I live in an apartment and some new guys have apparently moved into one of the apartments. They have been shamelessly hacking into my WiFi.
Mine was initially a WEP encrypted network and out of laziness I just limited and reserved the IPS on my router for the people in my house.
Yesterday I had to free up an IP for a guest in my house but before he could join the network these guys connected in.
I have changed my encryption to WPA2 and hope they dont have the hardware/patience required to hack into it, but there are many wi-fi networks in my apartment most of which are secured using WEP. I don't really want to call the police on them. Is there any way to deter them from misusing other people's wi-fi ?

I have gone through I think someone else has access to my wireless network. What next? but I have already taken the steps mentioned there.

    If you're really concerned I'd whitelist MAC addresses too. Yes, they can be spoofed, but it's an extra layer of hassle that someone has to go through and might be enough to put them off.
    – ChrisF
    Commented Mar 28, 2012 at 12:37
    The only way to break WPA2+AES is by trying every combination possible. This is of course only true if you disable WPS.
    – Ramhound
    Commented Mar 28, 2012 at 14:13
    A counterpoint to all the people complaining about "freeloaders": Why We Need An Open Wireless Movement
    – endolith
    Commented Mar 28, 2012 at 15:10
    @endolith really? What about people with data caps, or who pay by the MB, or are trying to download large ISOs and their bandwidth is crowded by people watching porn on borrowed WiFi instead of paying for their own?
    It might not literally be theft, but that's essentially what it is if you break into my WEP network to gain access to the line I paid for. You are taking away some of my speed, some of my bandwidth and you are potentially exposing me to criminal charges if you misuse the network. Saying it is not theft is completely ridiculous.
    – gparent
    Commented Mar 28, 2012 at 15:57

One cool thing that I did back in the day was created a separate router off of my normal network. I created a VLAN with the router and had the router plugged into a separate machine.

The separate machine had two NICs, one for the router and the other to my normal network. I made the separate machine act as a gateway for the router. Any and all traffic from the "guest" router would be sent through the gateway machine.

I then tweaked the wifi experience for my "guests":

  • I throttled the bandwidth down to dial up speeds. Anyone who used the guest access point would pull their hairs out.
  • I did allow JPG/PNG/TIFF/BMP files to download at full speeds. Unfortunately for the end user, I made them all blurry and upside down.
  • Certain sites like Facebook, MySpace, random torrent sites (based on key words), and any site flagged as pornography, would automatically redirect them to a Rick Roll Video.

It was more of an educational project to see how I would handle manipulating traffic going through a gateway. Ended up retiring the project since I didn't wan't to upset the neighbors too much.

To directly answer your question about instilling the fear of God into WiFi leechers: Another option, never did this but shouldn't be too hard, is to on any page that the users visit while on your guest network, have a floating div, following their mouse within the browser saying "Jesus is watching you...".


A quick search, I found a tutorial on how to accomplish some of these items. Mess with your neighbors enter image description here

    +1 Like the floating div idea ,as i already have the persons PC name I know his name . I think i will tweak it to XYZ I am watching you ...
    – Shekhar
    Commented Mar 28, 2012 at 15:13
  that tweaking of pics won't work over a encrypted conneciton though
    Obligatory reference xkcd of course. @Shakehar this might give you other ideas.
    – Zenon
    Commented Mar 28, 2012 at 16:07
  --- xkcd ftw ---
    – kobaltz
    Commented Mar 28, 2012 at 16:09
  how very XKCD of you
    – Sam Axe
    Commented Mar 28, 2012 at 16:14

While stealing bandwidth can cost the bill payer (in high usage fees etc.), I wouldn't expect it to be treated as a serious crime in all places. NOTE in places where the act of breaking in to the network (assuming it's got some security) then you could get a prosecution on that basis, but as securing a conviction could be time consuming and expensive - especially if the access point is either unsecured or only lightly secured, there's no direct action you can really take.

I think that the only thing that would be reasonable for you to do is to talk to your other neighbours individually and privately to explain the problem to them and possibly offer to help them secure their networks too. In fact you should informing them of the problem so that they are aware of the potential issues (possibly higher bills, legal issues if the freeloader downloads something illegal, etc.).

Obviously if you do offer assistance and they accept, this will mean that they'll come back to you with all their IT support questions in the future, but that's really your call.

    I already run an IT support for my extended family , I don't think I can take the load of helping my neighbors too , but I guess I can talk to them or maybe just post an anonymous not explaining the situation
    – Shekhar
    Commented Mar 28, 2012 at 12:51
  Depending on the ISP, they may cap bandwidth per month. Penalties vary, usually just costing extra money if you go over. In these cases, theft of bandwidth really can be taking money out of someone's wallet.
    – Izkata
    Commented Mar 28, 2012 at 14:01
    It's very much illegal in most jurisdictions, but yeah, actually getting anything to come of it would be a problem.
    – Shinrai
    Commented Mar 28, 2012 at 14:46
    "Unauthorized access of a computer network" is illegal in most places, and people are arrested and fined for it. Hacking WEP or WPA is clearly unauthorized access and therefore illegal. Accessing an open network is clearly authorized and therefore legal. Your computer asks permission to join the network, and the network grants you permission. en.wikipedia.org/wiki/Legality_of_piggybacking
    – endolith
    Commented Mar 28, 2012 at 15:07
  • 1
    Chris, at least in the US, it doesn't matter what they freeloaders do. The point is that they are accessing a computer network they are not authorized to access. Breaking the encryption and just connecting to the AP would be enough to violate the law.
    – Andy
    Commented Mar 28, 2012 at 15:59

Here's something similar to what kobaltz described, with more technical details on how do achieve it : http://www.ex-parrot.com/~pete/upside-down-ternet.html (a bit dated).


If you set up WPA encryption and MAC address filtering, I'd say you've done most of what's reasonable. If your router supports WPS (Wi-Fi Protected Setup), make sure to disable it, as well, due to its glaring security flaws.

I ran into the same situation when at school, but instead of hacking WEP, they guessed my passphrase and changed the ssid of my network (setting it to "changeyourpassword" or something).

If you're still fuming over it, I'd say instead of perpetuating the cycle of ill will, channel that hate into something more constructive. Look into further ways of hardening your network, or perhaps redirect that energy into a constructive project of some sort until you've forgotten about it or have gotten past the incident and don't care about it anymore.

    MAC filtering is useless. Lets not forget that every router that exists today is vulerable to WPS exploit unless its been patched to disable it. Based on the specs for WPS there is no solution to the massive design flaw.
    – Ramhound
    Commented Mar 28, 2012 at 14:15
    @Ramhound The point is that it is another tool to use in conjunction with WPA encryption. Correct, it cannot stand on its own, because you can easily spoof MAC addresses. However, it forces the offender to spend that much more effort to find a valid one and then spoof it. Unless they have significant desire to get into your network (like if you were the CIA) then at a certain point it has become prohibitively hard. Prohibitively hard is not the same as impossible, and is not meant to be. But for home users, it's good enough.
  @Ramhound Also, I did not mention WPS at all. I'll add mention to disable it.
    @sidran32: You don't have to outrun the bear, you just have to outrun the other guy being chased by him.
    – endolith
    Commented Mar 28, 2012 at 15:13
    @endolith Precisely. With the proliferation of WiFi networks, if yours is hardest to crack, compared to the others, you'll be safest.

If you are already using WPA2 with MAC address filtering and they still get in then you could consider the following ideas.

Use a REALLY long random password which will take forever to crack and change it frequently.


Although I could never legally reccomend this (lets call this a theory), a way to more than likely permanently "scare them off" would be to capture all of their traffic and note all of their credentials. Then confront them with "non-public information about themselves" off of one of their social media sites, etc. If that's not enough, they could "re-unite with their Ex publically which could stir some things up with the current partner" however this might open you up to legal action against you so again I can not advise it, I would only call it a "theoritical application".


Email them (get their email address(es) by sniffing their traffic) that you are monitoring your network and that you have all LOGS that they are connecting without permission and that you will be suing them for the use of your bandwidth and report them directly to any organizations if they are breaking any laws (illegally downloading movies, music, etc. since your Internet provider will hold YOU responsible for what's done on your network). I would look up small claims court in your state and see what the maximum damages are allowed and file suit. Also if you can get video with audio or even just audio recordings of the neighbor telling you off while admitting guilt that they are digitally tresspassing and stealing you may be able to use that in court depending on your state without getting permission from them to record everything. If you can use the recordings, I don't know a judge who wouldn't rule in your favor regardless of how computarded they might be since the neighbor admitted guilt in a recording.

Good luck.

  +1 Drastic, but it should work.

You can always run WireShark and do a little "hacking" yourself. For the Novice user, you should be able to pinpoint the IP address the free loaders are using, maybe look into a site or two they happen to be browsing and leave a sticky note on their front door of some of the more embarasing sites. This lets them know that you know, but gets your point across.

  a) I'd be very wary about letting the freeloaders know you know they are hacking the WiFi. b) the OP has already stopped them hacking his system - he'd either have to open it up again or run WireShark on his other neighbours systems.
    – ChrisF
    Commented Mar 28, 2012 at 12:46
  well, this is assuming the OP gets hacked again. Then, it would be on the OP's wire. I most certainly am not advocating that the OP should hack the hacker's network.
    Not really: if they are breaking into his network, it is his traffic he is monitoring, not theirs.
    – horatio
    Commented Mar 28, 2012 at 14:16
    "pinpoint the IP address the free loaders are using" Wouldn't that be your own IP address? o_O
    – endolith
    Commented Mar 28, 2012 at 15:14
    @endolith They would have the same external IP, but internally everybody else connecting the wireless router would have their own internal IP. Wireshark monitors the network from the perspective of the user which is assumed to be internally to the wireless router.

