Pets.ca - Pet forum for dogs cats and humans 

-->

our wireless account has been hijacked

technodoll
September 29th, 2006, 10:36 AM
help! the past two months, our wireless internet account has been hijacked and we're stuck paying the bill, whick is almost DOUBLE of what it's supposed to be! we have a password-protected broadband router at home, but there are apparently apps circulating which can easily crack your code and give hackers free access to your account - i feel so violated :(

besides changing the password again tonight, what else can we do so this doesn't happen again? if they broke into our account once, they can do it again right? help!

jiorji
September 29th, 2006, 11:14 AM
do you not have an internet protection anti virus??
Norton internet protection works wonders.it's anti hacking an anti popups and anti viruses. Mine has blocked many attacks

technodoll
September 29th, 2006, 11:17 AM
that is not the problem... someone is using our internet account to download huge files (41 gigs in a month!!) and we're paying for it :mad: so we'll change the password every week and shut the router off except when we're online, that should slow them down... and hubby is looking into an app that shows WHO is logged onto your account and WHEN, so if anybody else logs on, we'll know :evil:

jawert1
September 29th, 2006, 11:19 AM
Make sure that you've got 2 settings at the ready on your router:

1. WEP or WPA passkeys/phrases @ 128 encryption
***NOTE: Write this down on a piece of paper before you click ok to set it, once set, if you haven't written it down, you will not be able to log into the router, and will do the hard reset song and dance in a crabby 2 step :) (at least, that's what I do)

You'll need to go into your wireless/network interface in Windows to enter in your WEP/WPA key when you set it, once done, you'll be able to web again just fine.

2. Your router interface will have a WL setup (at least Netgear does), in which you can make an allow list, based on your computers MAC address. You can find your computers MAC address by going to Start --> RUN --> CMD. Once the command prompt pops up, type in ipconfig and it'll list it below.


If you'd like, post your router make/model and I can PM you the doc we use to walk folks through troubleshooting, complete with screenshots :)

technodoll
September 29th, 2006, 11:32 AM
thank you!!!! :thumbs up

I'll get this info to hubby and when we're home tonight, run through the steps you gave... it's a linksys wireless router (99% sure, from memory, LOL! bought last autumn, is this enough info or do the models change frequently?...). gawd, what a stupid mess... sigh. thank goodness for your help!! :grouphug:

edit: just sent this info to hubby and he said "wow that is brilliant!!" so it should stop the hackers... big sigh of relief :-)

jawert1
September 29th, 2006, 11:44 AM
All I need to know is that it's a recent Linksys, doc w/ screenies coming your way :) And yes, this is a dual layer of protection, so that any device attempting to connect to your wireless network will need to
a) be approved and have it's MAC address entered by you
b) have the WEP/WPA passkey/phrase you've chosen in it's network config :)

dtbmnec
September 29th, 2006, 11:54 AM
Hmph jawert you beat me to it :p

If you want to get super technical....

Allow only certain MAC addresses on teh router (MAC addresses are TOTALLY unique to each network card...no two alike kinda deal) all you have to do is find the MAC addy of your PCs and allow only access to them :D

Find the MAC on your pcs:

1. Start -> Run
2. Type in "cmd" and hit enter/OK
3. At the little black window type in "ipconfig /all" and hit Enter
4. Find the MAC address of the network adapter (ie. if your PC is connecting wirelessly use the "wireless adapter"...if its on a line use "local area connection")
5. Write it down :D (duh)
6. type in "exit" or hit the red x!
7. Set up your router to allow only certain mac addresses :D
8. save changes and watch him try! lol

That'll block 'em out! lol

If you need more help lemme know :D

Megan

technodoll
September 29th, 2006, 12:13 PM
thank you ALL! i printed everything out and first thing tonight, will get this done. AND shut off the router when we're not using it!! :thumbs up

dtbmnec
September 29th, 2006, 12:20 PM
thank you ALL! i printed everything out and first thing tonight, will get this done. AND shut off the router when we're not using it!! :thumbs up

Or if you're not using the wireless you can disable it through the interface of the router :) That way any PC connected by wire can still surf the net but not the hacker :D (And if the hacker is in your house you have more than internet to worry about :p)

Megan

technodoll
September 29th, 2006, 12:25 PM
Or if you're not using the wireless you can disable it through the interface of the router That way any PC connected by wire can still surf the net but not the hacker

we're only two in the house, each with our own laptop... got wireless cuz cables are just not practical with the setup we have at home (laptops far from the modem) . so that,s not an option, right? :confused:

Puppyluv
September 29th, 2006, 12:54 PM
A little off topic, but megan, do you know how to find your MAC address on an apple?

dtbmnec
September 29th, 2006, 01:39 PM
A little off topic, but megan, do you know how to find your MAC address on an apple?

Macintosh OS (Pre OS X):
Once you have made sure your Apple computer is running system 7.6.1 or higher, and has Open Transport installed follow the instructions below to find the MAC address of your computer:

Click the Apple Menu.
Click on "Control Panels" to open your control panels folder.
Open the "TCP/IP" control panel
Go to the Edit Menu
Click on User Mode
Change the mode to "Advanced" and click "OK".
Click on the "Info" button
The Hardware address is your MAC address


Macintosh (OS X):
If your computer is running OS X, it is best to have it upgraded to at least 10.1

From the dock, select "System Preferences".
Select the "Network" Pane
With the TCP/IP tab selected, the number next to Ethernet Address is you MAC address.

MAC addresses look like XX-XX-XX-XX-XX-XX. :D


I hope that helps (I had to get it off a website since I didn't know since I haven't used Apple computers in forever) :)

I'm not sure of which Operating system you were using (OS) so I copied in both instructions.

Megan

dtbmnec
September 29th, 2006, 01:40 PM
we're only two in the house, each with our own laptop... got wireless cuz cables are just not practical with the setup we have at home (laptops far from the modem) . so that,s not an option, right? :confused:

Ahhh...no that isn't...ummm but you can still do the MAC address stuff though without any issues...just remember that if you get a new computer or you need to replace your network card in the computers that you have to change out the MAC address in the settings :)

Megan

P.S. Whoda thunk that I would be already using the wonderful wonderful course information I'm currently learning already! :) Maybe school is good for something lol!

technodoll
September 29th, 2006, 01:51 PM
Megan, I would pay to get amazing tech help like you just provided!!! will you accept a virtual cupcake? :D

http://www.marthastewart.com/images/edf/0106_edf_CupcakesHYT.jpg

HunterXHunter
September 29th, 2006, 01:56 PM
Dangit, I got here too late...

In case you don't know how to connect to your Linksys router, go to address 192.168.1.1 via web browser at home, and the default login/pass should be admin/admin, which I suggest you change, otherwise and your WEP settings will be useless because your neighbour will be able to login and change things back...or worse...block YOU from your own connection.

I HAVE gone into my neighbour's router before just to see what ports he has forwarded etc. but if I wanted to, I could do many nasty things :evil:
Fortunately, I have nice neighbours :angel:


Just a little off topic technodoll, but how come your wireless costs increase with higher download/upload? It's not unlimited?

Puppyluv
September 29th, 2006, 01:56 PM
Thanks Megan, you're a gem! I feel kind of bad, because I could have looked it up on the net... but instead I take the lazy way and ask:o

technodoll
September 29th, 2006, 01:57 PM
holy crap are you serious??! man! i have sooo much to learn... :eek:

jawert1
September 29th, 2006, 01:58 PM
Hmph jawert you beat me to it :p

If you want to get super technical....

Allow only certain MAC addresses on teh router (MAC addresses are TOTALLY unique to each network card...no two alike kinda deal) all you have to do is find the MAC addy of your PCs and allow only access to them :D


hehe actually, that was step 2 in my original post :)

good that we've got computer saavy folks here though!

dtbmnec
September 29th, 2006, 02:45 PM
Thanks for the cupcakes :D

No worries puppyluv...probably should know that from now on anyway :D After all more and more people are buying Apples

Oh yeah definately change the password though Im not sure you can change the login on all routers...

Glad to be of service...one of these days I will be paid for this advice :p

Megan

Prin
September 29th, 2006, 03:00 PM
help! the past two months, our wireless internet account has been hijacked and we're stuck paying the bill, whick is almost DOUBLE of what it's supposed to be! You mean I could have had free high speed all this time? Kidding.

That must feel so violating. I'm not an internetty person like it seems everybody else is here.. But I hope you get this fixed and your peace of mind back.:(

technodoll
September 29th, 2006, 03:29 PM
That must feel so violating.

that's exactly it. people taking your stuff... not enough that my appartment got robbed two years in a row, eh? now this crap! :frustrated: must somehow enable growling big guard dogs as internet security... hmmm.

Prin
September 29th, 2006, 03:30 PM
I wondered- if somebody hacks in and surfs kiddie porn or something illegal like that that is heavy monitored by the feds, are you liable? Like do they assume it's you and haul you away?

HunterXHunter
September 29th, 2006, 03:34 PM
I wondered- if somebody hacks in and surfs kiddie porn or something illegal like that that is heavy monitored by the feds, are you liable? Like do they assume it's you and haul you away?

If it is, then I'm home free :thumbs up kidding

technodoll
September 29th, 2006, 03:38 PM
prin that's a very good question, frightening actually. i'm sure it's porn this person has been downloading, what else could it be? IT'S GOING TO STOP TONIGHT. oh my freaking god. :eek:

Prin
September 29th, 2006, 03:38 PM
If it is, then I'm home free :thumbs up kidding
not anymore... I think this counts as a full confession. :evil:

Sorry for scaring you techno.:o

Puppyluv
September 29th, 2006, 03:41 PM
With bandwidths that big, it could be movies-not porn, but legit movies, just before they're released. Doesn't make it any better, but at least you don't have to be haunted with the thought of people using your server to dl porn.

technodoll
September 29th, 2006, 03:43 PM
good lord that would be the icing on the cake, wouldn't it? :eek: :( :sad: :mad:

dtbmnec
September 30th, 2006, 01:36 AM
I think for the most part what they'll do is take a look through your PC to see if there's anything on there that's illegal and see what websites you've been surfing and then make a decision based on that. If someone else is using your internet connection to download porn or illegal movies and they get that its from YOU unless YOU have the same information on your PC (which you wouldn't if you didn't download the porn/movies) then you're ok. They'd probably tell you to secure your connection better.

They can also check IP Addresses and MAC addresses (remember that one is totally unique!) so if they don't match up then YOU probably aren't liable (especially since you took steps to secure your connection that any home user would); if they did "bust you" it'd be a fine for the most part (I would think). I should look that up....

This is the way I figure it anyway...

Your PC - porn/illegal movies = nothing done/tap put on line to catch bad guy or a fine
Your PC + illegal movies but no (illegal) porn = possible jail time (you did steal those movies you know!)
Your PC + illegal movies + porn = major beat down

:D

Did that make sense?

Megan

P.S. Tried to find something online about this but couldn't...it seems that the government is way behind on the times lol...general consensus is basically that YOU (technodoll) wouldn't be liable for anything because you DID do everything you could (actually compared to the average person you went above and beyond) and it still got hacked...I suppose its similar to breaking and entering and having the bad guys leave behind something illegal in your house. You locked the doors, made sure the windows were closed, you set the alarm but they still broke in and decided to use your TV to watch kiddie porn or something. Of course in that case you can't actually prove you didn't own the porn in the first place but there's enough reasonable doubt to ensure you're ok, while with a PC there are many ways to tell what you've downloaded and what was on your hard drive.

Random fact: When you delete files the first letter of the filename is actually the only thing that's changed and its a character that allows the computer to overwrite the area which that file took up. So I have a file name "Megan.doc" and I've deleted it. It now becomes "@egan.doc" (I can't remember the character..could be a different one) the @ in the beginning tells the computer that the space that its taking up can be overwritten with something else (say a computer game or something). So if you have a recovery program (which the Feds would) they'll change the @ back to an M and look at the file :). It also works chronologically so if you deleted something today and deleted something a week from now, "today's" deleted file would be overwritten first. There are also programs that will destroy any record of the file (something like reformatting) but you have to pay BIGGGGG bucks for that :).

Since this guy's a "joe blo" with a bit more knowledge than the average guy (he DID manage to hack in you know) he probably doesn't have a program to "reformat" the old files away so if he did download something horrible then the Feds would be able to find it. :) He's probably using a packet capture to figure out your WEP keys which is why he's continuing to hack in. You can get those programs for free though the fact that he's able to do it so fast means he must have it on continuously to monitor your changes. That part is not so good...you can't get around the MAC Address thing though not unless he already has access to your network AND has the password to get into the router.

jesse's mommy
September 30th, 2006, 09:12 AM
I'm sort of embarrassed to be admitting this, but we "borrowed" the wireless link to someone in our neighborhood. You see, the cable company came out and cut off the wrong neighbors cable modem. They meant to cut off the next door neighbors because they were moving and went to our box instead -- Stupid people! So they apologized for the mistake, but couldn't get anyone out here for two days. Well, I had two EXTREMELY IMPORTANT emails I had to get out to people I work with, but had no way of doing it since we had no internet here. So, we thought, well let's drive over to Starbucks, but as we were driving honey said, go this way and drive slow (he's a network administrator for a big company), so I did and he said STOP! And he sent my emails out. I know it was wrong and I felt bad, but I was so happy that we were able to get my stuff out.

Anyway, my point is, it's actually really easy to get into wireless accounts if you haven't done the stuff Jawert said above. We literally did it by sitting on the road in front of the neighbors house. I know no one can get into mine because honey is a "securities expert" with this stuff. His company is actually involved in designing things for the military.

As for you being accountable, dtbmnec is right, the feds would look at the computer not the connection so you should be fine. In regards to deleting files, there are ways to get around it without all that expensive stuff that would make it so the files aren't recoverable.

jawert1
September 30th, 2006, 09:41 AM
hahahah Jesse's Mommy, I've done the same thing before in a pinch (happened to be outside my dr's office waiting for my appointment time). It's why I advocate securing a network as tightly as possible, because even though folks like us would NEVER think of doing something like that for nefarious purposes, there are definitely others that would. Work has an entire lab (which now all think TD's Beanies are just the most adorable critters ever!) devoted to household network security, since it's become a far bigger threat than anticipated. I shudder to think what the next phase will be :/

wdawson
September 30th, 2006, 10:34 AM
years ago this happened with cordless phones.......people would drive around with them on looking for a dial tone.......free long distance calls.

technodoll
October 25th, 2006, 06:08 PM
OK i am pissed :mad:

we changed the router to program our two laptop MAC addresses on sept 29th - today i get our bill and it shows the SAME download activity after that date as before!! someone is STILL hijacking our wireless account, how is that possible?? again another month of paying for somebody else's use of OUR account :mad:

what the heck are we supposed to do?

videotron is NO help, they said "sorry, the broadband is not our problem. use cables to plug your laptops into the cable modem". well this defeats the purpose of having wireless... but what choice do we have? i'm about to scream!! sick and tired of this... oh and two parking tickets came in the mail, at the same time. GREAT.

:yell:

jesse's mommy
October 25th, 2006, 06:14 PM
TD, if honey and I are talking tonight I'll pm you with what he does here. He is a network administrator for a military company that designs flight simulators (high tech super clearance type of stuff -- don't ask me because it goes right over my head). Anyway, I'll ask him what needs to be done to stop this and find out how he prevents it from happening here. Let's just hope he brings me home something nice after last nights antics. :rolleyes:

technodoll
October 25th, 2006, 06:26 PM
thank you JM... we need all the help we can get! :(

i missed something... what last night's antics? :eek: i hope everything is ok??

jesse's mommy
October 25th, 2006, 06:28 PM
Check my rant in the thread jack thread. ;)

Prin
October 25th, 2006, 10:32 PM
Guess hubby's still not talking.:D ;)

jesse's mommy
October 25th, 2006, 11:00 PM
Actually I just typed the book he dictated to me.

dtbmnec
October 26th, 2006, 08:19 AM
OK i am pissed :mad:

we changed the router to program our two laptop MAC addresses on sept 29th - today i get our bill and it shows the SAME download activity after that date as before!! someone is STILL hijacking our wireless account, how is that possible?? again another month of paying for somebody else's use of OUR account :mad:

what the heck are we supposed to do?

videotron is NO help, they said "sorry, the broadband is not our problem. use cables to plug your laptops into the cable modem". well this defeats the purpose of having wireless... but what choice do we have? i'm about to scream!! sick and tired of this... oh and two parking tickets came in the mail, at the same time. GREAT.

:yell:

Hmmm well if you've done it right then no one should be able to get on your wireless. THAT said its obviously still happening...

I'm assuming you've checked your computers/laptops for viruses and such things? The only thing I can think of is that someone is downloading stuff THROUGH your computer (ie. I'm going into your computer through a remote manager and telling it to download all ten movies of Star Trek but it only appears on my computer at home (the movies themselves)).

I'm guessing that the 29th (ish) is roughly the rollover day for your bill? I mean you can definately download a lot of stuff in an incredibly short amount of time so perhaps this person did all the downloading at the beginning of the "month" (before you put in the MAC restrictions)?

Without actually being there there isn't much else I can think of...I know it would be a pain but you could try hooking them up through cabling for a month and see if it changes...

You could also try something called "logging"...you can make your router keep track and "write down" anything that happens on the network to a file (like a *.doc) and then go through it. If you could get it to open in Word and you typed in your MAC address under "search" and then deleted all the entries of your respective MACs you could then figure out if someone else is somehow making it on to your network.

If all your computers are turned off at night (say no activity on the internet/network after 11pm and before 5am) you could also check the times to see what's going on. Some of it will be technical mumbo jumbo but what you would be looking for is "DHCP lease IP 192.168.x.x to <computer name> <MAC Address>" during dates/times you KNOW you weren't online.

If the MAC happens to be the same as yours or hubby's laptop and you know for sure that neither of you have *touched* them during those times, then someone has "spoofed" your MAC (made the router think its you/hubby by "changing" his MAC to that of your;s/hubby's). At that point....I'm not sure what you could do...I can get back to you if that's the case too....gotta love techy friends.

OR you can definately go with Jesse's Mommy's hubby's expertise....lol I know when to give way before higher knowledge :)

Megan

technodoll
October 26th, 2006, 10:09 AM
merci megan!

i'll get on this asap tonight with hubby... as a precaution we shut our modem off last night and will keep it off until we're home and can figure out a way to bring these termites out of the woodwork!! :evil:

i'll keep you posted, for sure. :)

Prin
October 26th, 2006, 01:03 PM
Actually I just typed the book he dictated to me.

Umm.. Is it a secret book? :o

jesse's mommy
October 26th, 2006, 01:30 PM
I sent it in a pm. :D

CyberKitten
October 26th, 2006, 01:52 PM
So sorry to hear you have had to go thru this and you have rec'd excellent advice. I too have wirless at home and noticed that two of my neighbours have wirless that is not even encrypted or password protected. I ended up doing it for them but as someone said already, someone driving through (we tend to have a very caring quiet neighbourhood) could easily have used their wireless account.

Have you attempted to obtain the ISP and IP of the "Joe Blow"? I had one nasty virus attack one of my computers once - and we have virtually (pun intended) every good anti virus, anti spyware, popups,etc software going but this guy - who as it turned out had contracts for companies like Sears - had attached his %^$# to a popup and it was almost impossible to get rid of. I did tho but it was the most difficult one ever! I traced his IP address and emailed him and reported him to the BBB, if that helps but we have poor legislation re these things. He was operating out of west end Mtl as it turned out. But it would not hurt to find this guy because he obviously stole bandwidth and broke into your home, virtually.

technodoll
January 2nd, 2007, 04:24 PM
i'm at my wit's end and about to cry. just received another invoice and despite all our attempts at protecting our account, IT HAS MADE ZERO DIFFERENCE. we are still being hijacked :yell: :( this has been going on for months now.

should we just ditch videotron and sign up with Bell? they offer highspeed internet? we don't have a phone line so... sigh. it's all so frigging complicated. Videotron doesn't give a crap and can't/ won't help us since we have a broadband router. Now the modem only has one cable output, and we're two here online all the time. the only thing we haven't done is get a splitter and two cables and stay (inconveniently) physically plugged to the modem for a month (about $100 worth of equipment to "test" this! :mad: ) then we would know if the hijackers are using the wireless to get into our systems OR if they're already in there, duplicated our MAC addresses and it's all so much CRAP!

i'm sooo tired of this... help :(

hazelrunpack
January 2nd, 2007, 04:35 PM
This is way beyond my ken, TD...I'm a dial-upper of long standing...so I have no advice. But I can't believe you're still having this problem! :grouphug: Must be so frustrating!

Nor can I believe that your provider isn't working with you to fix the problem! Not very good PR... :frustrated:

Hope someone comes up with a solution! :fingerscr

Kristin7
January 2nd, 2007, 04:50 PM
I have very limited knowledge about this stuff but was wondering if you could try satellite internet? My parents don't have a phone line or cable, so had to go with satellite. Not sure if this is what they have (or if it would help you at all) but it's one example: http://www.starband.com/about/

PetFriendly
January 2nd, 2007, 05:05 PM
I am by no means an IT expert, but, we do have a wireless router and did encounter the same issue as you (though with Bell we have unlimited bandwidth so all we lost was speed, not money...)

What I did was log into the router and assign each computer that needed a wireless signal an IP (or maybe a MAC address, not sure anymore) to limit who could connect. I invented the number so it was virtually impossible to hack.

Hope this helps, and hasn't yet been covered (I got lazy and didn't bother to read above). I can say that while the competition's service is the best, their customer service isn't.

LL1
January 2nd, 2007, 05:56 PM
You can have Bell high speed without a phone line.

jiorji
January 2nd, 2007, 05:58 PM
poor TD :(

i'm only guessing here...but what are the cahnces of another router picking up from yours? Since there's so many other apartments and houses around you, would another not be able to pick up a signal?

You can hook up quite a few computers to a router in the home (i forget if they require a special serial number to work) but with some hacking i doubt another computer you don't know of can't pick up your signal.
Or maybe that's the way videotron works ;)

we used to have a router and we never had hacking problems but this was in a house not a building.

good luck finding your thief:thumbs up

LL1
January 2nd, 2007, 06:01 PM
Would any of the file sharing programs used to download music be able to cause this? :confused:

technodoll
January 2nd, 2007, 06:32 PM
LL1 thanks I'll look into Bell, maybe they have a better service and with a new account we can stop the hijacking before it starts? :confused: the only program we use to download music is iTunes... :yell:

we've installed and ran the best spyware, we programmed the router with our laptop's MAC addresses and that alone should prevent anyone from accessing our service... but no. we tried shutting the modem about 20 hours per day (when we're not using it like overnight and during the workweek) and nothing has changed. we're just so stumped :confused:

Smiley14
January 2nd, 2007, 06:41 PM
LL1 thanks I'll look into Bell, maybe they have a better service and with a new account we can stop the hijacking before it starts? :confused: the only program we use to download music is iTunes... :yell:

we've installed and ran the best spyware, we programmed the router with our laptop's MAC addresses and that alone should prevent anyone from accessing our service... but no. we tried shutting the modem about 20 hours per day (when we're not using it like overnight and during the workweek) and nothing has changed. we're just so stumped :confused:

I'm hardly an expert either, but I also have a wireless router set up to my broadband router. Mine is secured and so far *knock on wood* I haven't had any problems in over two years of use. Here are the basic steps I used when I had mine set up. I paid an IT person to come out and do it for me the first time and then had him teach me how so I know how to do it myself now.

*Use encryption. (do you have WAP or WEP?)
*Turn off identifier broadcasting.
*Change the identifier on your router from the default.
*Change your router's pre-set password for administration.
*Allow only specific computers to access your wireless network
*I see you've already hidden your MAC address.

Here is a great site with tips on securing your network. I apologize if this is old news and things you've already tried! Just wanted to suggest it just in case!

http://onguardonline.gov/wireless.html

mesaana
January 2nd, 2007, 06:57 PM
get a splitter and two cables and stay (inconveniently) physically plugged to the modem for a month (about $100 worth of equipment to "test" this!

TD, my computer security expert thinks that this would cost you about 10$, not 100$... am I missing something?

PetFriendly
January 2nd, 2007, 07:01 PM
The bit about not broadcasting is something else we have in place here, as well as WEP or what ever. If you log in to your router, can you ever 'see' the intruder? What if its a billing issue and the service you are paying for is actually being delivered somewhere else (ok, so its a stretch but there aren't many other options at this point) ?

technodoll
January 2nd, 2007, 07:17 PM
my computer security expert thinks that this would cost you about 10$, not 100$... am I missing something?

oh man that would be amazing! i checked and a 10-foot cable is around $15, we need two. hubby said the splitter runs from $30 to $50... factor in the taxes... sigh. I'll ask at work if they have anything on hand i could borrow first. and also investigating all other info, MUST get to the bottom of this... this billing cycle ends on Jan 11th so I know that we will AGAIN be hit with another high bill in a few weeks. this cannot continue.

If you log in to your router, can you ever 'see' the intruder? What if its a billing issue and the service you are paying for is actually being delivered somewhere else (ok, so its a stretch but there aren't many other options at this point) ?

No we don't see anyone and Videotron assured me the downloaded data was linked to our account and no-one else... their customer service isn't so hot either.

i really appreciate everyone's help and the day something works, you will hear about it! :o

mesaana
January 2nd, 2007, 07:22 PM
TD, he's telling me you need a better store! But even better, he'll lend it all to you :) I don't know where you are but he's on the Plateau (that's where I am right now too)

If you want it, send me a pm with your phone number and I'll call you (or I'll pm you the phone number here, as you wish).

technodoll
January 2nd, 2007, 07:31 PM
are you serious? OMG what angels you are! :cloud9: will PM you for the phone number in a bit... first, am making hubby (who is more technical than me!) call the Videotron technical support one last time to ask how many IP addresses they have on file for this internet account, i mean they have to know where all this data is streaming to right? if they say more than two... then it confirms we have hijackers and we go for the cable test! :o

mesaana
January 2nd, 2007, 07:38 PM
TD, he's telling me your premise is wrong... Videotron only sees one address, your wireless router attributes the other ones.

If you want, he'll go over it with you later (he really is a computer security expert, so I'd take the offer, if I were you)

Lyne

PetFriendly
January 2nd, 2007, 08:11 PM
My router (netgear) also lets me name the computers I want to give access to, in addition to adding their MAC addresses, and it gives access to them and only them. If you've run MS Home networking, it'll get the computers named and you can go from there.
Doesn't your router have plugs for network cables in it? You can use that and disable the wireless feature instead of buying something new. Or you can use the built in Windows Internet sharing, its not the greatest, but it works and will at least help you troubleshoot the problem.
What about calling tech support for your router? You know how people used to steel cable... Maybe someone has figured out how to steel cable internet and the problem is happening before it even gets to your house?!

Smiley14
January 2nd, 2007, 08:25 PM
TD, he's telling me your premise is wrong... Videotron only sees one address, your wireless router attributes the other ones.

If you want, he'll go over it with you later (he really is a computer security expert, so I'd take the offer, if I were you)

Lyne


That's awesome!!!!! It cost me $150 to have an expert come out to my house, LOL! I hope this works out and you can hopefully get this resolved finally! Good luck, TD!!!! I can't even begin to imagine how frustrating this must be for you! :grouphug:

Schwinn
January 2nd, 2007, 08:55 PM
I was having the exact same problem, only since I don't pay for bandwidth, I wasn't overly concerned. Then, last week, my internet was down to a crawl. Seems someone was trying to drain Limewire through my router. I have a Linksys router, with the downstairs computer hard wired, and the upstairs computer on a wireless Dynex card. I tried WEP, WPA and WPA2, and this stupid Dynex card wouldn't hook up. It was asking for more info than I had. I used the instructions for the router, I used the auto network setup from both Linksys and Windows, and it still wouldn't work. I called the cards "help" line, and after trying to explain for 15 minutes the problem, then being put on hold while he "looked into it", he came back on and said, "Uh, I can give you the set up help line number, but it is a pay service". "Uh, you know what? I'd rather pay for a good card than spend more money on this piece of crap".

ANYWAY...what I wound up doing was assigning MAC addresses to the router, so it only allows certain computers on, and also turning of DNS address (I think I have that right). Anyway, I told my router to stop broadcasting the name, and change the name of my network. It isn't fool proof, but so far so good. Once one of my IT buddies stops by, I'll see if they can set up encryption. If not, I'll spend money on a card with instructions not in broken english.

That being said, are you sure it is your router, and not a worm or something on one of your computers? I'm wondering if they are somehow accessing your wireless computer and getting on the net that way.

Oh, and your router should have a log file. I've been checking mine every day to see if anyone's logged on.

technodoll
January 2nd, 2007, 09:21 PM
That being said, are you sure it is your router, and not a worm or something on one of your computers? I'm wondering if they are somehow accessing your wireless computer and getting on the net that way.

that's just it, we *don't* know... thanks to mesaana we got some kick-butt technical help now :D , we finally started to record the router's log tonight to see if anyone else is accessing our network from the outside. In 24 hours we will get a picture of the activity. IF we don't see anyone else's IP, only our two machines, then we have a bigger problem than we thought... "worm" :yuck:

well, come to think of it... how do we STOP someone from accessing our network from the ouside, period! :yell: yes we locked the router to our two MAC addresses, we changed our network name, we are not broadcasting it, we added all the security levels the router allowed... what a freaking headache eh?

"stay tuned"! :pray:

LL1
January 2nd, 2007, 09:36 PM
I had thought of getting one,but now I am concerned.And have zero technical skills.Do you think they will come up with easier fail proof ways to stop this from happening with future models?

dtbmnec
January 3rd, 2007, 12:17 AM
I had thought of getting one,but now I am concerned.And have zero technical skills.Do you think they will come up with easier fail proof ways to stop this from happening with future models?

You're general purpose run of the mill hacker won't get you into this problems....if they do go beyond trying for your WEP and go on to spoof (fake) their MAC to yours then you've got a pro you're dealing with and you're pretty much screwed any way you look at it. Don't let this throw you since again most people aren't pros. The run of the mill hacker may try the WEP key but if s/he's just in for the heck of it (to run Limewire off your connection kind of thing) then they'll give up and try for something else.


From the sounds of it TD you've got one hell of a pro or you've got something on you're computers that is dialing China through the naughty lines or something....If the logs say you have only the two MACs....well you could have a worm...or you are dealing with an uber pro....

If its a pro then you're kinda out of luck as to the wireless and you'll probably have to settle for wired (at least for now). It should only cost you guys the money to get the two cables for the router....you're wireless router should already have at least two ports (places to stick the wire into) for the wires....depending on how old your laptops are you should have a port on each of them too. So it really should only cost you like 30 bucks total (15 for each wire after taxes).

I would say after seeing what's going on with this wireless thing to try wired for a month....if the two of you are connected through the wire for a month and you've still got a crazy high bill then its on your computer.

So now I'm gonna change tact here....

Download and run the following programs (unless you've already got them). Don't run them all at the same time:

- Spybot S&D
- Adaware
- Ewido Antispyware

Try running online virus scans...there's a few free ones here:
http://www.mountaincable.net/index.php?id=4,450,0,0,1,0

Those are from my provider....they have awesome customer service too (not to brag)....Don't worry about the patches just the free virus scans....those are most important right now....

What are you using as your virus scanner right now?

Megan

Prin
January 3rd, 2007, 02:24 AM
Hmm... Maybe I'm not modern enough, but I'd just plug me in... :o Just for a month.. Or even 15 days. You buy all the stuff, "try it out" until you have to bring it back, and then bring it back and see if there's a dent in your bill... :shrug:

I know people who get one wireless account for a whole building, so it's likely that it's easily accessible by your neighbors...Too bad there's no gadget to firewall your whole apartment...

Merci, Uncle Tom, Merci.;) :D

x.l.r.8
January 3rd, 2007, 09:59 AM
If I'm reading this right, someone was still accessing your account while you had your network hard wired, if this is so then you have someone accessing your account using your information, not your home system, all they need is your passcode and your login details, this could have been picked up via spyware or keystroke program, or worse, someone from the store. I would start by changinf your connect password, your username to connect with, the other computer usernames and add some numbers to the end of your passwords on those computers, however as I said, if they have been using your account with the wireless turned off and your system hardwired, then they are using your information, not your physical router.

Schwinn
January 3rd, 2007, 10:59 AM
I forgot to add, I'd also switch providers, if for no other reason than out of spite. If they can't be bothered to help you, then I'd get rid of them, even if you do get this figured out.

technodoll
January 3rd, 2007, 11:02 AM
OK I'm going to cut and paste all your information in one document and bring it home for hubby to analyse and get going with this... i had no idea there were so many knowledgeable folks here! :cloud9:

last night we started recording the access log through our router to see if any MAC addresses showed up besides our two. So far nothing, but we will give it 48 hours to be sure (the last bill showed pirate activity every single day but maybe they are skipping days right now?). If we still see nothing then we're in deep doodoo :frustrated: and will have to consult a specialist to get this resolved... luckily we got connected with a Pro last night who can help us (thank you mesaana!), he will lend us the cables and splitter for a couple of weeks for the test, and then it's a process of elimination, I guess.

All this crap started happening around early August, there were no problems before that. Maybe a netpirate moved into a nearby building in July, who knows? Could it be possible that Videotron is somehow responsible or involved, ie mis-calculating our daily usage? :confused: of course they say "no way" and are not interested in helping us, either...

i wouldn't wish this on my worst enemy. feels like a home invasion and feeling so helpless to stop it! :mad:

dtbmnec
January 3rd, 2007, 11:27 AM
If I'm reading this right, someone was still accessing your account while you had your network hard wired, if this is so then you have someone accessing your account using your information, not your home system, all they need is your passcode and your login details, this could have been picked up via spyware or keystroke program, or worse, someone from the store. I would start by changinf your connect password, your username to connect with, the other computer usernames and add some numbers to the end of your passwords on those computers, however as I said, if they have been using your account with the wireless turned off and your system hardwired, then they are using your information, not your physical router.

As far as I can tell this isn't what's happened...she's turned the router OFF at night and is still being hit with high bills...

If your provider isn't even making a *token* try at helping you then they suck and you should move to a different company. I've heard bad things about Bell but nothing this bad ever...at least they have *passable* customer service.

Good idea to give it 48 hours...is there any way that YOU can check the usage or get whatever company you're with check the usage? Or would that be asking the company too much?

Seriously...record how much usage you're at, don't go online at all for two days (turn off your wireless cards in the laptops) and then ask them if the usage went up....if you can't well there goes that idea.....if the usage goes up then you have a hijacker somewhere....

Megan

technodoll
January 3rd, 2007, 11:42 AM
Good idea to give it 48 hours...is there any way that YOU can check the usage or get whatever company you're with check the usage? Or would that be asking the company too much?

Seriously...record how much usage you're at, don't go online at all for two days (turn off your wireless cards in the laptops) and then ask them if the usage went up....if you can't well there goes that idea.....if the usage goes up then you have a hijacker somewhere....

Videotron tracks our daily usage, as we have a monthly quota, BUT cannot tell us from which IP address the data is linked to, only "to our account" whatever that means! and they don't do jack ***** for you if you use a broadband router... :frustrated: Hubby is the only one that downloads files of any size and he has been tracking everything for months now, there is no way he downloads 3 GIGS of data in one day :eek: not even in a month! During the holidays we were not home for a few days so used no internet, on our next bill it will be easy to track.

the problem is that we KNOW we are being hijacked, but we're on our own on how to fix it :( we've been given wonderful advice and suggestions here, and we're trying everything one at a time. videotron sucks, that's all i have to say... and we might very well ditch them soon!

jawert1
January 3rd, 2007, 12:11 PM
At this point it sounds like you're in good hands TD, but I would seriously recommending having Videotron cancel your account and open a new one with a completely different login (if you're staying with them that is). If you're going to Bell, then you'll automatically get new info, but make your password as ridiculously difficult as possible and take all the steps to lock down your router (WPA-PSK keys, Access lists with only your MAC addresses, etc)

technodoll
January 3rd, 2007, 12:18 PM
jawert1, can videotron do that??! if that would fix it...

i'm only worried at this point that we have a worm inside our laptops and changing accounts wouldn't do anything, if the pirates have inside access, you know? or am i completely wrong here and it *would* fix the issue, regardless?

i went to check out Bell's rates and they're just ridiculous and super-restrictive quotas :eek: we don't have a land-line so their only other option sucks :frustrated: Guess we're stuck with videotron.

PetFriendly
January 3rd, 2007, 05:28 PM
I'm with Bell, albeit in Ontario, and my account doesn't have any restrictions. I'm not sure what you are currently paying, but my monthly rate is comparable to the one I'd have to pay for cable internet.
If you don't have a land line, Bell has to offer you the service anyway, its a CRTC ruling. Call them up and ask about the 'dry loop' service. I'm not sure how much it costs, but I know they have to offer you internet service independent of whether or not you have their phone service.

PetFriendly
January 3rd, 2007, 05:30 PM
i'm only worried at this point that we have a worm inside our laptops and changing accounts wouldn't do anything, if the pirates have inside access, you know? or am i completely wrong here and it *would* fix the issue, regardless?


If the problem is coming from one of your machines, changing your account info with Videotron won't help... Have you used all the on-line scanners? I'm thinking Trend Housecall... Its my favorite and its pretty good.

jawert1
January 3rd, 2007, 06:52 PM
TD, take a look at Kaspersky Anti-virus, it's readily available at Kaspersky.com. The free product is so ungodly thorough that you'll need to let it run and do nothing with your machine, with your modem shut down. It will find anything on your machine that's nasty or even close to a security risk. A good place to start and most companies, if they feel you may come back on them financially for allowing this sort of fraud to take place, will at the minimum change out your account info ;) Just make it known that you want to escalate to that person's manager that they haven't done enough to ensure your concerns are being addressed properly.

technodoll
January 3rd, 2007, 06:57 PM
thank you jawert1, we'll download kaspersky and let it run tonight while we sleep and the modem is off, it looks good! so far the router log file only shows our two IP addresses since last night, no-one else... so the pirates have either taken a break today OR it's a worm. we're close to finding out soon! :fingerscr

x.l.r.8
January 3rd, 2007, 09:58 PM
The problem is your tracking yourselves, not the account. if I were next door and had your details I could just connect up and use your account. It wouldn't go through your system and only the bills would show I'm doing it. How do I get this information? easy, i hack your mail box witha spyware keystroke program, I already had access to your system and once I have your e-mail account details I just make sure a copy of all your e-mails also come to my email account, so if you change details the verification email also comes to me with all your new passwords. i would always use an obscure email account to send details to, or a work one away from the system for that very reason. It only takes an e-mail from videotron asking you to log on to verify details, if thats a jacked site when you go to log on the information you see as ****** will apear as the exact keystrokes you used, then they forward you to a standard "page not available, please try again" site and you log in the usual way from a bookmarked page, but now they have all the details they need, they whip into the account and add themselves to your account, any information you recieve they also now recieve, eventually they have enough details to do what they like. Usually you need to be targeted for this to happen or have your wireless account on 24/7, that makes you an easy target as they see a signal over a few days and they know they have all night to play, most hackers work in the small hours or when your downloading so you don't realise they have sent spyware and are looking around your system files as the hard drive light is flashing away, (if it did this an night you would be pretty quick to notice). My only advice is ensure your router is off when not in use, and if they still have access to your account, time to shut it down, reopen a new account with different numbers and protect the system (add an 'i' in front of your MAC, :D sorry I couldn't resist) this was one of the reasons I made the swap to apple, I have never bothered with anti-virus's for 7 years now.
I am in a lot of doubt they go through your router, I think they have your connection details. videotron should offer some protection from this happening if you can't stop it by turning your router off, if they don't then they have no reason to keep your details confidential. Time to pay for a better service :shrug: or at the very least look around for someone else.

technodoll
January 3rd, 2007, 10:19 PM
my head is spinning :( now it's too much information and i don't know where to start! we both have kaspersky now (it looks great!), the trial version but it's for 40 days so it's cool. Will run full system scans tonight after the modem is shut off. Who knows we might find something?

Videotron refuses to help unless we ditch the wireless router and connect to the modem only with cables, how stupid is that? :frustrated: We might be forced to do that after all, just to prove to them something is very wrong and they need to take some responsibility. We've done everything possible on our end, to no avail... now it's a question of flushing out the scammers and making sure they don't come back. the question remains HOW?

what a headache :yell:

technodoll
January 24th, 2007, 11:10 PM
UPDATE :D

Got our December bill today (Dec 11 to Jan 11 usage) and OMG!!! it's normal! no extra fees due to excess quota by hijackers! :highfive: i'm soooo happy... :goodvibes:

now i'm not sure if the bastids just took a nice vacation down south or something during the holidays, and that's why our monthly allowance is within bounds, but maaaaybe fiddling with the MAC addies helped? :confused: anyways... we've disabled the wireless a week ago and are hooked via cable, and will continue do run this test until February 11th (next billing cycle). Then we go wireless again and IF we get slammed with more "illegal hijacking" activities then we can make a case with Videotron, we'll know what the problem is.

whew. took 6 months but i am :pray: we got rid of the leaches... :fingerscr

hazelrunpack
January 24th, 2007, 11:41 PM
yay! :highfive: Hope you've nailed the problem now! What a hassle it's been for you! :eek:

dtbmnec
January 29th, 2007, 04:00 PM
Oh that is sooo good to hear! :)

Hopfully you've got it licked :)

I'm hoping for you :D

Megan

happycats
February 27th, 2007, 09:05 PM
OMG now I'm all freaked out!
We just installed a wireless router, because we jsut got a laptop!! Now I'm afraid all this will happen to us!
how do I go ito the wireless router and add passwords??
I read all of the above, but have no idea how to get into the wireless router:shrug:
I even tried putting the disk back in....but nothing came up!!
HELP
sorry for hijacking your thread TD:o

technodoll
February 27th, 2007, 09:12 PM
no the more people know about this, the better!

we STILL have the problem. we shut the broadband router off for a month (a whole billing cycle) and connected our two laptops directly to the modem with long cables... what a PITA that was. and our last bill STILL shows pirate activity! Videotron said sorry, they can't help us, looks like we have a (rare) trojan and need to get an expert hacker clean our laptops :sad: of all the lowdown, dirty rotten things to happen. why us?? :confused:

I know it's not me cuz i reformatted my laptop last november, in the middle of pirate activity, and nothing changed. so hubby is doing his now, big job, and will hopefully wipe out the trojan in the process. If that doesn't work, we'll have to pay an expert to find out what is going on.

it can't get crappier than this. Since August we're paying $35 per month EXTRA because of these morons, except for the December bill. Looks like the crooks took a long vacation down south for the winter or something on the money they're probably making pirating things :mad:

:yell: :yell:

wdawson
February 27th, 2007, 09:18 PM
i would reformat both pc's and change isp provider before reconnecting

Prin
February 27th, 2007, 09:19 PM
:grouphug: :grouphug:

technodoll
February 27th, 2007, 09:25 PM
i would reformat both pc's and change isp provider before reconnecting

one of the computers has already been formatted... why change the ISP provider though? just curious. right now videotron is our only affordable option, since we don't have a phone landline... :frustrated:

CyberKitten
February 28th, 2007, 12:51 AM
Sorry you have hd such a hassle - we have a wireless as well and have a couple neighbours who have very lax security and I made it a point to let them know (fotunately, they are also friends and were thankfuk for the advice - one did not even have a password!!!).

You've already rec'd some good advice so I will just add mine anbd you can opt
what to choose to do: (and I would also ask for help from Linksys -they do have good tech support and also talk to your isp);

1. Turn off SSID Broadcast. As someone already suggested tjo using other language, most of the factory or company defaults are alrready knoqwn and crackers ore phishers can get them if they do not. (ie the bad guys). Leaving SSID on is like leaving your garage door open with all your valuable in it, cars, snow blower, etc, etc.... and use a really difficult password, nothing simple!!! DSomething that takes time to crack! And I am assuming you have encrypted WEP.

2. Implement MAC security but you have done thatr, right?

3. There are some technqiues we do just to keep the would be intruders confused (and we live near so many universities that I woud not at all surprised there are many would be "attackers" on our wireless's doorstep so to speak. (Tho students are hardly the ones one needs to worry about, it is the crooks that are the problem. These include mocing around the router - so it is not always in the same place.

4. Don't restrict the 192.168.1.x as a Class C subnet for IP nos. You could split up the local network into network segments using subnet classes tho some say this can be accesses by ppl who are determined to get in as well, sigh.

Not sure of this will help but there is an article here:

http://www.extremetech.com/article2/0,1697,1152933,00.asp

Finally, what does your ISP say about this? Do you check each night so that you know who has accessed your computer and then go after them or at least give their IP numbers to someone. I had someone with some page I just accessed with Internet Explorer and its isecurity allowed this program -and every program, file that is on a site ends up on your hard drive and some of them are malware and can take over your computer,. This one did that in spite of all my precautions. I figured out his IP number and went after him - virtually,, not personally, lol (he was a "businessman" - using the term loosely - in Montreal - wioth contracts to create ads for some pretty credible compaies like Sears so I wrote to them and others and to him. (I was more than a Reverse DNS lookup to say the leasyt but I think it is always good to know who is accessing your computer, whether you have wireless or not).

I would gather all that material - with the relevant programs and go to the police with them. It is still break and enter, however you cut it even tho new law is being made even as I type.

Finally, by far - given how fast the crooks catch up - the best protection now is WPA2 encryption so check to see if your router and all of your wireless computers and devices support it.

You can always turn it back on them - if they access your wireless, you ha ve access to their passwords and so forth!! Go after them, again not by yourself but with legal help.

I hope this helps - it is all so basic I know, I wish I could give you more but there is more info out there that can hekp. Talk to the ppl at Linksys and other security companies.

Good luck!!!!!

technodoll
February 28th, 2007, 09:33 AM
CK, we've done all we could for the wireless, as per your suggestions below.... the problem is not the router, it is a trojan in our systems. Even with the wireless off and sitting in a box, unplugged, and our laptops physically connected to the modem we are STILL getting hijacked. our ISP said all activity was through our modem and nobody could access it UNLESS there was a trojan in our machines :mad: it's rare but it happens. so there is nothing they (our ISP) can do, they said that unless we fix this problem, no matter who we use for our ISP service won't make a difference, we will still be hijacked... :fingerscr :pray: that after reformatting hubby's computer we will be ok... if not... we'll have to pay a clever technician to purge our systems. we just don't know what to look for :sad:

CyberKitten
February 28th, 2007, 02:06 PM
If it is a trojan, the best thing to do is reformat. Back up the dats you want/need and reformat!!! (It is sometimes not a bad idea to reformat once a year anyway - not that I always do that but on occasion we do).

There are programs that will ID trojans - like Spybot and Ewido Anti-Malware. HijackThis. is also a good program for getting rid of trojans and malware that have attached themselves to your registry if you do not want to go to the extreme of a reformat. Trojans are insidious and you should get rid of it before even using your computer - do you know what trojan it is?

Schwinn
March 13th, 2007, 02:13 PM
Did you get this fixed? Or is it too soon to tell?

The other option is taking it to someone like Best Buy. I believe thier rates are reasonable, and at the end of the day, it'll pay for itself if you stop paying $35/month.

By the way, do a search for AVG Free, and you should find the site that provides my anti-virus software. I've been using it for a while now, and it came recommended by a relative who is an accountant for a medium size company. They use it. The only thing is, it MIGHT not get the virus/trojan since it was installed first, but it'd be worth a shot.