Aces High Bulletin Board
General Forums => The O' Club => Topic started by: thrila on January 14, 2008, 05:02:54 PM
-
I live with a house of 5 people and we share the internet. Basically after 2 years of no internet i paid for it to be installed and pay the bills for it ( my housemates pay me their share). I more or less got the internet so i could play AH and other online games. After 2 years internet cold turkey i just couldn't and went out and got it.
Well, the problem is this- it is unplayable as of late. I cannot play online games because within the last couple of months have been getting massive variations in ping 100-800ms and lately heavy warp. During one attempt at team fortress 2 when the warp was horrid I went to the prime suspect's room (yeah i probably shouldn't have if i had any morals) and looked at his laptop. He had limewire open and was downloading porn.
I've asked him if he does large d/ls or has any p2p programs installed, which he denies. How exactly do i go about proving him wrong, without it being known that i went into his room and rumaged through his latop? When i got the internet i made it clear that d/ls were to only happen during the day or overnight when i'm not playing online- which was the primary reason for the net in the first place.
I hate to be an arse, but i'm considering changing the password to the wireless router and not giving it to him. Any suggestions how i can force him to admit that i know it's him ruiing the internet for the rest of the house (other housemates play online too).
-
To avoid a bunch of problems, you need a way to limit the bandwidth to your mates. Is there a program that will allow you to do this?
-
Skuzzy will now more about this but i do believe most routers have a option to show in the log how many packets someone is sending/receiving and how much activity is going on.
you wont pove WHAT he was doing but you can prove how much he was doing.
you should also be able to restrict how much he can do at certain times like blocking sites at limewire during certain hours
-
Depending on the router/firewall, you could block in/out ports for those p2p services. It won't take them long to find a new port, but it may help short term.
-
Originally posted by thrila
I live with a house of 5 people and we share the internet. Basically after 2 years of no internet i paid for it to be installed and pay the bills for it ( my housemates pay me their share). I more or less got the internet so i could play AH and other online games. After 2 years internet cold turkey i just couldn't and went out and got it.
Well, the problem is this- it is unplayable as of late. I cannot play online games because within the last couple of months have been getting massive variations in ping 100-800ms and lately heavy warp. During one attempt at team fortress 2 when the warp was horrid I went to the prime suspect's room (yeah i probably shouldn't have if i had any morals) and looked at his laptop. He had limewire open and was downloading porn.
I've asked him if he does large d/ls or has any p2p programs installed, which he denies. How exactly do i go about proving him wrong, without it being known that i went into his room and rumaged through his latop? When i got the internet i made it clear that d/ls were to only happen during the day or overnight when i'm not playing online- which was the primary reason for the net in the first place.
I hate to be an arse, but i'm considering changing the password to the wireless router and not giving it to him. Any suggestions how i can force him to admit that i know it's him ruiing the internet for the rest of the house (other housemates play online too).
You are not being the arse, the roomate lying to you is being an arse. It would be THEIR fault not yours.
Do what you suggested and just change the password OR block his mac address (might be easier as roomates can always give out passwords).
This doesn't have to be perminent, but I would be hard pressed to ever trust the guy after he flat out lied to you about something so small and stupid.
You had some very simple rules and if they didn't want to follow them and loose their internet priv's. that's not your fault.
-
Originally posted by thrila
I hate to be an arse, but i'm considering changing the password to the wireless router and not giving it to him. Any suggestions how i can force him to admit that i know it's him ruiing the internet for the rest of the house (other housemates play online too).
How much ya wanna spend?
-
Originally posted by Vulcan
How much ya wanna spend?
No need to pay anything.
Do a bandwidth check as he is d/l porn.
Block his mac address in the router.
Do a bandwidth check w/ him blocked.
Takes 2min.
(edit: you could even have another roomate or THAT roomate in the room with you when ya' do it)
-
If they are all paying you what you describe as "their fair share" then you have no control. If you didn't specify limits to begin with, then they all gain access as they see fit.
I'd be very careful getting into their system as you are not allowed to go there. Simply providing access to them, and collecting a fee for it, does not give you rights to their computer, you are making a mistake here.
If you want control over your bandwidth completely, then you need to disable their access across the board, once their fair share of funding is paid out, then re-enable them with limits, in writing, being very specific about the times they can or cannot operate. It's one thing to say you were very clear, it's something altogether different to state "Sign Here"
Just friendly advice, going off your own words and description of the situation.
-
Originally posted by WMLute
No need to pay anything.
Do a bandwidth check as he is d/l porn.
Block his mac address in the router.
Do a bandwidth check w/ him blocked.
Takes 2min.
(edit: you could even have another roomate or THAT roomate in the room with you when ya' do it)
Block mac addresses doesn't help much.
I was thinking more along the most extreme case of using a Layer7 box to prevent P2P traffic entirely.
-
Originally posted by thrila
How exactly do i go about proving him wrong, without it being known that i went into his room and rumaged through his latop?
Reset the router every 20 min and listen to who screams. Ask him why he's so uptight all the time.
Then again, if the guy is a lying sack of crap, talk to your ISP about getting a second IP address just for yourself. I know that you can do this with roadrunner (time warner cable) for an extra $10 or so a month. Plug in the second cable modem and lock it down for yourself. If anyone asks why you're doing that, tell them that you ran a network monitoring program and *someone* in the house was downloading porn and sharing illegal music, and you don't want to get sued along with everyone else. If anyone asks for proof or for more details, tell them with a straight face that you charge for those kind of services but don't want to risk taking business from someone who might get sued for illegal activities, so sorry.
-
I'l look into the suggestions guys, thanks. I'll look into limiting bandwidth etc. It's unlikely the other housemates will give him the new password if i change it, they have been complaining of having to hit refresh several times just to get web pages to load. How much would a layer7 box cost, vulcan?
The internet is a very informal afair in my house. They don't even pay me per se, rather buy me a couple pints at the local every month. ROC, i don't see the need for writing, they know why i got the net. When i got it i let them know if they wanted to have access, they could buy a router. I made it very clear that downloading large files etc wasn't to happen during the evening because that's when it would be likely i'd play games.
It's just very frustrating coming home and wanting to unwind by playing games, but being unable to. I don't have much time to play, i've logged few hours for the past couple of months, so when i have time, i want to be able to! It's just got the the point where i can't take it anymore.
-
If you turn off UPnP on the router, it can mess up some P2P programs and force them to use manual ports. Then you can figure out what the usual ports are that limewire uses them, and shut them off or route them to a bogus IP address.
If you want to know what ports his computer uses, get nmap. There should still be a windows version out there somewhere if you don't have a linux box. Portscan his computer and see what ports are in use. Then set up router rules to forward weird ports he's using to 10.10.10.10 or something equally random.
If network performance improves, but then he finds workarounds to get his porn fix, that is pretty much grounds in my mind to block his MAC address which should work against 99% of stupid lying porn addict rat finks. If he figures out how to spoof or change his MAC address, then change the network password or do whatever is necessary to ban him from the network.
-
If you were really mean, you could also set up another computer hard-wired to the router that does nothing but flood his computer with network traffic. Nmap has a "feature" that will let a computer pump out bogus connect requests about as fast as your network card's buffer can throw them out, and I'm sure there are other less legitimate "utilities" out there that will do the same thing. Just don't go looking for hacker tools 'cause you'll end up with a virus. Try to find legit network security tools that also happen to have security testing features that let you mess with individual ports on individual computers. All in the name of network security of course, since you "own" the network right?
Of course, if everyone is on wireless, then you won't be able to simply saturate his connection so you'd have to be more sneaky, like using a lower packet rate but just send borked connection requests. I don't know the protocols well enough to do it without reading a lot of documentation, but the nmap help files are rather thorough.
-
I like eagles solution, most p2p clients running over a non UPnP network need to have the ports forwarded to them so they shouldn't be hard to find, especially if only you have admin rights over the router since they will have to come to you to get their ports forwarded in the first place.;)
You can also disable UDP routing to the offending computers before you start AHII and enable them after you finish too. That way when people find they cannot connect to a server while you're playing they assume it's your system hogging the bandwidth once they realise they can hook back up again after you finish it will become reinforced. This only works if they are not tech savvy though.
Even if they are and you get questioned about it, you can just state that some folk have been abusing the D/L privileges and you simply set the system up so you get priority when you play. Your connection, your rules.
-
(http://www.homedepot.ca/wcsstore/HomeDepotCanada/images/catalog/9a930960-7277-43d7-a898-36540bf83cf3_4.jpg)
:)
-
Originally posted by FBplmmr
(http://www.homedepot.ca/wcsstore/HomeDepotCanada/images/catalog/9a930960-7277-43d7-a898-36540bf83cf3_4.jpg)
:)
Cant cut a wireless signal with wire snips :D
Check the network and see if his laptop is wide open. If it is, "accidentally" delete the C: drive.
-
Originally posted by thrila
I live with a house of 5 people and we share the internet. Basically after 2 years of no internet i paid for it to be installed and pay the bills for it ( my housemates pay me their share). I more or less got the internet so i could play AH and other online games. After 2 years internet cold turkey i just couldn't and went out and got it.
Well, the problem is this- it is unplayable as of late. I cannot play online games because within the last couple of months have been getting massive variations in ping 100-800ms and lately heavy warp. During one attempt at team fortress 2 when the warp was horrid I went to the prime suspect's room (yeah i probably shouldn't have if i had any morals) and looked at his laptop. He had limewire open and was downloading porn.
I've asked him if he does large d/ls or has any p2p programs installed, which he denies. How exactly do i go about proving him wrong, without it being known that i went into his room and rumaged through his latop? When i got the internet i made it clear that d/ls were to only happen during the day or overnight when i'm not playing online- which was the primary reason for the net in the first place.
I hate to be an arse, but i'm considering changing the password to the wireless router and not giving it to him. Any suggestions how i can force him to admit that i know it's him ruiing the internet for the rest of the house (other housemates play online too).
Your router should have access and active session logs. Just look at those logs to determine whether or not he's been using a P2P client or what he's been downloading, you can even see what sites he's been too. You can also block the specific ports he needs for his P2P client or as with most routers, put a parental lock on his IP address.
If you feel particularly cruel, set the access to enable access to the Internet by MAC address only. Set the router to MAC address only and only those MAC addresses specified by you will be allowed to access your network. Then change the network name to "NO PR0N FOR YOU!" so he can see it when he tries to connect.
ack-ack
-
Ummm... how many times do I need to repeat this... mac address filtering is a waste of time. Changing mac addresses is fairly easy on most cards these days.
thrila, $300-$500 depending on the model.
The P2P stuff relying on PNP is not true, common peer-to-peer maps don't need port forwarding (look at how skype functions for a lesson in this).
How is your wireless network secured?
-
Thrilla from Manilla!!
Wireless internet sucks for gaming, and sharing internt with others only gonna make things worse.. you cant expect good connection from such terrible setup..
stop sharing, or at least use wired connection.
-
Originally posted by KK9
Thrilla from Manilla!!
Wireless internet sucks for gaming, and sharing internt with others only gonna make things worse.. you cant expect good connection from such terrible setup..
stop sharing, or at least use wired connection.
sorry but your mistaken. I used wired AND wireless for gaming. I have a 15/15 m/ps connection with verizon fios. It ussually runs about 15.5 wired and 14.8 wireless.
Vulcan: since your paying for the connection AND you already set down rules simply explain to EVERYONE again that it is primarily for your gaming fix in the evening then allow ONLY your mac addy during those times. IF someone needs access for something YOU deem important enough you can open your router up on a case by case basis.
It might seem harsh at first blush but, its YOUR acct. any illeagle activity will come back to YOU not them. YOUR paying for it not them.
By telling them that if they NEED access during your unwinding/playing time and that your more than willing to allow them access then I think that is very reasonable and mature and will be accepted by the majority of your roomies since your being honest and respectful and fair as well as willing to grant them access if they really need online, maybe even....playing AH and blowing them outta the sky muhahahah!
your not pointing fingers, not accusing anyone of anything. Its YOUR time, YOUR acct. and YOU are responsible for its use.
One last note, read your tos. I install verizon Fios, and reselling our service is a strickt violation ie. charging your roomies to be able to connect is actually reselling the service. Now honestly i doubt very seriously anyone will come after you since its all in the same house BUT you can use it in your argument (last resort kinda thing)
Be diplomatic. dont bring up what you found on your roomies pc and his usage of YOUR internet connection unless he puts his foot in his mouth and brings it up then....go for the jugular :t
Just be straight with your friends, you already have told em up front what your requirements are, if they abuse it then they or he is taking advantage of your friendship.
-
Vulcan,
MAC address filtering is fine when used as a measure to foil retards.
It doesn't sound like we're dealing with a pron addicted rocket scientist, so MAC addy filtering might work just fine. At the very least, it would take maybe 5 minutes to set up the block and it would serve as a test to see how technically competent he is.
If he works around the MAC addy fix, we'll know that at most we'll slow him down and maybe throttle his pron addiction, but probably can't completely cut him out without a little more effort. But if the MAC filter thing works, then it means he doesn't know much about networking and relatively simple workarounds might be possible to let the guy keep using the network while slowing him down a bit. Turning off UPnP and blocking specific ports is one of those things that might help. If he knows enough to change his MAC address, he'll probably know how to switch ports or otherwise bypass simple router filters.
That's why people keep recommending MAC addy filtering even though it's easy to bypass. It's only easy to bypass if you know enough about networking to recognize the problem and attempt to fix it. It's a good test. I guarantee you that even my Mom, who has been making a living programming ("real" programming, with fortran, C, etc on everything from PCs to supercomputers) for the last 15 years would have a really tough time diagnosing and working around a blocked MAC address. She just doesn't have the background in networking even though she's a really talented programmer and works with all sorts of computers for a living.
-
You're still misisng one vital point eagl, how is his wireless network secured?
-
Another thing Vulcan...
You're right, most P2P apps don't *require* UPnP, but many need it to work well out of the box. As a simple example, azureus is a pretty popular bittorrent client and I can't use more than 1/10th of my bandwidth using default client settings if UPnP is off. For that matter, the only way to max out my UL and DL with bittorrent is to have UPnP enabled AND explicitly forward a couple of ports.
Yea that's probably just as much my router's fault as it is Azureus not being the most elegant application, but it illustrates my point that if you change the router's settings to require the user to go in and fiddle with ports, MAC addys, port forwarding, or in any other way change the default settings, you can slow down a whole lot of people who really don't know what they're doing.
Heck, comcast was doing this sort of thing to mess with file sharing before they got caught. All they were doing was inserting packets that told the apps or the computer to drop the connection. This could have been counterproductive since it could cause retry storms and actually increase network traffic, but in effect what they did was use forged packets to limit the number of P2P connections their users could make simultaneously by semi-randomly forcing closed some connections. Yea, a true geek could totally spoof this and get around it, but how many people simply wondered why they weren't getting the bandwidth they paid for?
-
Eagle is right,
however i would like to clarify one thing. If you only allow YOUR mac address AND set the router to only allow 1 pc access online AND change the pswrd to the router then unless he really has some hacking skills then he is effectively stopped. you can workaround that which wont let you have ANY access.
If he does have skills then let us know, between us all and maybe the great skuzzinator we can make his life a sad miserable porn exempt existence to say the least :cool:
EDIT: I still believe trying some diplomacy first is best. You still have to live with the guy (in a non gay strictly platonic kinda way) plus you will have the support of the other people in the house if he does get stupid since it will effect whether or not they can ever use your internet connection in the future. Thats what I was trying to get at in my earlier post
-
Originally posted by Vulcan
You're still misisng one vital point eagl, how is his wireless network secured?
It almost doesn't matter since the point of MAC filtering is to mess with him and see if blocking him out temporarily helps. If you encrypt the network and change the password, it becomes obvious that he's being messed with.
But yes, technically the easiest way to cut him out entirely is to use WPA/PSK and change the password. But that opens up a social problem that may make the technical problem moot.
I'd personally check the router logs and settings to see if his P2P software is actually using UPnP to manage ports. If it is, I'd turn off the router's UPnP and see if it helps. I might also consider turning on QOS and modifying the QOS priority list to put P2P traffic at the bottom and AH at the top, but not many routers let you do that so it might not even be an option.
If I couldn't slow down his usage with UPnP or forwarding common limewire ports to the bit bucket, then I'd temporarily block his MAC address and see if overall network responsiveness perked up. If it did, then I might be tempted to keep his MAC addy blocked until he figured out a way around that.
I don't know how sensitive limewire is to router resets, but rebooting the router every once in a while and listening to the screams is a good way to mess with people using standard FTP or http transfers without a download manager.
-
HEY!!!!
I had NOTHING to do with this or my address!!!
Mac
-
Originally posted by WilldCrd
If you only allow YOUR mac address AND set the router to only allow 1 pc access online AND change the pswrd to the router then unless he really has some hacking skills then he is effectively stopped. you can workaround that which wont let you have ANY access.
Good point.
My router lets me set up MAC filtering in one of two ways. First way is to explicitly block certain MAC addresses. The second way is to explicitly allow only listed MAC addresses. thrila could get the MAC addys of the guys in the house who follow the rules, and list those ones in the allow-only list.
Then he'd have to use a sniffer like ummm airsnort? to pull MAC addys from the traffic and attempt to hijack a connection. But if I recall correctly, that only works during the initial handshake before the connection goes encrypted, so he might have to wait a while.
-
Originally posted by eagl
Good point.
My router lets me set up MAC filtering in one of two ways. First way is to explicitly block certain MAC addresses. The second way is to explicitly allow only listed MAC addresses. thrila could get the MAC addys of the guys in the house who follow the rules, and list those ones in the allow-only list.
Then he'd have to use a sniffer like ummm airsnort? to pull MAC addys from the traffic and attempt to hijack a connection. But if I recall correctly, that only works during the initial handshake before the connection goes encrypted, so he might have to wait a while.
wrong, you can 'push' wep handshakes pretty easily. Most of the wireless hacking tools available are fairly simple and automated such that kids can operate them.
mac + wep = speedbump ... nothing more.
mac addresses to track activity = good way to put the blame on someone else.
WPA or WPA is a different story.
WPA2 with EAP is the ultimate and fairly easy to setup (depending on the router). You just need a wireless router and a radius server (like ISA on a Win 2k or 2003 box) and you're off. I'm sure some freeware radius software could do it too.
-
Vulcan,
Right. I haven't mentioned WEP in... what... over a year now I think. I don't consider it encryption and therefore haven't mentioned it.
My wireless gear theoretically supports WPA2 but I never could find a setup between my laptop, my wife's laptop, and 2 routers at separate houses that would reliably connect with WPA2. So I'm using WPA and what I hope is a long enough non-trivial password.
Still, I think that a simple MAC filter is a good way to temporarily cut someone out and measure both how much they know about networking, and how determined they are to get back on the network. Yea it's easy to work around but only if the person has the requisite knowledge.
I have a few friends who like the pron, but not one of them would know how to change their MAC address, get a wireless "hacker toolkit", distinguish between WEP and WPA, or know a packet from a packard. They turn on the laptop, click on the pretty antenna icon, and hope the light turns green. That's how it is for most people.
-
I remember a couple of friends giggling over a 5 minute boobie clip... I pointed them at the pirate bay's hidden forum and they swore off of internet pron within an hour. Shocked they were. They had NO IDEA.
I'm not a pron fiend or perv, but these guys really thought they were on to something with the 5 minute clip of some cinemax midnight movie that they'd found. I hated to destroy their safe little internet worldview with a couple of keypresses, but I couldn't resist. Plus, they have kids and I figured they ought to at least glimpse the true nature of the dark side so they could choose suitable defensive postures for their home internet access.
I think that for them it was a bit like discovering that santa doesn't exist, but at age 37.
If those guys knew that it would probably take me less than 2 hours to get into their computers from my dorm room, they would probably never turn the things on ever again.
Teh Funnay.
-
Well on a ebil note...since he is using your router, and you ofcourse have access then you can also access HIS pc :t
just slip a few things in that wont really hurt his pc but will definatly get his attention. fairly easy to do. My neighbor "use" to get on other ppls wireless networks in the neighborhood. one day i watched him attempt to get on mine.
At the time i didnt have anything more than just standard WEP encryption on my router. Since the average user at home ( in a house atleast) isn't going to be targeted for the most part.
Anywho i saw him bust past the wep and then start sucking on my bandwidth so i added a few lil gems to his c drive. One of them was a popup that said he had just D/Led a virus and that all files were now being deleted on his C: drive. it would then display all his files being deleted. they werent really but it was fun knowing he was totally FREAKING out for a lil while lol :t
I forget the name of the lil program that did it. i dont have it anymore maybe someone on here can remember the name of it. Im sure im not the onlyone here that knows of it. Its damed funny doing to ppl at the office and hearing them try to do the ctrl/alt/del thing over and over
-
Originally posted by WilldCrd
Eagle is right,
however i would like to clarify one thing. If you only allow YOUR mac address AND set the router to only allow 1 pc access online AND change the pswrd to the router then unless he really has some hacking skills then he is effectively stopped. you can workaround that which wont let you have ANY access.
If he does have skills then let us know, between us all and maybe the great skuzzinator we can make his life a sad miserable porn exempt existence to say the least :cool
Actually, that is a better idea than mine.
WPA key and only allow the roomates mac addy. that you want on would be pretty effective way to stop 'em, or at least slow 'em down.
-
Do a search for...............baseball bat.
-
Originally posted by WilldCrd
sorry but your mistaken. I used wired AND wireless for gaming. I have a 15/15 m/ps connection with verizon fios. It ussually runs about 15.5 wired and 14.8 wireless.
15.5 or 14.8, I assume you talking about speed, that has nothing to do with quality of connection or loss of packets. That just speed..maybe 1 sec 15.5 and other second ZERO. You could be geting 20bit and you're still losing packets and lagging.
Wireless for gaming = garbage.
You can get by with wireless, but its far from a good solid connection.
Wirless is build for convenience, not perfomance or gaming..
-
Originally posted by KK9
15.5 or 14.8, I assume you talking about speed, that has nothing to do with quality of connection or loss of packets. That just speed..maybe 1 sec 15.5 and other second ZERO. You could be geting 20bit and you're still losing packets and lagging.
Wireless for gaming = garbage.
You can get by with wireless, but its far from a good solid connection.
Wirless is build for convenience, not perfomance or gaming..
sorry, but i dont have any issues gamming on my wireless connection. Im sure ppl have had and do have issues but currently with my wireless router and wireless nic i havent had any issues. I dont have lag or warping issues and I play several different online games
-
Tell the guy that you found your connection to be too slow so you did some checking and found a lot traffic coming/going to his computer. Tell him you captured the data and found it was file sharing going both ways. Uploads can kill a dsl connection btw. If you think he might want proof get wire shark and do some capturing. You may need a wireless card in your box if your gateway won't mirror that data to your port.