Rouge Wireless Router

Viewing 9 reply threads
  • Author
    Posts
    • #7213
      Svenxix
      Participant

      I’m living in an apartment complex, and I think someone plugged one of the internal LAN ports into their internet jack. The point is that I’m getting assigned a 192.168.0.x address when I plug directly into the wall.

      By taking my browser to 192.168.0.1 I can get to a D-Link admin page.

      I was wondering what the security implications of that are.

      Is there a way to get a valid IP address from my ISP without modifying the router? Is there a way to help others get the real IP addresses without modifying the rouge router?

      Also, I can access the internet fine from my wireless router that is plugged into the wall. Is there a reason that my wireless router is getting a good IP address and I’m not?

      Thanks

    • #45109
      hayabusa
      Participant

      Sounds to me like the router is ‘supposed’ to be the gateway for your building / complex…  More or less, if you aren’t paying for individual internet service, then that 192.168.0.x address is likely the NAT’d internal address, assigned via DHCP, from the gateway.  Unless they put a machine (one, as it can’t do multiple) in the DMZ on the router, nobody will have a ‘public’ IP address.

      Edit:  if anyone else sees that rogue router, then it sounds like the building isn’t wired right, as each should have their own dedicated connection to the ISP.

    • #45110
      rattis
      Participant

      When I was looking at apartments last year, a few I looked at provided internet and cable. they were a little tired of dealing with comcast and the like due to complaints. Units would have ether net jacks and coax outlets.

      To me it sounds like that might be the case where you are. the best thing to do would be double check with management to see if that’s the case.

    • #45111
      dynamik
      Participant

      Sounds like it’s time to fire up a packet capture and see what’s really going on 😉

    • #45112
      Triban
      Participant

      Going to agree with Chrisj on this as well.  Unless you are paying your cable or phone company directly, then you are most likely using shared internet through the building.  In which case I would treat the network as unknown and potentially hostile since you do not have control of what other tenants will do.  If you are paying for cable/dsl internet to the companies directly then ensure that you have your equipment setup correctly.  Don’t plug into the ethernet wall jacks since those may have been left as an option if you didn’t want to pay separately for internet.

      You should definitely be using your own router to better protect your systems from the rest of the tenants.  Ensure your wireless network is properly secure as well.  Gotta love pulling up the Wi-Fi sniffing software in dense areas of population. 

    • #45113
      rattis
      Participant

      @dynamik wrote:

      Sounds like it’s time to fire up a packet capture and see what’s really going on 😉

      While I like that idea, that’s a very dark shade of gray where the law might come in. Now, nothing stopping you from seeing what is COMING to your system. But Bob accidentally setting your interface to promiscuous may get you in legal trouble.

    • #45114
      dynamik
      Participant

      @chrisj wrote:

      While I like that idea, that’s a very dark shade of gray where the law might come in. Now, nothing stopping you from seeing what is COMING to your system. But Bob accidentally setting your interface to promiscuous may get you in legal trouble.

      You think it’s illegal to passively observe traffic on a network port in an apartment you’re renting. Can you cite any precedence for this? I can recall several research publishing information about what they’ve found on connections that used shared mediums at hotels, conferences, etc.

      IANAL, but that doesn’t sound like a very dark shade of gray. I think it’s fair to review your connection prior to connecting any important systems to it. If you started capturing passwords, ARP poisoning, scanning other systems, etc., then you would probably be crossing the legal/ethical boundary.

      I personally wouldn’t have any ethical issues with determining whether I’m on a shared medium or some other horrible configuration; I think it would be foolish not to. Even in such a scenario, you wouldn’t need to actually capture packets or dig into the actual data; it would be obvious just from observing header information in real-time.

    • #45115
      WCNA
      Participant

      OK here’s the deal. Residents plugging in a LAN port on their wireless router into the internet wall jack (supplied by the complex) used to be the bane of my existence in my former job. I used to hunt them down daily.

      You first need to know what the correct address scheme is for the internet provided by the complex. Frequently they will use something different than the 192.168.x.x network most home wireless routers use. If your wireless router is working, it is probably due to it still holding on to a correct address. Log in to your router and look at the WAN address from your ISP.

      You can usually statically assign yourself an address (after ping sweeping the space to make sure you don’t use an address already in use) if you keep receiving an incorrect address from the rogue router.

      If you really want to, you could check out my video on dhcdrop on securitytube.net. It will use up all the addresses from the rogue router, making it more likely for you and others to receive a correct DHCP address.

      OR you could just inform your ISP and if they are worth a damn, they’ll come out, track down the offender and disconnect them. Also, if they have left the password as default (as these kind of people usually do), you could log in to the D-link and turn off DHCP. I used to walk people through doing this over the phone to prevent a truck roll. Legal? It was for us because we were the ISP and they were breaking their TOS.

    • #45116
      rattis
      Participant

      @dynamik

      I talk to my neighbors sometimes. they’ll mention tech issues. either fishing to see if anyone else is having the same problem, or just looking to vent and maybe get  a solution. none of them as far as I know, know what I do.

      However, I could easily see a neighbor getting their underwear in a knot, over even a simple comment about tech, and call the police because the leader of anonymous lives next store.

      Guess I’m just getting too paranoid.

      As for my comment, I like the idea. doesn’t mean I wouldn’t or haven’t done it. However, I also don’t want to have to deal with getting a lawyer that can argue the finer points of computer security if some cop decides I was ‘wire tapping’.

      Like I said, maybe I’m getting too paranoid.

    • #45117
      dynamik
      Participant

      Yea, I get the point you’re making. It’s not that it’s actually illegal; it’s that people don’t understand and will freak out. You just want to avoid a hassle. It’s the same reason I’d never go tell a neighbor that their wifi is insecure and that I could theoretically see everything they’re doing. I totally agree.

Viewing 9 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?