topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday December 12, 2024, 3:31 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: is someone stealing my bandwidth?  (Read 26633 times)

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: is someone stealing my bandwidth?
« Reply #25 on: January 10, 2008, 06:35 PM »
Isn't that what I said? Sorry if it wasn't clear.
I just interpreted it as unsecured WiFi networks being illegal, not that the WiFi owner has full responsibility for the traffic (which could be very bad in the case of pedophilia, terrorism, whatnot).
- carpe noctem

iphigenie

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,170
    • View Profile
    • Donate to Member
Re: is someone stealing my bandwidth?
« Reply #26 on: January 15, 2008, 05:14 PM »
I think the chances of someone sitting in a car outside my house using my bandwidth to cause criminal harm is rather low, especially in our day and age where there are so many free wifi networks everywhere.

I also had to chuckle when this appeared in my feedreader today. This is a great security blog, and here's the post of the day...

http://www.schneier....my_open_wireles.html

He's even making me consider removing the limitations I have  ;)

Carol Haynes

  • Waffles for England (patent pending)
  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 8,069
    • View Profile
    • Donate to Member
Re: is someone stealing my bandwidth?
« Reply #27 on: January 15, 2008, 06:01 PM »
Up to you really - personally I like to be able to access my data throughout my network. I maybe a bit naive but behind a hidden SSID, WPA protection and a router Firewall I feel secure using my data from any network computer. Without some sort of security potentially anybody has access to my computers and their data.

I don't know where you live but in the UK if your IP is associated with downloading materials 'that could be used for terrorism' you can be arrested and held in custody without charge for up to 28 days while the issue is investigated. Terrorists are unlikely to sit in cyber-cafes looking up bomb making equipment.

There was a recent high profile case in the US where the music industry took someone to court and won a settlement in 6 figures - even though the plaintive strenuously argued that they did not download the files from a P2P network and that  it must have been someone accessing he WiFi.

OK the risk may be small - but why take any risk when the consequences are potentially devastating? It is like saying flying is a low risk activity - it is (and probably a lower risk than getting your computers hacked), but if you happen to be on the occasional plane that crashes it doesn't seem like a small risk to you or your family. What are the pluses of having an unsecured network? Once it is set up it is completely transparent in use ???
« Last Edit: January 15, 2008, 06:02 PM by Carol Haynes »

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,649
    • View Profile
    • Donate to Member
Re: is someone stealing my bandwidth?
« Reply #28 on: January 16, 2008, 08:21 PM »
I'm thinking that the key here is that you have to manage to disassociate the two terms "Open WiFi" and "Unsecured Network". The real problem is that most of the (self agrandizing...) so called "Security Mavens" are really nothing more than (snake oil) salesmen that are really just pitching their own version of some (BS) Just-Click-Here... All-in-one security "Solution". Most of these are nothing more then a bloated placebo that will cripple the computer (i guess...) in the hopes that it will end up being too slow to catch anything... *Sigh*

Security is something that one practices, it is not just installed, forgotten, and then somehow completely and magically protects you from all "Evil". I'd be willing to bet prayer would work better then about half of the security software on the market today ... Because that would at least force the user to stop and reflect on what they were about to click on ... Which is what they should have been doing in the %&^$# first place.

Sorry I'm ranting a bit, but it just irks me :)

Back on Topic... Put down the Cookie Cutter and grab a Pen.

The question you have to ask is this: What am I trying to protect, and from whom?  Sure you can lock your home network down like Ft Knox, but is it really necessary? First thing to do is evaluate your environment. A typical WAP has an effective range of approx 300'. So if you live on a 100 acre ranch... Then I'd say Wide Open is reasonably safe. On the other hand, if you live in an apartment building with 400 neighbors right on top of you... Then you should probably think about making things a bit harder to get to. Do you live in a gated community, know all your neighbors, and have been on a first name basis with them for years? Well...? (no risk)

Security and performance go hand in hand... in a tuggle-war. If you add encryption to anything it gets bigger, the "Pipe" however is a fixed size. So the more encryption you add the less actual (payload) data you get. On a 100Mb network the maximum packet size is 1500 bytes, encrypted packets don't get to be bigger, so the payload (of your actual data) inside the packet must be made smaller. This repackaging of the traffic is why high-end commercial routers (are so pricey) require tons of processing power to keep up with the load. Even with out any encryption, you're still dealing with the transmission overhead of TCP/IP which is approx 33% e.g. while the wire may be "seeing" 100Mb if "traffic" only 66% of that is the data that you were stuffing up the wire. There's a "cost" to everything.

Okay, So let's say Evil Doer X has gotten connected to your WiFi! What can X really do? Can he see your (Uber Secret) files? Only if you have them in a shared folder. Do you have shared folders? Do you really know exactly which folders are shared? Are ALL accounts protected by a proper password? (While I would never actually recommend this...) On a (post Service Pack 2) Windows XP network it is theoretically safer to use a blank password, then a simple password (like your address, birthday, or dog's name) because Windows will automatically refuse network access to any account that does not have a password.

I had an uptight client once that refused to give me her password, even though her company was paying me $90 an hour to have to track her down every Min while I was troubleshooting their network. I got tired of that crap in short order, So... I simply stood by her desk slightly behind her so I could watch her hands and glean the first character of her (lightning fingered) password entry (and counted the key strokes). The next time I needed to get into the machine after she had disappeared (again), I simply looked around her desk for inspiration, and quickly focused on a picture of her boyfriend. His name was not only on the frame...but started with the first letter she had typed...and was exactly the same length! Needless to say I was in the machine in a flash, and for those that just must know... Her boyfriend's name was... roy. LOL I do this quite frequently and it almost always works.

The moral of the story? Never Use Simple PassWords! Seven characters can be extremely secure if (and only if) they are chosen wisely. Use a mnemonic to remember something that is meaningful to only you i.e. The title to my favorite book: tHiGy42  <-Can you tell me the books name?)


But what if Evil Doer X is surfing Kiddie Porn?!? Well, unless you live by a grade school it's unlikely... But seriously here's another (from the trenches) example:

One of my staff came to me one day and was quite upset. It seems he was working on a client's machine and came across a group of pictures of a completely naked 10 year old girl. Out of courtesy I simply walked up to the Company President's office to inform her of why the cops were about to show up... :)

Now personally I enjoy molesting "Sacred Cows", but children are best kept safe and Innocent for as long as possible. I have Zero sense of humor about that sort of thing.

The cops on the other hand... Went through a long (read 4 hour) protracted diatribe about the difference between Child Pornography (which they do put you in jail for), and Child Erotica, which is bizarrely not illegal. Nine cops later it was decided that the material was not prosecutable, and they told us to just give the guy his computer back! I frankly am still royally pissed about this! Which is part of why I'm sharing the story with you.

Now just because "they" don't tend to arrest you for this type of (sick) behavior obviously doesn't make it right. but it should serve to temper the edge on the (spin-doctored) panic associated. ...And if it makes you feel like writing a letter to a public official. Hay, that's good too!


In a nut shell if you really want full performance of your WiFi, and you don't want "bad people" using it while you're at work ... Just unplug the damn thing. :)

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: is someone stealing my bandwidth?
« Reply #29 on: January 17, 2008, 02:43 AM »
Security and performance go hand in hand... in a tuggle-war. If you add encryption to anything it gets bigger, the "Pipe" however is a fixed size. So the more encryption you add the less actual (payload) data you get. On a 100Mb network the maximum packet size is 1500 bytes, encrypted packets don't get to be bigger, so the payload (of your actual data) inside the packet must be made smaller. This repackaging of the traffic is why high-end commercial routers (are so pricey) require tons of processing power to keep up with the load. Even with out any encryption, you're still dealing with the transmission overhead of TCP/IP which is approx 33% e.g. while the wire may be "seeing" 100Mb if "traffic" only 66% of that is the data that you were stuffing up the wire. There's a "cost" to everything.
I wonder what frame size the wireless.fast (whatever it's called, the 300mbit stuff) uses?

Even with standard ethernet framesize and a 100mbit connection (LAN), I can usually reach 9-10mbyte/s, suggesting that the TCP overhead is more like 20%. With jumbo frames on a gigabit LAN it seems to be even a bit lower, but then you're limited by the protocols (ie, SMB/CIFS) that run ontop of TCP.

Now personally I enjoy molesting "Sacred Cows", but children are best kept safe and Innocent for as long as possible. I have Zero sense of humor about that sort of thing.
Agree 100%. There's a difference between having pictures of somebody else's naked children (whether those pictures are "innocent" or not) and having pictures of your own kids skinny dipping... I would probably call the cops too if I found several images of random naked kids on somebody's PC, but a few pictures of somebody's own children nekkid in the sopping pool in the backyard?
- carpe noctem

iphigenie

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,170
    • View Profile
    • Donate to Member
Re: is someone stealing my bandwidth?
« Reply #30 on: February 02, 2008, 08:01 AM »
I will agree totally on the "secure your machines/network" bit

I must also admit that I have bitdefender and it knows (and is grumpy about) the fact that I am using an unsecured network.
By default it set it up as "untrusted" and even now that I have switched it to "trusted" it gives me small status messages whenever anything or anyone (i.e. my 2 routers) connects/renews connection to the wifi. It is discrete (semi transparent tray messages) but it also means that I would know if any ip appeared on the network (unless they were really really clever).

PaladinMJ

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 76
    • View Profile
    • Donate to Member
Re: is someone stealing my bandwidth?
« Reply #31 on: February 07, 2008, 08:23 PM »
i know that legally here in the states you are safer if you run a wide open network, allowing any and all connections than if you run securely bizarely enough. why? Because of the average level of security knowledge. A jury will more than likely here that it was secured and blame you. unsecured well then ya anyone could be on it. my sister in law is an assistant DA. (but she is not giving this legal advice.. i have to state that) many oher laywers will tell you the same. unforunately common sense isn't common any longer...

however having said that nothing is certain and its better to not have to defend yourself / network set up in court. I say lock the @#$!er down. encryption all the way. secure passwords changed often and trust no one.
When I have a mission, it consumes me; I will not be satisfied until the job is done. I have a strong sense of duty, and a strong sense of direction. Changes in the tide don't phase me - I always know which way the wind blows, and I know how to compensate for it. I get on poorly with people like myself.

iphigenie

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,170
    • View Profile
    • Donate to Member
Re: is someone stealing my bandwidth?
« Reply #32 on: February 08, 2008, 06:34 AM »
Yes, if you plan to do something which might get you in trouble it is best to have an open network and then use tor or a chain of proxies and other methods to hide your tracks. Also do it from an old laptop which is not one of your main machines...

If they still trace it back to you then "it wasnt me" remains an option.

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: is someone stealing my bandwidth?
« Reply #33 on: February 08, 2008, 06:41 AM »
Yes, if you plan to do something which might get you in trouble it is best to have an open network and then use tor or a chain of proxies and other methods to hide your tracks. Also do it from an old laptop which is not one of your main machines...
You don't need an old laptop, you simply fake the MAC address. Most adapters support that just fine. TOR + open network is just fine, you don't need a chain of proxies... just go down to your local McDonald's (or whatever other Evil Empire CompanyTM with free WiFi), fake your MAC, hit up TOR, and off you go.
- carpe noctem

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,649
    • View Profile
    • Donate to Member
Re: is someone stealing my bandwidth?
« Reply #34 on: December 02, 2010, 06:36 AM »
what about bandwidth monitor you can try use ProteMac Meter. It;s really nice prog)
^^^ Spam^^^ Double posted and (way) off topic.
« Last Edit: December 02, 2010, 06:50 AM by Stoic Joker »

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: is someone stealing my bandwidth?
« Reply #35 on: December 02, 2010, 06:37 AM »
what about bandwidth monitor you can try use ProteMac Meter.It;s really nice prog)
^^^ Spam^^^ Double posted and (way) off topic.
Already reported it... check the user's post history as well (oh, and you might want to edit out the URL from your quote-block; I'm pondering whether we should edit out product names as well).
- carpe noctem

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,649
    • View Profile
    • Donate to Member
Re: is someone stealing my bandwidth?
« Reply #36 on: December 02, 2010, 06:58 AM »
what about bandwidth monitor you can try use ProteMac Meter.It;s really nice prog)
^^^ Spam^^^ Double posted and (way) off topic.
Already reported it... check the user's post history as well (oh, and you might want to edit out the URL from your quote-block; I'm pondering whether we should edit out product names as well).

link removed. Hopefully a mod can just delete (our posts too) it back to a necro thread...then it no matter we have name. :)

rjbull

  • Charter Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 3,205
    • View Profile
    • Donate to Member
Re: is someone stealing my bandwidth?
« Reply #37 on: December 02, 2010, 11:12 AM »
what about bandwidth monitor you can try use ProteMac Meter. It;s really nice prog)
^^^ Spam^^^ Double posted and (way) off topic.

Er, didn't he just steal our bandwidth?   >:(