Results 1 to 8 of 8

Thread: Viewing users on router

  1. #1
    Junior Member
    Join Date
    Aug 2004

    Viewing users on router

    How do I view all connections on a linksys wireless router. I belive from slow downloads and odd things that someone is using my connection.


  2. #2
    Trumpet-Eared Gentoo Freak
    Join Date
    Jan 2003
    Browse to http://ip.of.your.router, and look in its incoming- or outgoing-logs and its dhcp-logs.
    You also could install a box with and IDS ( aka snort ) in front of it temporary. That way you'd see everything.

    A good sniffer like ethereal in promiscuous mode can tell you also alot tho, before installing and ids.

    Come and check out our wargame-site @ http://www.rootcontest.org
    We chat @ irc.smdc-network.org #lobby

  3. #3
    The Iceman Cometh
    Join Date
    Aug 2001
    Assuming you haven't changed anything on your router...

    Use IE to go to
    Type in your password (if you don't know it, check the manual for the default password)

    I haven't worked on the newer ones, but on the older Linksys routers, all you had to do was go to the DHCP table. If someone's using it that shouldn't be, their MAC address will show up next to the IP address they're using. If you're concerned that someone's using it, set up some security measures (MAC address filtering, WEP or WPA, turn off SSID broadcasting (so people can't find the router unless they know the name, etc.). Just some basics. The manual can talk you through all of these. If it didn't come with a printed manual, it's probably on the CD that came with the router. Otherwise, just pull it off the Linksys website.


  4. #4
    Join Date
    Nov 2003
    San Diego
    Here's a tutorial by Keezel on securing your wireless network:
    And a little more indepth read from MS posted by TH13:
    When death sleeps it dreams of you...

  5. #5
    Join Date
    Apr 2003
    I presume you have some kind of manual that came with the router, If so that will more than likely tell you how to do it.

  6. #6
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Since the probability is high on a wireless router that it is wireless connected computers causing a slowdown rather than wired it's really rather easy on a Linksys to see what is connected by wireless.

    Open browser or the IP of the router if you changed it
    Enter the password, (default is 1234 or admin, I forget which), change it if it is the default!!!
    Go Advanced - Wireless - Active MAC table...... Whoa... a Pop-up with a list of all the active MAC addresses connected to your WAP.
    Note them all down.
    Minimize browser.
    Start - Run - type cmd <ENTER>
    Type ipconfig /all <ENTER>
    Find the Adapter that matches one on the list you made a note of, Check off the address on the list
    Do this with all other wireless connected computers you have
    Maximize browser close Active MAC pop-up
    Select Edit MAC Filter Setting
    A pop-up appears with spaces to add MAC addresses
    Add each checked MAC address on your list and click APPLY (Do not check the boxes next to the MAC addresses - it will block them)
    Close Pop-up
    Select the ENABLE button above the Active MAC Table button and select APPLY at the bottom of the page
    test your internet connection.

    Assuming it works right they need to go and get a new wireless card now or seriously mess with you.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  7. #7
    Senior Member
    Join Date
    Jul 2003
    Well that does half the job. Without much hassle somebody would just throw in their wireless card in promisc mode, sniff around who's connecting to your AP [a simple combination of AirSnort and Ethereal] and then when one of the computers isn't on spoof their own MAC to act as one of your computers. So I think you'd be better enabling encryption too, to add another deterrent to a possible unauthorized connection.

    It is likely though that somebody running Windows XP didn't check off the box about auto-connection, so their computer hooks to your network... it's you hacking them, really Well, your AP.

    Now I think to really get a bleeding secure [not perfect, mind you] AP you'd be setting up a box to act as the AP/router. With a good flavour of Linux and the appropriate iptables ruleset things would really get challenging for the possible intruder. But for now Tiger's suggestion is more then enough, if you see in your logs other connections make sure you take further steps in securing the network.

  8. #8
    Join Date
    Jul 2004
    IMHO mac filtering by itself will not provide a suffient form of security on the network. It would probly work better with the addition of a strong WEP key. Granted even WEP can be hacked, an average home network is not going to generate enough week packets in a matter of a week or two to crack the WEP key. Most of the time when a wardriver encounters a link that has wep enabled they'll just continue driving down the block to find an open access point.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts