Welcome to Bucaro TecHelp!

Bucaro TecHelp
Maintain Your Computer and Use it More Effectively
to Design a Web Site and Make Money on the Web

About Bucaro TecHelp About BTH User Agreement User Agreement Privacy Policy Privacy Site Map Site Map Contact Bucaro TecHelp Contact RSS News Feeds News Feeds


Victims of Sandy Hook

Stop the Slaughter of Innocents. Congress is bought and paid for by gun lunatics and gun promotion groups. If you want to live in a safe America, help buy Congress back for America. Send a donation to Mayors Against Illegal Guns, 909 Third Avenue, 15th Floor New York, NY 10022

How to Tell if Someone is Lurking on Your Wireless Network

You heard the old saying "were not alone". Well, the same can be said about your Wireless Home Network.

Have you ever wondered if someone else is on your network, with out your knowledge, watching every site you visit or stealing account information from your GMail or bank account?

Sure you probably went to great lengths to implement and secure your wireless home network, but any Network Security professional will tell you NOTHING is bullet proof.

While nothing is bullet proof, being proactive with monitoring can catch the un-wanted guest... off guard.

So what can you do to monitor and identify if someone is wondering around on your home network? You can use some simple tools, when combined, will help you see your Network and give you a view of who's online.

NOTE: With these tools chances of identifying someone on your network increases, but will NOT prevent them from gaining access to your Network. Other tools exist than described in this article, but the goal is to show you the different type of tools and how to use them.

1. Firewall Logs - is a good place to start. If you have a Firewall running on your Computer or on your router, look for suspicious activity by scanning the logs for anything out of the ordinary with inbound and outbound traffic.

One method you can use is to look for patterns. For example, if someone was scanning your computer to see what ports are open, the logs will show continuous activity from the same IP Address (an intruder's computer) sending a stream of data to many different ports to a single IP Address or range of IP Addresses.

Obviously, with a smart hacker, they can do many things to cover their tracks, but one thing is for sure, data must be transmitted to probe your computer, and patterns is one method to use for spotting trouble on your Network.

2. DHCP Logs - if the unwanted guest is not Network savvy, or security on your router is not up to snuff, they may be able to drop in unannounced, by receiving an IP Address from your wireless DHCP server.

You can easily view a list of active addresses by connecting to your router and checking the DHCP log. For example, on my Linksys router, the log is located in the Wireless MAC Filter tab, where I can see and identify all active hosts on my Network. But this does not guarantee that these are the only active PC's on my Network.

Why?

Unfortunately, a more sophisticated hacker can get around the need to rely on DHCP. If they did their homework (you can be sure of that), they probably figured out the range of IP Addresses in use on your Network, found an unused address in that range and configure their PC with a static address.

3. Check Who's Connecting To Your Computer - Now that you identified who the trusted computers are on your network (from the DHCP logs), you can check who is connected to your computer. To do this, open a command prompt and enter the following command:

netstat -an

where:

a = Displays all connections and listening ports.
n = Displays addresses and port numbers in numerical form.

Netstat is a useful tool that displays network connections (both incoming and outgoing) on computers. This will allow you to see all IP Addresses that have made a connection to your computer.

Netstat shows you the type of connection (TCP or UDP), IP Address and port number (number after addresses separated by a colon) for both Local (your computer) and Foreign addresses.

RSS Feed RSS Feed


Follow Stephen Bucaro Follow @Stephen Bucaro


Computer Networking Sections

Fire HD
[Site User Agreement] [Privacy Policy] [Site map] [Search This Site] [Contact Form]
Copyright©2001-2017 Bucaro TecHelp 13771 N Fountain Hills Blvd Suite 114-248 Fountain Hills, AZ 85268