Who Is Using My Wireless Network Without My Permission?

Posted on November 10, 2011 by

YOU just might be a victim of having your wireless network stolen without you even knowing!

Yes, it’s true. Your internet connection, otherwise known as your WiFi connection, can be used at this very moment by a sniffer, thief, neighbor or a program running on your computer without you having any clue. Scary isn’t it? If you don’t find this fact appalling, I beg you to think of the following circumstances:

1.) You get a knock on the door from the friendliest police office in the world arresting you for purchasing online goods with a “stolen” credit card (you are innocent by the way).

2.) You take a look at your credit report and notice “you” bought a new Mercedes last month that you have no recollection of purchasing.

3.) Your Internet service provider contacts you threatening to shut off your Internet due to illegal downloading and sharing of files (you have never downloaded such things in your LIFE…hopefully).

4.) Your Internet is always super, duper slow and for no good reason; your ISP provides a speed that’s much faster than what you have been experiencing behind your computer(s).

Those are just several examples, with #4 being the best case scenario. How can all of these things happen you ask? Or, who is using my wireless network without my permission? Also, remember that your network can be compromised without you having wireless Internet, so it’s important to learn how to monitor Internet activity so you are not affected negatively by any unscrupulous activity.

Here’s how to tell:

  1. Go into your start menu and click into the search bar.
  2. Type command
  3. Right click on the icon labeled Command Prompt
  4. Choose Run as administrator, then press Enter
  5. Type netstat -f

After typing the command above, you will see a screen with a lot of numbers and text, with a black background. Click on the picture on the right for an example of the netstat -f command. This command shows you (in IP address format) what URLs are being connected to from your computer. This will effectively let you know if there is spyware or malware on the computer, or if someone is connecting to your computer or network.

The column Active Connections lists the various addresses from your computer and network connections. 127.0.0.1 signifies the “local host” and basically is the address that “loops back” to a given computer. In other words, if someone tries to connect to 127.0.0.1, they will be connected to their own computer.The 192.X…..address is the IP address of your computer; the address that you will need to learn more about — below.

Under Active Connections, take a look at the 192 addresses. For instance, 192.168.1.4 is the IP address of your computer. On the column to the right labeled: Foreign Address, you will notice all active connections that are going out from your computer. Any connection from your wireless network, from software, remote connections; any of these connections will show on the right column under Foreign Address. If your computer is part of a domain you will notice the domain address in the right column as well.

Alongside the addresses in the Foreign Address column, you will notice numbers. For instance:

www.google.com: 59154  ESTABLISHED

59154 is the port which is used to make the connection in the above example. Ports are significant because certain ports are known to handle certain functions. For example, Port 80 is the port used by email clients and providers. Learn which ports are commonly used by hackers and viruses etc, to better identify if certain applications are using suspect ports to connect to the internet.

The last column labeled: State shows the status of the connection. You will notice several:

  • Established  (There is a current active connection; research it if needed to determine if it is legitimate–an enabled session)
  • TIME_WAIT  (There is a “wait” status on a connection; not necessarily active but is waiting)
  • CLOSE_WAIT (A passive connection. The client is not sending data but can receive data from the server)

Netstat -n -b

Now that you are familiar with the command netstat -f and how to read the results, you can also use the following command in the command prompt: netstat -n -b

This will allow you to identify the following:

  • Which IP address your computer is using
  • What connections your computer are actively making to the Internet
  • What other connections are made without you knowing
  • Which ports are actively being used

Hopefully, the next time you ask “who is using my wireless network without my permission,” you can open up a command prompt, type your command and check out those IP addresses, ports and connections. Remember: ALWAYS use your favorite search engine to type in the IP addresses EXACTLY as you see them ( but without the ports and status) to get an idea of who/what those IP addresses belong to. Again, ALWAYS check a search engine for IP addresses that you don’t know of, to be sure there is no “foul-play” on your network.

——————

Happy, Secure Computing!

Jarvis Edwards – TekTime IT Consulting LLC

________________________________________________________

People that love this post, may absolutely love these as well:

Internet and Privacy: How To Protect Your Privacy Online!

Why Is My Internet So Slow All Of a Sudden?

Advertisement
This entry was posted in Computers and Technology, Internet, Networking and tagged . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s