Think your neighbor’s are using your wifi? Here’s a quick way to find out when and what they are doing. Yea sure you could just enable MAC filtering or encryption, but lets say you are a bit more curious. The following will show how to track what is being viewed and when, and alert you about it. If you want to have a bit more fun, check out how to quite litteraly turn your wifi piggybacker’s web upside down.
For this hack you need a few things:
- a Linux box (computer) on your network (see note about using Windows)
- I use Debian GNU/Linux 3.1 (sarge) on a Pentium III that doubles as my web server.
- static IPs for each trusted computer on the network with DHCP enabled on the router.
- you can set this in your router setup page (possibly at http://192.168.1.1)
- a web server running on the Linux box
- I use Apache 1.3 (type “apt-get install apache” as root on Debian to install)
- tethereal (the console version of the popular Ethereal packet sniffer)
- type “apt-get install tethereal” as root on Debian to install it
Now you run the following command as root to watch for unauthorized wifi access:
# tethereal -R “ip.addr eq 192.168.1.100 or ip.addr eq 192.168.1.101 or ip.addr eq 192.168.1.102” -w – > /var/www/neighbor_log.pcap
Now just download http://localhost/neighbor_log.pcap after suspected unauthorized wifi use, and open it in Ethreal. There you will see each packet sent by anyone using DHCP which is NOT your trusted computers, and is probably a wardriver or a neigbor stealing your internet!
I will post a comment with the SMS/email alert addon when I get it to work myself!
Please note that this method is crude (it can be circumvented by using a static IP), but it IS a one line neighbor detector.