Hi, thanks in advance for help.
I have someone leeching off my Wifi net, who seems to be able to 'break-in' no matter how i secure the WiFi net.
Anyone know of any free Windows Mobile software that will show signal strength of Wifi CLIENTS nearby. Not Access Points, but CLIENTs.
I want to go find this guy.
thanks
Hi there!
If you got an "leecher" on your network I would recommend you to start your search on your router.
You didn't provide any specs, how did you find out that someone is on your network?
Next question, have you changed both, router pass and wlan key?
Are u using weak encryption (wep)?
Whats about your mac-filter?active?
I would guess you've got an dhcp server on your network/router... go there and check the dhcp releases. Any suspicious entrys? You should know all the devices listed there. If you have found a IP you don't know, ping it and check if its alive (those packages can be ignored by the host), try to access it via smb, you could also try a demo of languard and try to read out details like os, user, owner...
I'm almost shure you can't use your wm device to locate a client of a network, unless you can switch your wlancard to ap-mode and he connects to you ^^
Nope, need signal strenght reader if poss.
Thanks for the comment, but I'm pretty security savvy, and have done most of what you recommend.
I actually can't believe he's still getting in when I've locked down so tight.
Anyway, it's a CLIENT signal strengh program that I'm trying to find.
Rogue clients are malicious wireless client devices that either try to gain illegitimate access to your WLAN or try to disrupt normal wireless service by launching attacks. There are numerous ready-to-launch wireless attack tools freely available on the net. Many of them are open sourced and work pretty well with most Wireless client cards. This turns any curious mind to professional hacker in minutes. Many do it simply for the pleasure of being able to disturb someone remotely. All these developments force WLAN administrators to give a second look at any wireless client that is misbehaving.
What means most of that what i recommended?
Did you actually change the router password AND the wlan key?
Sorry, I don't think that you can trace him with your mobile. as long as hes not connected to your mobilephones wireless network (wich requires your mobile wlan device to switch to ap-mode).
Forget about that.
Please tell us, why do you think somebody is on your network, how did you find out... whats the "evidence" for you that there is somebody.
I'd like to help u, but i need some further details to lock him out.
I hope you know that its just a matter of minutes to break a wep key. GPUs are used to decode it, which is damn fast!
So please provide more specs about your network.
Greetings
1: Use WPA instead of WEP.
WEP is crackable in a matter of seconds.
2: Assign access control/MAC filtering
3: Use your network in ad-hoc mode
Well, WPA is crackable too.
The person in question might change his MAC to yours and create collisions anyways
Can you be sure that he has really associated with your router. I have noticed some client/router combinations "apparently" associate but all traffic is blocked because they did not provide the right key.
As others say - use WPA WPA2 and use a strong (non dictionary) passphrase
get a computer that can run airodump or something similar.
run airodump with it set to the channel of you router - not in hopping mode as you will miss lots of packets.
Airodump will tell you the strength of the signal from his computer so if you have this on a laptop you can move around and possibly can an idea roughly where he is
Thank you, i will try Airodump
Thanks in particular Scote.
I didn't list the router config simply becuase I am confident it's pretty secure:
Router is a new Belkin N1
- 63 random char password from grc.com/passwords
- SSID is "netgear" even though its a Belkin : intention to mislead for access URL.
- WPA2-PSK AES encryption
- SSID not broadcasting
I didn't bother with MAC filtering, as I understand a good 'hacker' can spoof it : If this guy can get through WPA2 I would say he can probably MAC spoof.
My 'evidence', is that up to 3 unkown computers turn up on the 'Clients List', around 4 hours after I change the SSID/password : Each time.
I have 2 laptops, so I will try Airodump or maybe Backtrack (suggested elswhere) on these as a 'direction finder' based on signal strength.
Hmmm...I did read somewhere you can set a Kaiser to be an access point...
Thanks all
Yes you can.
Someone found his stolen Wii/mobile phone (don't remember which one) that way.
There was even an article on the net.
As we don't have a Droid forum here yet, or anything for Android 2.0 AFAIK, this seemed like the best place to start the conversation. Feel free to move it, if there is a better place, but the question is specifically on networking and how two different phone OSs handle it.
If you don't know what an ad-hoc network is, I'll summarize by saying that, in my lexicon, it is a way for wireless devices to form connections with each other, allowing any Internet connection on the network to be shared by all. A more precise definition is here: http://en.wikipedia.org/wiki/Mobile_ad_hoc_network See also "mesh network" and "Wifi Tethering".
So.. I am considering upgrading my Titan to a Droid. Frankly, the main thing that is keeping me from doing this is that I can't give up WMWiFiRouter. WMWiFiRouter sets up an adhoc wifi network with (or without) security, thus sharing my 3g connection with all I give my network key to.
After finding & buying this program, I was able to drop my $60/mo (or w/e) EVDO card account. So. it is worth it to stay on a Titan till I am sure my phone can be used to connect my laptop/netbook/wife's ipod to the Internet while I am out of my house. I work from home so if I don't have portable wifi access I go stir crazy after a few weeks. I hear "Wifi Tethering" is going to become a product for VZW, but we all know that means it could be a year or three away. Can you all help me decide if upgrading to a Droid is possible. Do any of you have any experience with ad-hoc networking on a Droid?
Here's what I've found so far:
It's possible to have a G1 access an ad hoc network if you "root" your phone and change ini settings to allow it. (Also assign a permanent IP address to all adhoc network members). See: http://modmygphone.com/forums/showthread.php?t=22681
I do not know if this works on Android 2.0. I do not know if Verizon has put something in place to block this. Does anyone have any experience in this area or have a Droid that they can test with?
Your help would be appreciated!
Additional info I've found:
"Rooting" is not yet possible on a Droid. Eliminating the fix mentioned above.
http://droidie.com/2009/11/10/can-android-tether-today-for-0-extra/#comment-121
PDANet is a program that allows USB and bluetooth tethering on all "recently released Motorola and HTC [Android] phones" kkww
For those following along, this is the most promising thread I've found on rooting the Droid.. http://www.alldroid.org/viewtopic.php?f=210&t=431&start=280 This link starts you around page 29, which will be near the end for a little while...
I'm really beginning to wonder if I shouldn't just stick to a touch pro2 since I have a slick setup atm and google maps will release turn by turn voice to all in due time.
The problem is that I want to play!!! and android is calling me..
Have you made any progress on getting a Droid to recognize the WMWifiRouter network? I have a Droid with the router program running on a HTC TP2...there's an app called Hidden SSID Enabler which should resolve thi problem but I haven't been able to figure out what the SSID # is for the TP2...any thoughts?
Bump. Similar situation for me. I run WMWifiRouter on my Sprint Touch Pro and use it several hours a day. I'm ready to switch to a newer phone but want to make sure I can set it up as a ad hoc wifi spot. I'm torn between the Droid and the Nexus One but doubt T-Mobile's network is robust enough for what I need so at least for now, the Droid is the front-runner (I'll believe the N1 will work on Verizon when I see it -- could be 6 months or more).
Any update? Thanks!
I contacted the support folks over at WMWifiRouter and got this reply:
Our apologies for not getting back to you sooner.
Indeed, Android devices by default cannot connect to ad-hoc networks. A rather silly restriction, as the
device is more than capable to use these networks - Google just didn't build it into the interface.
Note that an ad-hoc network and a Hidden SSID are two unrelated things.
Unfortunately, there is no way around this issue unless your device is rooted. In that case we still cannot
tell you which commands to execute to be able to connect, but we know it is possible if you have root.
Kinds regards,
WMWifiRouter Customer Support
In looking through the "rooting" thread above it seemed way too complicated for me to attempt...if anyone can post or direct me to an "idiot's guide" tutorial for rooting a Droid I'd be most appreciative.
Hey guys, rooting for the droid is here already, some info can be found here
"i cannot post outside links..."
so what happends after you root your droid?
Bump, and I've found this thread:
code.google.com/p/android/issues/detail?id=82
about the official development of this feature, and I saw, although there are tricks that works for the G1 and the older phones, it is not working for the droid or those newer ones.
Hi
I have found the solution. I am using Ubuntu 10.04 and Using superfroyo2.2 on my HTC dream. I can connect to wifi adhoc network of my PC and enjoying internet on it.
I have attached the zip file. Please extract the file to get tiwlan.ini and wpa_supplicant.conf file. Replace your mobile's file with these ones and enjoy ad-hoc wifi.
You can use below commands, with mobile connected to PC via usb to replace the files:
adb shell
# mount -o rw,remount -t yaffs2 /dev/block/mtdblock3 /system
# exit
> adb push tiwlan.ini /system/etc/wifi/tiwlan.ini
> adb push wpa_supplicant.conf /data/misc/wifi/wpa_supplicant.conf
> adb shell
# mount -o ro,remount -t yaffs2 /dev/block/mtdblock3 /system
# exit
I was using ubuntu bash and I placed both files in the tools folder of SDK. and then I ran the commands from that directory so that no path issues arise.
One more thing, You should create adhoc wireless with SSID iBM and leave it open without security key.
Hey, all apologies if it DOES work, since I havent tried it yet, but when I view the tiwlan.ini file you've included in the zip file, it still says wifiadhoc=0
the .conf file IS setup to use your SSID name if iBM like you were saying though...
so I THINK you might have included the wrong file... but hell, I've been wrong before... I screwed up my wifi messing with this, so I'm just gonna try your files anyway, since they'll probably at least set me back to where I was...
adol
OKAY, so I guess I've gotta apologize- I just tried it, and danged if your files didn't work like a charm... so, my next question is; how did they work, when wifiadhoc=0?
Am I somehow seeing the contents of the file incorrectly, or is it something along the lines of you having set up a static ip or something? I'm gonna look into it a bit, which I haven't done yet, so if either of the things I just said made no sense, just disregard them and go ahead with the explanation...
Anyways, thanks for posting those files; I was starting to get rather frustrated with my inability to get this stupid crap to work.
adol
ok a few quick questions
has any one tested this on a sprint epic
is there a 1 click install for this pack
ive got some skill but this is defiantly out of my range
thanks
installing cyanogen mod 7 should resolve your problem...
guys y to roor the phone?install cyanogen 7 etc??
i think only some expert guys(i.e who can deal the problems their on without any suggestions) can deal with such kind of thngs...insted if we creat a virtyal access point,,thats better i think..
try using mhotspot...
Wifi Connection shared as a Wifi Router...see this thread...
Indeed CM7 does solve ad hoc networking problems. I've yet to find a suitable solution on froyo, although google gave me plenty of stuff to try.
cm7 ?
I have CM7.1 running but I still cant see any ad-hoc wifi networks!
I tried replacing the tiwlan and wpa_*.conf files but that just messed up my wifi worse.
jumblies said:
Indeed CM7 does solve ad hoc networking problems. I've yet to find a suitable solution on froyo, although google gave me plenty of stuff to try.
Click to expand...
Click to collapse
Hi,
Just got a shiny new Galaxy Note 10.1 last weekend. Yesterday, after receiving my case and keyboard from Amazon, I brought it in to school to start taking advantage of the S-Pen for note taking in classes that keyboards don't quite cut it in. Unfortunately, it revived an issue that I had and ignored on my HTC Rezound from last year... an issue that a WiFi device can't ignore, and unfortunately my phone's battery is not up to using CM10's tether function all day (and it might start running down my monthly data being used 5 days a week, all day).
So, any ideas what might cause this issue? The school primarily has Macs, and my Windows 8 Laptop sometimes has issues, but at least half the time it works fine. It is just Android devices that will not work. They connect, and get great signal strength, but just won't get any actual data. To my knowledge, nobody has ever gotten an Android device to connect. My Rezound is running an unofficial CM10 (4.1 JB) version, and my Note is using whatever the newest official update is (4.1 as well, I believe. Non-rooted). I don't know a whole lot about this type of stuff, but I'm not afraid to tinker around to try and get it working. I've tried a few other suggestions from numerous Google searches, but to no avail so far. The network is unprotected, and run by the school's IT people, so needless to say I have no way to easily change settings for the campus' network. I'd prefer not root the Note just yet, but if I need to, so be it. Any ideas what this might be?
Thanks
Some more Info
Coffeeist said:
[Original Post]
Click to expand...
Click to collapse
Some more info:
I cannot ping the tablet from my laptop (I get no packet loss, but all return 'Destination Host Unreachable'.
Same result if I try pinging my laptop or the router from my tablet using Terminal Emulator.
Sometimes, if set to DHCP, the tablet will give an 'Authentication Error Occured' error (or similar, I don't recall the actual wording). Sometimes it indicates a connection, but just won't work. I've never had a problem connecting using the same info as my laptop (with the IP changed, of course), but again, no internet, no ping.
Thanks
May or may not be the problem, but from what I've noticed, school networks tend to have a lot of blocked ports. I know the main Google Sync Framework uses port 5228. Try shooting an email to a network admin in your school's IT dept, asking about that port or just in general if they're aware that Android devices are unable to connect on their network.
Coffeeist said:
Some more info:
I cannot ping the tablet from my laptop (I get no packet loss, but all return 'Destination Host Unreachable'.
Same result if I try pinging my laptop or the router from my tablet using Terminal Emulator.
Sometimes, if set to DHCP, the tablet will give an 'Authentication Error Occured' error (or similar, I don't recall the actual wording). Sometimes it indicates a connection, but just won't work. I've never had a problem connecting using the same info as my laptop (with the IP changed, of course), but again, no internet, no ping.
Thanks
Click to expand...
Click to collapse
What do you mean by "same info as my laptop" what types of credentials are you referring to? Something you have to change on the laptop in order to get in? The more information regarding this you can provide (safely, mind you, mask/alter any sensitive info), the better we can assist you. If you have to do something like set a VLAN, then you're never going to get an Android device to work as we do not have the capability to use VLAN'd wireless like most PCs and Macs can with the proper configuration changes. If there's some browser catch-all page, then that should work, but based on your statement "with the IP changed" leads me to believe that you're messing with the adapter settings directly. I would be especially keen to helping you with more detailed networking issues like this should you provide me with the information requested. I look forward to your reply. (Yes, I like technical challenges like this, it's why I work VoIP support.)
IP address or no IP address
Coffeeist said:
Some more info:
I cannot ping the tablet from my laptop (I get no packet loss, but all return 'Destination Host Unreachable'.
Same result if I try pinging my laptop or the router from my tablet using Terminal Emulator.
Sometimes, if set to DHCP, the tablet will give an 'Authentication Error Occured' error (or similar, I don't recall the actual wording). Sometimes it indicates a connection, but just won't work. I've never had a problem connecting using the same info as my laptop (with the IP changed, of course), but again, no internet, no ping.
Thanks
Click to expand...
Click to collapse
since you know ping, then did you check the IP address for each device?
Back to basic:
1: ping your device gateway IP
2) if ok, then ping ur device (tablet or laptop)
3) if ok then ping bbc.co.uk (this will check your dns), if failed ping your dns's IP address.
If no IP on android, then check if there is any protection on device. It sound like no IP been allocated for you.
Depends on how good a school's IT dept. I have not seen many school actually put filter to stop non-window device.
I am not sure it has anything to do with VLAN yet. As a simple logon, device does not care VLAN or no VLAN.
The basic for us is 1) get an IP on device. 2) know how to get out (gateway IP) 3) interrept hwere you go (DNS resolution) 4) know how to get to internet (internet router, internet firewall, internet boardband et...)
If you have authentication error, then it is sure you are not going to get an IP address. If this is WiFi then check on security (WEP, WAP...TKIP...)
tinbox134 said:
since you know ping, then did you check the IP address for each device?
Back to basic:
1: ping your device gateway IP
2) if ok, then ping ur device (tablet or laptop)
3) if ok then ping bbc.co.uk (this will check your dns), if failed ping your dns's IP address.
If no IP on android, then check if there is any protection on device. It sound like no IP been allocated for you.
Depends on how good a school's IT dept. I have not seen many school actually put filter to stop non-window device.
I am not sure it has anything to do with VLAN yet. As a simple logon, device does not care VLAN or no VLAN.
The basic for us is 1) get an IP on device. 2) know how to get out (gateway IP) 3) interrept hwere you go (DNS resolution) 4) know how to get to internet (internet router, internet firewall, internet boardband et...)
If you have authentication error, then it is sure you are not going to get an IP address. If this is WiFi then check on security (WEP, WAP...TKIP...)
Click to expand...
Click to collapse
Hello Coffeeist,
Please contact your schools IT department and find out what kind of encryption they use on their APs.
If they use TKIP, then that is whats causing the problem with android devices.
Once TKIP is disabled on the AP you are connecting to, you will be able to reach the internet.
I say this because I had the same problem in the past (setting up Cisco APs), and can confirm that this is the cause of the problem.
TKIP shouldn't be used anyway. They should be using AES. TKIP is too weak.
I guess that last part answered another question that you might of had. (Why TKIP doesn't work with Android?) Android=Secure TKIP=WEAK.... Unacceptable for Android
Also, you mention something about not being able to ping your tablet from your laptop. If I understand this correctly, you have both your laptop and tablet connected to the same AP and you are trying to ping between the two. This wont work in most cases. Reason: "Port-Protection", which if enabled doesn't allow clients on the AP to communicate with each other.
Regards,
Ed
Let us know how it goes.
nasvi said:
Hello Coffeeist,
Please contact your schools IT department and find out what kind of encryption they use on their APs.
If they use TKIP, then that is whats causing the problem with android devices.
Once TKIP is disabled on the AP you are connecting to, you will be able to reach the internet.
I say this because I had the same problem in the past (setting up Cisco APs), and can confirm that this is the cause of the problem.
TKIP shouldn't be used anyway. They should be using AES. TKIP is too weak.
I guess that last part answered another question that you might of had. (Why TKIP doesn't work with Android?) Android=Secure TKIP=WEAK.... Unacceptable for Android
Also, you mention something about not being able to ping your tablet from your laptop. If I understand this correctly, you have both your laptop and tablet connected to the same AP and you are trying to ping between the two. This wont work in most cases. Reason: "Port-Protection", which if enabled doesn't allow clients on the AP to communicate with each other.
Regards,
Ed
Let us know how it goes.
Click to expand...
Click to collapse
With useful posts above the rest is not much left for me to say but a simple advice
Make sure your friends aren't playing a prank on you coz I tend to do it I use arpspoof and aireplay-ng to cause such mayhem
Sent from my A116 using Tapatalk 2
Airplay and Arpspoof wouldn't be possible if MFP is enabled on the AP. Also the OP is stating that it is with all android devices and not 1.
Sent from my HTC One XL using xda app-developers app
responses
First off, thanks for all of the posts, and I apologize for taking so long to respond.
Also, I did check port 5228 with my laptop, and it seemed to indeed be closed. Haven't been able to contact IT yet, but I will need to soon to solve an issue with another, unrelated issue.
Cynagen said:
What do you mean by "same info as my laptop" what types of credentials are you referring to? Something you have to change on the laptop in order to get in? The more information regarding this you can provide (safely, mind you, mask/alter any sensitive info), the better we can assist you. If you have to do something like set a VLAN, then you're never going to get an Android device to work as we do not have the capability to use VLAN'd wireless like most PCs and Macs can with the proper configuration changes. If there's some browser catch-all page, then that should work, but based on your statement "with the IP changed" leads me to believe that you're messing with the adapter settings directly. I would be especially keen to helping you with more detailed networking issues like this should you provide me with the information requested. I look forward to your reply. (Yes, I like technical challenges like this, it's why I work VoIP support.)
Click to expand...
Click to collapse
Just IP/DHCP/DNS (and I've also tried public DNS such as Google). Nothing fancy set up on the laptop (everything should be on Windows default network settings, same with Android on both devices). There is also no catch-all page, assuming I'm interpreting that correctly (as a login page sort of thing, like I'd get at Starbucks or a Hotel).
Glad to provide the challenge... truth be told, underneath the annoyance of lacking connection, I love issues like this because of the fun tricks and such that solving them can teach.
tinbox134 said:
since you know ping, then did you check the IP address for each device?
Back to basic:
1: ping your device gateway IP
2) if ok, then ping ur device (tablet or laptop)
3) if ok then ping bbc.co.uk (this will check your dns), if failed ping your dns's IP address.
If no IP on android, then check if there is any protection on device. It sound like no IP been allocated for you.
Depends on how good a school's IT dept. I have not seen many school actually put filter to stop non-window device.
I am not sure it has anything to do with VLAN yet. As a simple logon, device does not care VLAN or no VLAN.
The basic for us is 1) get an IP on device. 2) know how to get out (gateway IP) 3) interrept hwere you go (DNS resolution) 4) know how to get to internet (internet router, internet firewall, internet boardband et...)
If you have authentication error, then it is sure you are not going to get an IP address. If this is WiFi then check on security (WEP, WAP...TKIP...)
Click to expand...
Click to collapse
1. If I recall, this either had full loss, or Destination Host Unreachable, when pinging the gateway IP from the tablet.
2. Have tried this nonetheless, and I think I made it through once or twice just after turning on the tablet, but after that would only get Dest. Host Unreachable.
3. Had tried with Google, fails across any DNS.
I seem to get an IP, although sometimes I get the authentication error in Android and it won't connect. Whenever I set a static IP, based off of my laptop's IP (not the same, of course), I get connected, just no internet.
nasvi said:
Hello Coffeeist,
Please contact your schools IT department and find out what kind of encryption they use on their APs.
If they use TKIP, then that is whats causing the problem with android devices.
Once TKIP is disabled on the AP you are connecting to, you will be able to reach the internet.
I say this because I had the same problem in the past (setting up Cisco APs), and can confirm that this is the cause of the problem.
TKIP shouldn't be used anyway. They should be using AES. TKIP is too weak.
I guess that last part answered another question that you might of had. (Why TKIP doesn't work with Android?) Android=Secure TKIP=WEAK.... Unacceptable for Android
Also, you mention something about not being able to ping your tablet from your laptop. If I understand this correctly, you have both your laptop and tablet connected to the same AP and you are trying to ping between the two. This wont work in most cases. Reason: "Port-Protection", which if enabled doesn't allow clients on the AP to communicate with each other.
Regards,
Ed
Let us know how it goes.
Click to expand...
Click to collapse
Unless I am totally clueless about this stuff (er, moreso than I though I already was), it uses neither TKIP or AES, being an open and unsecured network.
sak-venom1997 said:
With useful posts above the rest is not much left for me to say but a simple advice
Make sure your friends aren't playing a prank on you coz I tend to do it I use arpspoof and aireplay-ng to cause such mayhem
Sent from my A116 using Tapatalk 2
Click to expand...
Click to collapse
Haha, I doubt it. None of my friends, especially the ones who I think would even try and do something like this, are tech-savvy enough for me to have any suspicion of that. Thanks though
Another piece of info (a pretty weird seeming one at that): Sometimes, I'll turn on my tablet in the middle of the day, and out of the blue there is an email notification there, for recent emails. Of course, if I go into browser, I can't get any pages. Can't think of any other networks that the device could/would connect to on campus, either.
Thanks!
Coffeeist said:
First off, thanks for all of the posts, and I apologize for taking so long to respond.
Also, I did check port 5228 with my laptop, and it seemed to indeed be closed. Haven't been able to contact IT yet, but I will need to soon to solve an issue with another, unrelated issue.
Just IP/DHCP/DNS (and I've also tried public DNS such as Google). Nothing fancy set up on the laptop (everything should be on Windows default network settings, same with Android on both devices). There is also no catch-all page, assuming I'm interpreting that correctly (as a login page sort of thing, like I'd get at Starbucks or a Hotel).
Glad to provide the challenge... truth be told, underneath the annoyance of lacking connection, I love issues like this because of the fun tricks and such that solving them can teach.
1. If I recall, this either had full loss, or Destination Host Unreachable, when pinging the gateway IP from the tablet.
2. Have tried this nonetheless, and I think I made it through once or twice just after turning on the tablet, but after that would only get Dest. Host Unreachable.
3. Had tried with Google, fails across any DNS.
I seem to get an IP, although sometimes I get the authentication error in Android and it won't connect. Whenever I set a static IP, based off of my laptop's IP (not the same, of course), I get connected, just no internet.
Unless I am totally clueless about this stuff (er, moreso than I though I already was), it uses neither TKIP or AES, being an open and unsecured network.
Haha, I doubt it. None of my friends, especially the ones who I think would even try and do something like this, are tech-savvy enough for me to have any suspicion of that. Thanks though
Another piece of info (a pretty weird seeming one at that): Sometimes, I'll turn on my tablet in the middle of the day, and out of the blue there is an email notification there, for recent emails. Of course, if I go into browser, I can't get any pages. Can't think of any other networks that the device could/would connect to on campus, either.
Thanks!
Click to expand...
Click to collapse
Based on your responses, I have a follow up question and comment. The question is as follows: Did you have to register your computer with your IT when you started school in order to be permitted on the wireless network? If this was the case they're likely filtering based on MAC address (which you won't be able to spoof on your Android, but you may be able to spoof on your laptop), get them to re-register your laptop after you spoof the MAC address so you can get both devices on using the same MAC address (though not at the same time of course unless you're fine with stuff randomly not working). The comment is as follows: Yeah, finding the workarounds to get back limitations like this is definitely a fun challenge because when you win, you've definitely learned something new. Oh, and you were right about my question of the gateway authentication page like a hotel wifi login page.
MAC
Cynagen said:
Based on your responses, I have a follow up question and comment. The question is as follows: Did you have to register your computer with your IT when you started school in order to be permitted on the wireless network? If this was the case they're likely filtering based on MAC address (which you won't be able to spoof on your Android, but you may be able to spoof on your laptop), get them to re-register it after you spoof the MAC address so you can get both devices on using the same MAC address (though not at the same time of course). The comment is as follows: Yeah, finding the workarounds to get back limitations like this is definitely a fun challenge because when you win, you've definitely learned something new.
Click to expand...
Click to collapse
Nope, it was up and running just through connecting normally, and has been since (mostly) - no registration or anything like that. Now, the reason that I put 'mostly' in parentheses is that sometimes the computer will be connected, but also have no internet (I don't think this started until I, dare I admit, upgraded to Windows 8). However, this only happens sometimes, whereas the Android devices never get internet access.
However, on the topic of MAC addresses, one post (in fact, I think it was on XDA) I saw awhile back while Google searching this problem was that someone had a similar issue, found to be with their device's MAC address having the letters 'FA' instead of 'FB' or something like that. Being that my Note isn't rooted, I haven't tested it with that, but perhaps I should give that a try with my CM10 Rezound?
(This is the post: HERE)
Thanks!
Coffeeist said:
Nope, it was up and running just through connecting normally, and has been since (mostly) - no registration or anything like that. Now, the reason that I put 'mostly' in parentheses is that sometimes the computer will be connected, but also have no internet (I don't think this started until I, dare I admit, upgraded to Windows 8). However, this only happens sometimes, whereas the Android devices never get internet access.
However, on the topic of MAC addresses, one post (in fact, I think it was on XDA) I saw awhile back while Google searching this problem was that someone had a similar issue, found to be with their device's MAC address having the letters 'FA' instead of 'FB' or something like that. Being that my Note isn't rooted, I haven't tested it with that, but perhaps I should give that a try with my CM10 Rezound?
(This is the post: HERE)
Thanks!
Click to expand...
Click to collapse
That shouldn't be it unless they have corporate level routers that don't recognize the MAC address of any devices manufactured after 2009 (when most of these manufacturers got the MAC addresses assigned to them (this is VERY unlikely)). I would honestly work with IT on campus and advise that it appears not a single Android device is allowed on the network. If they're blocking Android for any reason, check the terms of service for using the WiFi and see if there's any provisions for banning an entire brand of device/OS for whatever reason. If there's only provisions for individual banning, then take it back to them and show them that your record has not been abusive in the least and go from there. Make a case, otherwise draw one up with legal council. *shrugs* I don't believe anyone should ever be punished for the type of device they chose to purchase, that's first amendment choice, but it really comes down to their terms of service which you agree to by using the wifi.
Cynagen said:
That shouldn't be it unless they have corporate level routers that don't recognize the MAC address of any devices manufactured after 2009 (when most of these manufacturers got the MAC addresses assigned to them (this is VERY unlikely)). I would honestly work with IT on campus and advise that it appears not a single Android device is allowed on the network. If they're blocking Android for any reason, check the terms of service for using the WiFi and see if there's any provisions for banning an entire brand of device/OS for whatever reason. If there's only provisions for individual banning, then take it back to them and show them that your record has not been abusive in the least and go from there. Make a case, otherwise draw one up with legal council. *shrugs* I don't believe anyone should ever be punished for the type of device they chose to purchase, that's first amendment choice, but it really comes down to their terms of service which you agree to by using the wifi.
Click to expand...
Click to collapse
I'll give it a shot, thanks.
Coffeeist said:
I'll give it a shot, thanks.
Click to expand...
Click to collapse
Sorry to bump the thread, but seeing as it's my own I figured it would be alright...
I got around to asking the the school IT about the issue, and they said that the deliberately block mobile traffic, which they went on to find out does include Android tablets (I understand phones, but I can't even begin to understand why they target Android tablets... unfortunately, that's not my call). I Google searched a bit, and found that networking devices from a company called Aruba can be set to block traffic from specific types of devices (supposedly Cisco and a few other companies can do similar things too), by checking something with the HTML version, or something like that (I'm by no means a networking expert hehe).
So, I guess I'll make my last effort with this thing, and ask if anyone knows of some legal, non-hacky way of getting by this?
I'm guessing not, but worth asking.
Thanks
Coffeeist said:
Sorry to bump the thread, but seeing as it's my own I figured it would be alright...
I got around to asking the the school IT about the issue, and they said that the deliberately block mobile traffic, which they went on to find out does include Android tablets (I understand phones, but I can't even begin to understand why they target Android tablets... unfortunately, that's not my call). I Google searched a bit, and found that networking devices from a company called Aruba can be set to block traffic from specific types of devices (supposedly Cisco and a few other companies can do similar things too), by checking something with the HTML version, or something like that (I'm by no means a networking expert hehe).
So, I guess I'll make my last effort with this thing, and ask if anyone knows of some legal, non-hacky way of getting by this?
I'm guessing not, but worth asking.
Thanks
Click to expand...
Click to collapse
Before discussing any workarounds, you may need to review the Terms of Service for your wifi on the school premises first, review the consequences for bypassing their security measures, and figure if it's worth the risk to you... At this time, it'll be kind of "hacky" to get around such a block. In order to provide you with a valid workaround though we'll need a little bit of information regarding what's going on when you connect.
First, when you connect to the WiFi with your Android device, do you even receive an IP address? If you don't then we'll stop here, the only way to get around the types of blocks they're employing at this level would require hardware hacking/firmware reprogramming to change the identity of the device itself, which is flat out illegal in just about anywhere I can think of. Here's your checklist, fill out where applicable: (Even if you set static information to accomplish this, that will be a valid Y.)
Get an IP? (If Y, proceed)
Is it a valid IP address on the same network as your PC? (Either way, don't care)
Can you ping the gateway you got from DHCP on Android? (If Y, proceed)
Can you ping the DNS server(s) you got from DHCP on Android? (If Y, proceed)
Can you ping an external server such as Google DNS (8.8.8.8) on Android? (If Y, then we're done here)
It's kind of a bit of a process unfortunately, however, if you pass every single one of these tests with the Android device, there's good news. They're only filtering traffic based on the User-Agent identification of all your applications (and based on the MAC address of your device, denying your DHCP requests), you should be able to bypass this with a VPN tunnel back to your home from your Android (after setting your static IP) in order to encrypt and keep this information from leaking to their systems. However, this will likely set off alarms if they monitor their network heavily. If the school IT asks, then you're "working on projects in-between classes on your computer at home and your family has a home office with VPN already, so you used that to connect back to the house". Either way, they can't say much about it besides cut you off... again. Anywhos, I wouldn't recommend trying to bypass without doing all this research first, and then also evaluating the possible consequences, however the rewards are within themselves. You'll be the only person at school with a working mobile device, (besides those iSuckers). Technically, encrypting your traffic is completely legal (and they can't say anything legally about it), however, setting a static IP address in the same range as your computer at school may be against their TOS which you abide by being on campus. Let us know how everything goes.
Cynagen said:
Get an IP? (If Y, proceed)
Is it a valid IP address on the same network as your PC? (Either way, don't care)
Can you ping the gateway you got from DHCP on Android? (If Y, proceed)
Can you ping the DNS server(s) you got from DHCP on Android? (If Y, proceed)
Can you ping an external server such as Google DNS (8.8.8.8) on Android? (If Y, then we're done here)
Click to expand...
Click to collapse
With Static I set an IP and all other info (Gateway, DNS, etc, except for Network Prefix Length... no clue what that is, left it at 24 default), and could not ping gateway
Dynamic/DHCP I will have to check tomorrow, after downloading stuff for the tablet to get that info (I think I need root to use IfConfig with Terminal Emulator, correct?).
Whatever they use to block me out, it seems to have a slight hole built in... every day, multiple times a day, I will look down at my tablet and see notifications (mainly email, occasionally Facebook, etc) that pushed through on the schools network (I know that for sure, being that often times the emails are messages received during the day, in a time period where the tablet has been nowhere near any other networks). Maybe this hole can be breached?
Thanks!
Coffeeist said:
With Static I set an IP and all other info (Gateway, DNS, etc, except for Network Prefix Length... no clue what that is, left it at 24 default), and could not ping gateway
Dynamic/DHCP I will have to check tomorrow, after downloading stuff for the tablet to get that info (I think I need root to use IfConfig with Terminal Emulator, correct?).
Whatever they use to block me out, it seems to have a slight hole built in... every day, multiple times a day, I will look down at my tablet and see notifications (mainly email, occasionally Facebook, etc) that pushed through on the schools network (I know that for sure, being that often times the emails are messages received during the day, in a time period where the tablet has been nowhere near any other networks). Maybe this hole can be breached?
Thanks!
Click to expand...
Click to collapse
It seems like small gaps where the system doesn't block you long enough to receive some traffic, but that is promising. BTW, you can get your "network prefix" (netmask as we call it) from your computer. If you go into the command prompt on windows and run "ipconfig /all" you'll get 4 useful bits of info we need, IP address (so you can mimic it), the gateway, the subnet mask (usually 255.255.something.something) and the DNS servers. The subnet mask determines what you use, and I HIGHLY doubt they use 24 (that's mainly for home networks, 24 = 254 devices permitted on the DHCP, 16 = 65534 devices (this is WAY more likely)).
Cynagen said:
It seems like small gaps where the system doesn't block you long enough to receive some traffic, but that is promising. BTW, you can get your "network prefix" (netmask as we call it) from your computer. If you go into the command prompt on windows and run "ipconfig /all" you'll get 4 useful bits of info we need, IP address (so you can mimic it), the gateway, the subnet mask (usually 255.255.something.something) and the DNS servers. The subnet mask determines what you use, and I HIGHLY doubt they use 24 (that's mainly for home networks, 24 = 254 devices permitted on the DHCP, 16 = 65534 devices (this is WAY more likely)).
Click to expand...
Click to collapse
Well, I just had a clean connection for about 5 minutes, and had a normal-looking IP based on my PC. Using Terminal Emulator I pinged the gateway after my connection failed, still with no response. I still appeared to have a proper IP on my tablet, but no actual internet connection.
So, perhaps these small windows are something to pursue? Or perhaps sticking with the VPN plan is best?
Thanks!
Coffeeist said:
Well, I just had a clean connection for about 5 minutes, and had a normal-looking IP based on my PC. Using Terminal Emulator I pinged the gateway after my connection failed, still with no response. I still appeared to have a proper IP on my tablet, but no actual internet connection.
So, perhaps these small windows are something to pursue? Or perhaps sticking with the VPN plan is best?
Thanks!
Click to expand...
Click to collapse
You need to make sure your networking information is entered correctly, you still haven't said anything about the netmask in this situation. However, if you're entering this information in correctly then you should have a solid connection until they realize you've forced a device into the network. The only thing you can do beyond that point is during that window, open a VPN connection without using a single browser request so they don't know what the device is unless they check the MAC address. Either way, this is a window that can be used, you just need to avoid identifying your device in any way prior to initiating the VPN connection. Turn off Sync when you connect.