Someone accessed my Uverse Wifi

jayjcuser99

Reputable
Dec 3, 2015
9
0
4,510
An Unknown user is using my Uverse Wifi to access the internet. If I give you the IP Address and Hardware Address, can anyone get into the goober's system and find him so I can walk over to slap them aside the head.
 
Solution
There's a few options for handling this. But the absolute first thing you should do is change your password to something longer with an abundance of numbers, case-sensitive letters, and ASCII symbols (be careful if you use uncommon ones, for some devices may not be able to enter those characters).

Firstly, if you know the MAC address of the intruder, you should be able to ban their device from the network. Since they were savvy enough to get into your network, they're probably savvy enough to spoof their MAC address too. So you're going to have to look at other factors that may have allowed them to get into your network.

Since you haven't mentioned doing anything with WPS, you should probably know a few things.

There are loads of...
There's a few options for handling this. But the absolute first thing you should do is change your password to something longer with an abundance of numbers, case-sensitive letters, and ASCII symbols (be careful if you use uncommon ones, for some devices may not be able to enter those characters).

Firstly, if you know the MAC address of the intruder, you should be able to ban their device from the network. Since they were savvy enough to get into your network, they're probably savvy enough to spoof their MAC address too. So you're going to have to look at other factors that may have allowed them to get into your network.

Since you haven't mentioned doing anything with WPS, you should probably know a few things.

There are loads of tools out there for cracking wireless network keys. Many of them target the VERY vulnerable WPS function, which nearly everyone leaves on by default and never uses. I'm guessing you don't really use it either, so I strongly recommend you disable it. Most practical WPA-PSK/PSK2 attacks I've seen are possible due to the security holes WPS opens up.

Since the wifi intruder is most likely a Skid, disabling WPS will severely limit their options for trying to break into your network.

A final resort would be to disable SSID broadcasting, and change the name of your network. When SSID broadcasting is disabled, the name of an AP (Access point, basically a router/hotspot) will not show up in the list of available networks. This means that you have to know the exact SSID, and enter it at the login prompt along with the password to be able to connect at all, adding another major layer of security. This may seem like it would make things more difficult for legitimate users of the network, but if devices need a key to connect, then needing to have the name of the network in addition isn't the end of the world.

As for posting the IP (LAN ip on your network, or even worse, the WAN IP of your NAT router) and MAC Address, both of those are pretty much useless over a WAN. So you couldn't get anyone else to do anything by posting that information, which I'm sure is against the rules.

Good luck with getting rid of the intruder.
 
Solution