better to disable this protocol and never use it.