EH-Net

I'm on an unencrypted wireless lan. Over the last 2 days I've noticed my internet connection slow down notably. The WLAN LED on my router (D-LINK DI-514) is flashing continually... but in the routers config, it shows no wireless connections to the device. So my question is, what are the chances that someone in my neighborhood is cloaking on my network and swallowing all my bandwidth?  :-X

Encrypt your wireless! One, that would answer your question immediately. If you the slow down goes away, problem solved (although I doubt that's the problem). Two, the wireless and wired networks on that router(and most default home routers) are automatically bridged. So everyone in your neighborhood has access to everything you send over the wire.

If you don't, it's just a matter of time before you are 0wn3d (not to mention broke). Point being, someone leaching your bandwidth is the least of your worries.

1. Enable MAC access control on the router. On a D-Link this may entail disabling DHCP and creating a static ARP table.
2. Reduce the LAN size to include only 1 computer, i.e. give it a SNM of 255.255.255.252.
3. Change the SSID to something other than the default and something only you will know.
4. Disable broadcasting of the SSID; If you know what it is then there's no reason to broadcast it.
5. Use some kind of encryption, preferably WPA or WPA-PSK.
6. If your WNIC is 802.11g then configure the router to that as 802.11b is considered an insecure protocol.
7. Disable remote management of the router if you don't need it, and use a complex password for the Admin account.
8. Make sure your box is clean before you do all this, otherwise everything you do will be known to the cracker.


This is not quite correct. Encrypting wireless doubles the overhead on the network and could therefore theoretically cut the network speed in half.

Maybe I wasn't clear enough.

If he's connected via ethernet, enabling encryption won't effect HIS speed at all and will give him the answer. If he is connected only through wireless his problem probably has more to do with interference from other devices operating in the spectrum and killing his through put being nothing is showing up on the router.

   To answer your question more directly, the chance someone is leaching off you is very great.  If you are curious to see, download RogueScanner and check it out.
http://www.networkchemistry.com/products/roguescanner.php
   
    Also, many routers allow you to see connections to your network via the admin panel.  I would do this first before I implemented security just to know for sure if my neighbor was the culprit.

lol, okay

first of all, this wireless router is unencrypted purposefully. I'm not worried about someone leeching my bandwidth, infact I was sort of fishing for that. My question is whether or not someone could be accessing the router without showing up in the wireless device list of the routers management panel. Unfortunately, this router doesn't give me a lot of control with its interface. Since it switches rather than broadcasting, I can't just sniff the wire promiscuously... I'm going to poison the arp table on the router to see if I can find/intercept some traffic from the rogue (if one exists)

  Routers are not created equal as far as their control interface is concerned.  I never just rely on that for protection or information.   Some don’t even update their wireless connections in real time and you might not see that connection at first if they just connected.  However in most cases you should be able to see someone connected to the router if someone has connected to the network.  A router needs to “see” the connection in order to have a successful network environment.

      Most attackers trying to be stealth will either spoof their IP or attack a box already on the network and place a rootkit so they remain invisible.  If they spoof their IP you will still see them, just not their real IP.  If they rootkit a box on the network, they are totally invisible unless you are really good at security.