Explain these configuration please to help get wi-fi thieves of network?

[Guest]

(Moderator edited for readability)
(Router config in the Spoiler)

Spoiler

WAN Service Setup
Interface
ppp0.1

Description
pppoe_0_0_35

Type
PPPoE

Vlan8021p
N/A

VlanMuxId
N/A

Igmp
Disabled

NAT
Enabled

Firewall
Enable

IPv6
Disabled

mld
Disabled

Remove


Edit
Edit

Reset
Reset
----------------------------------------------------------------------------------------
Interface
ppp1.1

Description
pppoe_0_0_32

Type
PPPoE

Vlan8021p
N/A

VlanMuxId
N/A

Igmp
Disabled

NAT
Enabled

Firewall
Enabled

IPv6
Disabled

mld
Disabled

Remove


Edit
Edit

Reset
Reset
-----------------------------------------------------------------------------------------
Interface
ptm0.2

Description
VDSL_IPTV.40

Type
Bridge

Vlan8021p
0

VlanMuxId
40

Igmp
Disabled

NAT
Disabled

Firewall
Disabled

IPv6
Disabled

mld
Disabled

Remove


Edit
N/A

Reset
N/A
----------------------------------------------------------------------------------------
Interface
ppp2.1

Description
pppoe_0_1_1.35

Type
PPPoE

Vlan8021p
0

VlanMuxId
35

Igmp
Disabled

NAT
Enabled

Firewall
Enabled

IPv6
Disabled

mld
Disabled

Remove


Edit
Edit

Reset
Reset
----------------------------------------------------------------------------------------
Interface
eth4.2

Description
br_eth4.40

Type
Bridge

Vlan8021p
0

VlanMuxId
40

Igmp
Disabled

NAT
Disabled

Firewall
Disabled

IPv6
Disabled

mld
Disabled

Remove


Edit
N/A

Reset
N/A
-----------------------------------------------------------------------------------------
Interface
ppp3.1

Description
pppoe_eth4.35

Type
PPPoE

Vlan8021p
0

VlanMuxId
35

Igmp
Disabled

NAT
Enabled

Firewall
Enabled

IPv6
Disabled

mld
Disabled

Remove


Edit
Edit

Reset
Reset
-----------------------------------------------------------------------------------------
DSL ATM Interface Configuration

Interface
atm0

Vpi
0

Vci
35

DSL Latency
Path0

Category
UBR

Peak Cell Rate(cells/s)


Sustainable Cell Rate(cells/s)


Max Burst Size(bytes)


Min Cell Rate(cells/s)


Link Type
EoA

Conn Mode
VlanMuxMode

IP QoS
Support

MPAAL Prec/Alg/
Wght
8/WRR/1

Remove

-----------------------------------------------------------------------------------------
Interface
atm1

Vpi
0

Vci
32

DSL Latency
Path0

Category
UBR

Peak Cell Rate(cells/s)


Sustainable Cell Rate(cells/s)


Max Burst Size(bytes)


Min Cell Rate(cells/s)


Link Type
EoA

Conn Mode
VlanMuxMode

IP QoS
Support

MPAAL Prec/Alg/
Wght
8/WRR/1

Remove

-----------------------------------------------------------------------------------------
First let me admit and apologize that I'm not tech savvy. For years I've been having security issues with my wireless network. Neighbors and their friends have been sitting near their houses, in their houses and in their cars with computers, and now smartphones, in their hands as they siphon off my network. Whenever this happens my net slows down a lot or I get knock off. I was told because I live on a hill that my signal goes out and they gain access, even if network is password protected.

So I placed my router in a metal box, used only one of its antenna, repeatedly changed passwords and SSID's, hide those ID'S sometimes, and moved daily the router from place to place not near any windows and they still gained access. And to top it all off, someone went in, and still goes in, repeatedly and changed the passwords or the SSID's and I'm blocked out of my own router, even after changing router's admin password. This led me to question my ISP provider on how can someone gain access without my permission or knowledge of password. Answer was that they can't and it must be me or I've given out passwords, neither to both.

I've been powering off the router daily. But whenever I turn it on, no matter what time of day, and I mean literally, there they are. It has happened with the old NETGEAR router and now the SMART RG. There has also been added new networks that I have never seen before. Checked on MAC addresses based on advice from someone and no other from the usual has shown up. So is it the configuration, rogue networks, or something else?

IF ANYONE CAN HELP WITH ANSWERS, IT'LL BE GREATLY, VERY GREATLY APPRECIATED.

 

[Paul NZ]

Make sure it's not on WEP. Change the security to WPA. And none of those options have anything to do with wifi

 

[ARICH5]

im not too technical but some of those parameters are values used in torrenting clients.

 

[USAFRet]

One of a few possibilities:
Either you've given the WiFi password out
or
You're using WEP security, which is little more than a speedbump
or
You have a keylogger on your system, that the neighbors have access to
or
Your neighbors work for the NSA.


Open up your router config, and verify that you are or are not using WEP as the WiFi protocol.
Report back here.

 

[boosted1g]

As others have stated make sure you use WPA2 encrytpion and not WEP and also if you have WPS dissable that as it is also an easy backdoor.

If yoru router only has WPA and not WPA2 encryption then I would upgrade it. Even a $20 asus RT-12 would be night and better if it is that old.

 

[Guest]

Thanks to all who have answered. I have WPA2 Encryption, not using WEP, haven't giving out password, and WPS is disabled. Not sure how to check for keylogging.

My search for answers continue.

 

[Guest]

More info on those parameters please.

 

[Guest]

No WEP security and no giving out password. Not sure about the keylogger or what that is. Have to research. As to NSA. I doubt that.

 

[bill001g]

Make sure you disable the WPS. Still that will just let them use your wireless it does not give them admin access. If they are getting admin access then I would try a firmware update since that would have to be a bug.

 

[USAFRet]

If...
-Your WiFi security is indeed WPA2
and if
-You've actually changed the WPA2 security key
and if
-You've turned WiFi administration OFF on the router
and if
-They are still accessing your WiFi...

There are other things going on. Cracking WPA2 is a non-trivial exercise.
Do you possibly have a guest network setup on this router?

 

[Guest]

There are no guests networks, thanks for asking.

What are clients? What are the 128 clients that I see in the Wireless info on the router? Should I decrease that number?

And also in the IGMP Configuration The Maximum Multicast Groups - 25 and the Maximum Multicast Data Sources (for IGMPv3: (1-24): -10 Should I change these?

I decreased the Transmit Power Control, on the advice of someone, to under 100%. Waiting to see if that help.

 

[boosted1g]

Can you do a screen caputre on where you are seeing 128 clients in wireless (even better if it provides a list of said clients)?

Since you are using WPA2 here is the short list of what could be happening (most of these have been convered by someone already)
1) Your password is something simple stupid to guess (like the same as the SSID network name, or "password")
2) You have WPS enabled
3) You have guest network or rouge access point allowing people on
4) your router's firmeware has a bug allowing people to bypass security.

I would get the newest firmware from your router OEM.
Change:
1) Router admin pages username/password from default
2) Use a different LAN Ip address (so if router default is 192.168.1.1, use say 192.168.5.1)
3) ChangeSSID and password
4) Ensure using only AES encryption and n/ac mode is being used (unless you need wireless G device support)
5) Make sure WPS is dissabled
6) Make sure guest network is dissabled if router has that option
7) Trace your wires, make sure no ethernet cable going from router is going to some rouge access point device

 

[Guest]

Sorry for late reply.

The 128 clients are how many devices are allowed and not actually how many devices that are on the network. I apologize for the confusion.

I noticed that the Enable LAN side firewall is UNCHECKED. Not sure if that suppose to be on. The WAN side firewall is enabled.

I disabled IGMP Proxy and IGMP Snooping in the LAN configuration.

I switched channel and passwords of the router and the network.

Still getting the limited and no internet access before actually being connected to the internet. Power the router off and power it back on and still the limited and no internet access before being connected.

For the few minutes that I've been on, looks like no one is "eating" into net and I have not been knocked off. Fingers crossed and prayers up to heaven.

I have this urge to disable anything that says IGMP, should I?

 

[bill001g]

I suppose you can disable IGMP if you want. To a point I am surprised it really even exist on consumer routers.

This is part of a protocol called mulitcast. For whatever reason this never went anywhere even though it has existed since the beginning of networking.

A over simplistic example would be if all the tv stations in the world sent their live tv feed over the internet. You do not want to get them all because it would overload your internet connection. IGMP is a request to send a particular video feed. The key difference between mulitcast and the way it is done currently is if you have 5 people in your house watching on 5 devices only 1 copy of the feed would be sent to your house when you use mulitcast. When you stream it over the the web browser each person gets their own copy.

Not sure why this never became popular. Pretty much the only place it is used is in large companies to say broadcast all employee meetings or on some security networks where the security cameras all send their feed into the network via mulitcast. Mulitcast is not something you setup accidentally. Still IGMP does nothing if there is no multicast data in the network.

 

[Guest]

Short lived excitement. I'm getting a feeling that I can create a new language and use it for passwords and they'll still get on. Can a router be managed remotely? I have a Smart RG SR510

These are the DSL settings

G. Dmt -Enabled
G.lite - Enabled
T1.413 - Enabled
ADSL2 - Enabled
AnnexL - Enabled
ADSL2 - Enabled
AnnexM - Disabled
VDSL2 - Enabled

 

[boosted1g]

Not sure why this never became popular. Pretty much the only place it is used is in large companies to say broadcast all employee meetings or on some security networks where the security cameras all send their feed into the network via mulitcast. Mulitcast is not something you setup accidentally. Still IGMP does nothing if there is no multicast data in the network.

At consumer level for sending out multicast data there is no demand for it.
For consumer level receiving it, well media companies prefer the current model so they can get the maximum amount of data usage for capped plans, not to mention they have very little real desire in making "cord cutting" easier.

 

[boosted1g]

Short lived excitement. I'm getting a feeling that I can create a new language and use it for passwords and they'll still get on. Can a router be managed remotely? I have a Smart RG SR510

These are the DSL settings

G. Dmt -Enabled
G.lite - Enabled
T1.413 - Enabled
ADSL2 - Enabled
AnnexL - Enabled
ADSL2 - Enabled
AnnexM - Disabled
VDSL2 - Enabled

Router's can be configured remotely if that setting is enabled, but it is dissabled by default.

At this point you really have provided no proof that you have any undesired computers on your network.
Most all router's provide some kind of list to show the active connected clients and you have not seemed to find anything proving access.
This could all very easily just be because your modem/router is flakey, more often then not the supplied modem/router from your ISP is a complete and utter pile of junk. At best the ISP chose the vendor with the cheapest bid to put their logo's and firmware requriements into the modem/router; at worst the bought all the stock of crappy hardware from the OEM for pennies on the dollar after the product was a complete flop on the open market.

 

[Guest]

Short lived excitement. I'm getting a feeling that I can create a new language and use it for passwords and they'll still get on. Can a router be managed remotely? I have a Smart RG SR510

These are the DSL settings

G. Dmt -Enabled
G.lite - Enabled
T1.413 - Enabled
ADSL2 - Enabled
AnnexL - Enabled
ADSL2 - Enabled
AnnexM - Disabled
VDSL2 - Enabled

Router's can be configured remotely if that setting is enabled, but it is dissabled by default.

At this point you really have provided no proof that you have any undesired computers on your network.
Most all router's provide some kind of list to show the active connected clients and you have not seemed to find anything proving access.
This could all very easily just be because your modem/router is flakey, more often then not the supplied modem/router from your ISP is a complete and utter pile of junk. At best the ISP chose the vendor with the cheapest bid to put their logo's and firmware requriements into the modem/router; at worst the bought all the stock of crappy hardware from the OEM for pennies on the dollar after the product was a complete flop on the open market.

 

[Guest]

Did a little experiment. Didn't turn on router and watched and waited if there were any neighbors out with their devices. None. The moment the router was turned on, there they were. Maybe it's a configuration thing or something. I don't know.

But whenever I change the channel, passwords, and SSID, a new network shows up with the same channel. Change it and the same thing happens and that new network disappears and another one appears. I don't know what's going on.

But thank you for the help. I am very, very grateful. I'm going info by info through the router and then doing some research online, not understanding a whole lot, but hey . . .

Also have to figure out how to access the firewall on this SR510n.

 

[Guest]

Short lived excitement. I'm getting a feeling that I can create a new language and use it for passwords and they'll still get on. Can a router be managed remotely? I have a Smart RG SR510

These are the DSL settings

G. Dmt -Enabled
G.lite - Enabled
T1.413 - Enabled
ADSL2 - Enabled
AnnexL - Enabled
ADSL2 - Enabled
AnnexM - Disabled
VDSL2 - Enabled

Router's can be configured remotely if that setting is enabled, but it is dissabled by default.

At this point you really have provided no proof that you have any undesired computers on your network.
Most all router's provide some kind of list to show the active connected clients and you have not seemed to find anything proving access.
This could all very easily just be because your modem/router is flakey, more often then not the supplied modem/router from your ISP is a complete and utter pile of junk. At best the ISP chose the vendor with the cheapest bid to put their logo's and firmware requriements into the modem/router; at worst the bought all the stock of crappy hardware from the OEM for pennies on the dollar after the product was a complete flop on the open market.

 

[Guest]

What's a br0 device?

 

[boosted1g]

Br0 stands for Bridge0.
It is a required part of the configeration to bridge your WAN (from internet) interface port to your LAN interface (output ports and wireless).

On higher end routers (or ones with aftermarket firmware) you can then add more bridges to have custom defined VLAN's bridged to certian interfaces. This is nothing you need to be concrened about though.

 

[Guest]

If some interfaces are not needed, or are not being used, would it be possible to remove them?

Can you explain the info below?

Device Info Arp
IP Address Flags HW Address Device
xxx.xxx.x.x Complete br0

xxx.xxx.x.x Complete br0

xxx.xxx.x.x Complete br0









Destination Gateway SubnetMask Flag Metric Service Interface
xx.xxx.xxx.xx 0.0.0.0 255.255.255.255 UH 0 pppoe_0_0_35 ppp0.1

xxx.xxx.x.x 0.0.0.0 255.255.255.0 U 0 br0

0.0.0.0 0.0.0.0 0.0.0.0 U 0 pppoe_0_0_35 ppp0.1



WAN Info

Interface Description Type VlanMuxId IPV6 Igmp MLD NAT
ppp0.1 pppoe_0_0_35 PPPoE Disabled Disabled Disabled Disabled Enabled

Firewall Status IPV4 Address IPV6
Enabled Connected Username - autoconfig xxx.xxx.xxx.xxx null

Inteface Description Type VlanMuxId IPV6 Igmp MLD NAT
ppp1.1 pppoe_0_0_32 PPPoE Disabled Disabled Disabled Disabled Enabled

Firewall Status IPV4 IPV6
Enabled Connecting Username – autoconfig 0.0.0.0 null

 

[boosted1g]

That will put a stop to all of your problems, then no one is going to get an internet connection.

Nothing you have reported back hints of any sign of unauthorized access on your network.
You have DSL and the company provided modem/router. That is FAR FAR more likely to be the culprit then anything else.
I would make sure you have good DSL filters installed on phone connection, maybee even try disconnecting phones to see if they are adding extra noise.
DSL as a service is more prone to both higher network utilization and distance of copper (wire) to neigborhood. It could simply be that your ISP has too many lines from too far of distance connected to the same hub to have a quality connection. You said you are on the top of the hill which could easily mean you have a longer legnth of phone line ran to your home.

 

[Guest]

So because I'm on top of a hill my router's signal is like a beacon that my neighbors and their friends are piggybacking on. Even though my network is password protected, they can still sponge off my signal and not necessarily gain access to my network.

Is there any way to decrease how far out a router's signal can go?

I'm about to give up the ghost and just cut off my net connection.