Slashdot Mirror

← Back to Stories (view on slashdot.org)

Turning Network Free-Riders' Lives Upside Down

Posted by ryuzaki0 on from the shake-it-like-an-etch-a-sketch dept.

An anonymous reader writes "You discover that your neighbours are using your unsecured wireless network without your permission. Do you secure it? Or do you do something more fun? A few minutes with squid and iptables could greatly improve your neighbours' Web experience ..." Improve is a relative term, but this is certainly gentler than certain other approaches.

3 of 658 comments (clear)

  1. Understanding the Approach to this by blantonl · · Score: 5, Informative

    For those that are struggling to understand how the author of this article is accomplishing his approach, here is some further information.

    The author obviously has a Linux server in his house, that is running DHCPD

    To selectively send some clients to some locations, and others to the normal internet, he assigns an IP address on a different network to clients that don't have MAC Addresses that he knows about.

    Forwarding on to sites of his choice is done by using IPTables, which is a utility that allows you to configure the packet filtering components of the Linux TCP/IP Stack. In this instance, the Linux box is just functioning as a firewall, and he is selectively sending requests from certain IP addresses to different hosts of his chosing.

    Finally, the Up-side-down and blurry-image conversions is accomplished by sending page requests from those before-mentioned IP addresses to a proxy server, which in this case is Squid - and then allowing the proxy server to run a script which calls an ImageMagick command called mogrify which allows you to resize an image, blur, crop, despeckle, dither, draw on, flip, join, re-sample, and much more.

    And that folks, is the rest of the story.

    --
    Lindsay Blanton
    RadioReference.com
  2. Re:Goats by Starker_Kull · · Score: 5, Informative

    It shouldn't be too hard to set up some fixed IP addresses for your home machines, and let "guests" use a different IP range, for which you have implemented port blocking for all but 80, 25 and a few others for https and sending email, if you wish.

  3. Re:Goats by g4c · · Score: 4, Informative

    It is trivial for somebody to sniff your wireless card's MAC and spoof it. However, it requires enough knowledge to operate a sniffer and a MAC spoofer, thus eliminating 99% of the population. And even at that, they have to catch you while you are using the computer in order to find out your MAC, which potentially requires a time investment. After that, they might have to flood the ARP tables (does this even work over wireless?) if your computer is still on while they are trying to spoof your MAC. I guess trivial is a relative term... Why I am even posting this? Somebody please mod me down...