Someone stealing bandwidth to upload?

[supersunbird]

My brothers business has a wireless lan with a 10GB account from SAOL. It was all used up by the 14th of the month. Seems someone went to all the trouble to crack the WEP and then went about UPLOADING over 5GBs of traffic onto the net. Mostly somewhere between 00:00 and 04:00.

We could see this by using the nifty usage utility on SAOLs site. Its also show the ADSL ports used and its only his port, so the SAOL account itself wasnt hacked or used at another site.

Oh well, the WEP 128bit key is now gonna be changed weekly, MAC adress filtering implemented and hopefully the router can be swtiched off at night (but no, the ****ing LUser employees will phone one in the morning and moan the internet is not working because they are too stupid to understand the concept of switching on a wall sockets power button as shown to them )...

 

[XCalibre]

Maybe someone is running some P2P or torrent apps.

 

[Syndyre]

Why don't you use WPA rather than WEP?

 

[supersunbird]

Well, does windows wireless utility support WPA? If it does, I didnt see it...

 

[bwana]

Windows supports WPA - at least I'm certain it does as a mate frequently logs on to my network with his windows laptop when he comes around.

Are all the pc's switched off at night?

 

[Gromitt]

Maybe someone is running some P2P or torrent apps.

That would be my first thought. Most of the P2P apps can upload files in your "shared" folder while the PC is on. Make sure all PC's connected to the line either do not have the apps or the apps are correctly shutdown overnight.

 

[bwana]

Windows supports WPA - at least I'm certain it does as a mate frequently logs on to my network with his windows laptop when he comes around.

Are all the pc's switched off at night?

EDIT - supplementary question - over how many days was that 5gb uploaded?

 

[XCalibre]

Yup I'm telling you that's the problem

 

[supersunbird]

-----------------------------------------------------------------
Feb 07 14:23:30 to 14:23:43 1 day Upload: 1.592 Gbytes Download: 1.233 Gbytes

Feb 12 14:15:26 to 14:15:37 1 day Upload: 501.060 Mbytes Download: 667.485 Mbytes

Feb 13 14:15:40 to 04:33:03 14:17:10 Upload: 1.474 Gbytes Download: 761.461 Mbytes

-----------------------------------------------------------------

The PCs are mostly off at night, on the other days traffic is much more average and doesnt venture much past the 100mb mark if that.

Didnt recall the amount of usage correctly it seems, yeah, and looking at it must be a P2P...

 

[thisgeek]

Windows does support WPA-PSK.
I am using it.

 

[supersunbird]

EDIT - supplementary question - over how many days was that 5gb uploaded?

But that begs the question, does he use his wireless cards utility or the windows integrated one?

 

[bwana]

But that begs the question, does he use his wireless cards utility or the windows integrated one?

I'd go with the vendor's one.

-----------------------------------------------------------------
Feb 07 14:23:30 to 14:23:43 1 day Upload: 1.592 Gbytes Download: 1.233 Gbytes

Feb 12 14:15:26 to 14:15:37 1 day Upload: 501.060 Mbytes Download: 667.485 Mbytes

Feb 13 14:15:40 to 04:33:03 14:17:10 Upload: 1.474 Gbytes Download: 761.461 Mbytes

-----------------------------------------------------------------

The PCs are mostly off at night, on the other days traffic is much more average and doesnt venture much past the 100mb mark if that.

looking at those stats the uploads could have been anytime throughout the day too.

 

[supersunbird]

And I'd rather not. Have only had trouble with the vendors ones, not as user friendly.

I cant access SMC site to see what the card supports.

 

[Syndyre]

Well, does windows wireless utility support WPA? If it does, I didnt see it...

I've used WPA-PSK with XP.

 

[RoloTomasi]

Well, does windows wireless utility support WPA? If it does, I didnt see it...

The wireless router must support WPA. Additionally, the wireless client cards/adapters must have firmware support and drivers to support WPA.
On each Windows client, verify that the client's network adapter is compatible with the Wireless Zero Configuration (WZC) service (if you want to use Windows wireless utility instead of the wireless adapter 3rd party software).

For wireless clients that are running Windows XP Service Pack 1 (SP1) and that are using a wireless network adapter that supports the Wireless Zero Configuration service, you must obtain and install the Windows WPA Client.

For wireless clients that are running Windows XP service pack 2 (SP2) and that are using a wireless network adapter that supports the Wireless Zero Configuration service, the Windows WPA Client is included in Windows XP SP2. Therefore, additional downloads are not needed. The Windows WPA Client updates the wireless network configuration dialog boxes to support new WPA options.

How To Configure WPA Support in Windows XP:
http://compnetworking.about.com/cs/winxpnetworking/ht/wpainwindowsxp.htm
http://support.microsoft.com/kb/815485/
http://www.microsoft.com/downloads/...25-CE2B-47A4-ABEC-274845DC9E91&displaylang=en
http://www.microsoft.com/downloads/...familyid=009D8425-CE2B-47A4-ABEC-274845DC9E91

 

[RoloTomasi]

And I'd rather not. Have only had trouble with the vendors ones, not as user friendly.

Yes, the windows wireless utility is user friendly but you might end up with other problems. For example, if you find that your wireless connection tend to continuously drop at random times, then you might want to consider using the network adapter vendor wireless software instead.

Windows Zero Configuration service (WZC) constantly scans for other wireless networks. This process can cause clients to randomly drop their wireless connection. The best method for alleviating this problem is to use the third party software to manage your wireless connection. This software will almost always be provided with the driver for the wireless card you are using. Once you have this software installed you will want to disable the WZC service to prevent it from loading at startup.

WZC can also cause problems with SSID's.
If you're near two wireless networks with the same SSID name, WZC will always take the one with the strongest signal (even if you've indicated that the other SSID was your preferred SSID to connect to).

If for added security you've decided to hide your SSID (disable broadcasting the SSID name) because the trusted wireless adapters on your network connecting to your wireless router have been preconfigured to connect with WPA, then WZC can mess things up because since it can't 'see' the SSID, it will constantly scan for wireless networks in the area which could again cause your wireless connection to drop.
With 3rd party wireless software you can hide the SSID and won't have any drops in the connection because you've disabled the WCZ service altogether.

Horses for courses.

 

[XCalibre]

Shame the poor guy just wanted to know what the problem could be, now we're having a discussion about WZC and third party software and WPA.

 

[supersunbird]

hehehe, jy was just wondering what the upload was about, thats all i noticed on wednesday morn over bros shoulder, not the download side until i checked it myself today. Must have been p2p...

 

[RoloTomasi]

Shame the poor guy just wanted to know what the problem could be, now we're having a discussion about WZC and third party software and WPA.

OK, got a bit carried away there. But just maybe there's someone out there that may benefit from the info. Who knows.