+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 27
Wireless Networks Thread, Someone using school wifi... in Technical; Hi, we recently had a Trapeze RingMaster managed wireless system installed to our school. Every few weeks, I check my ...
  1. #1

    Join Date
    Feb 2010
    Location
    UK
    Posts
    271
    Thank Post
    177
    Thanked 4 Times in 4 Posts
    Rep Power
    9

    Someone using school wifi...

    Hi, we recently had a Trapeze RingMaster managed wireless system installed to our school.
    Every few weeks, I check my dhcp address leases on our RM CC4 server, and I keep seeing matts-iphone.local appearing.

    None of the staff have been given our wireless codes, they are strictly for the school laptops, and I am the only person who has or knows our encrypted key.
    The fact the name says iphone leads me to believe they can't be plugging in directly to the network and must be using our wireless.

    How can I monitor this. I have deleted the dhcp lease this afternoon and within 10 minutes, it was back, so clearly this is still active. I have had a good look on the RingMaster software and tried running reports with the mac address in question, but it is coming back with nothing. Maybe I am doing it wrong?
    Is there anything else I could try to try and work out how this node is connecting and from where?

    Thanks

  2. #2

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,272
    Thank Post
    613
    Thanked 1,567 Times in 1,407 Posts
    Rep Power
    412
    Rogue insecure wap somewhere that somebody has bought in?

    Ben

  3. Thanks to plexer from:

    talksr (9th May 2011)

  4. #3

    Join Date
    Feb 2010
    Location
    UK
    Posts
    271
    Thank Post
    177
    Thanked 4 Times in 4 Posts
    Rep Power
    9
    That's a good point and I have had a good check around the building to make sure there are no devices plugged in. I hadn't thought of that, I thought maybe someone had brought a laptop in and plugged it in via Ethernet but named it iphone?

    The RingMaster system is supposed to give me an alarm for rouge ap's and it has nothing listed in alarms.

  5. #4
    Hawkeyez's Avatar
    Join Date
    Jul 2005
    Posts
    269
    Thank Post
    7
    Thanked 23 Times in 20 Posts
    Rep Power
    25
    You can (depending on how well the map was done) get a rough idea where the device is in respect to the school map.
    Our map was only a bmp rather than a scaled full on diagram, so can be abit off at times.

    I'm with plexer. We had (on old wireless) a member of staff plugged in there own AP.. and students was using that to connect there PSP's etc.

  6. Thanks to Hawkeyez from:

    talksr (9th May 2011)

  7. #5
    Hawkeyez's Avatar
    Join Date
    Jul 2005
    Posts
    269
    Thank Post
    7
    Thanked 23 Times in 20 Posts
    Rep Power
    25
    Quote Originally Posted by talksr View Post
    That's a good point and I have had a good check around the building to make sure there are no devices plugged in. I hadn't thought of that, I thought maybe someone had brought a laptop in and plugged it in via Ethernet but named it iphone?

    The RingMaster system is supposed to give me an alarm for rouge ap's and it has nothing listed in alarms.
    We are always getting alarms for Rogue AP's, that when checked via "Rogue AP locator" (or whatever its called), its always in the homes that are close to the school grounds.

    We have thought about settings some of the AP's into counter-measure mode, but think its not quite needed atm.

  8. Thanks to Hawkeyez from:

    talksr (9th May 2011)

  9. #6
    accura2000's Avatar
    Join Date
    Apr 2007
    Location
    Ashford, Kent
    Posts
    176
    Thank Post
    17
    Thanked 34 Times in 23 Posts
    Rep Power
    20
    Just take the iphone mac address and get DHCP to assign it a useless ip address

  10. Thanks to accura2000 from:

    talksr (9th May 2011)

  11. #7

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,272
    Thank Post
    613
    Thanked 1,567 Times in 1,407 Posts
    Rep Power
    412
    If you are running 2003 on your dhcp server you can install the mac filter callout dll to deny based on mac address or if you are using 2008 it is allready built in to dhcp.

    Ben

  12. Thanks to plexer from:

    talksr (9th May 2011)

  13. #8

    Join Date
    Feb 2010
    Location
    UK
    Posts
    271
    Thank Post
    177
    Thanked 4 Times in 4 Posts
    Rep Power
    9
    How can I do that, I wasn't aware you could do it. Could I make a reservation and give a duff address?

  14. #9
    accura2000's Avatar
    Join Date
    Apr 2007
    Location
    Ashford, Kent
    Posts
    176
    Thank Post
    17
    Thanked 34 Times in 23 Posts
    Rep Power
    20
    Quote Originally Posted by talksr View Post
    How can I do that, I wasn't aware you could do it. Could I make a reservation and give a duff address?
    Exactly... Dead easy and will proper annoy them lol

    Opps, i forgot, i have a dead ip range setup on my network assigned to dodgy mac addresses....
    Last edited by accura2000; 6th May 2011 at 02:54 PM.

  15. Thanks to accura2000 from:

    talksr (9th May 2011)

  16. #10

    Join Date
    Feb 2010
    Location
    UK
    Posts
    271
    Thank Post
    177
    Thanked 4 Times in 4 Posts
    Rep Power
    9
    Very clever! I have just created one now. I gave them an IP of 169.254.0.1 that should put a stop to them using our network however they are! In the mean time, I will investigate further!

    Thanks again.

  17. #11
    ricki's Avatar
    Join Date
    Jul 2005
    Location
    uk
    Posts
    1,475
    Thank Post
    20
    Thanked 164 Times in 157 Posts
    Rep Power
    52
    HI

    You could put a reservation in dhcp with the mac address of the item with a silly ip and that will annoy them. Or you could put netstumbler on a laptop to find the access point. Or find the access point in dhcp put a silly reservation in for that.

    Just an idea.

    Richard

  18. Thanks to ricki from:

    talksr (9th May 2011)

  19. #12
    ricki's Avatar
    Join Date
    Jul 2005
    Location
    uk
    Posts
    1,475
    Thank Post
    20
    Thanked 164 Times in 157 Posts
    Rep Power
    52
    Sorry Had a thought dont forget to report it to SLT and get it added to the Acceptable Use Policy.

    Richard

  20. Thanks to ricki from:

    talksr (9th May 2011)

  21. #13

    nephilim's Avatar
    Join Date
    Nov 2008
    Location
    Dunstable
    Posts
    11,668
    Thank Post
    1,614
    Thanked 1,867 Times in 1,385 Posts
    Blog Entries
    2
    Rep Power
    400
    I would give them the IP address is 127.0.0.1...lol

  22. #14

    AngryTechnician's Avatar
    Join Date
    Oct 2008
    Posts
    3,730
    Thank Post
    698
    Thanked 1,210 Times in 761 Posts
    Rep Power
    394
    Quote Originally Posted by talksr View Post
    None of the staff have been given our wireless codes, they are strictly for the school laptops, and I am the only person who has or knows our encrypted key.
    Could someone have extracted it from the laptops? There are plenty of tools out there to do this, though I think you need admin rights most of the time. (Possibly not with XP).

  23. #15


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,619
    Thank Post
    275
    Thanked 777 Times in 604 Posts
    Rep Power
    223
    How are you determining they're "using" the Wifi?

    A dhcp lease for an unknown device simply means your wireless controller / AP has handed out a lease (or proxied a lease from your dhcp server) as part of the handshake authentication process. That's normal - it doesn't mean they have access.

    Assuming your wireless is secured properly and you're using decent passwords, I wouldn't worry too much. If the kid's persistently messing about, find which matthew owns an iPhone and if he's messing about with it mid-lesson it'll get confiscated.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Android: accessing vid/pcitures via wifi school lan
    By SimpleSi in forum Netbooks, PDA and Phones
    Replies: 14
    Last Post: 6th July 2010, 11:05 AM
  2. WIFI Access
    By napsburypark in forum How do you do....it?
    Replies: 5
    Last Post: 30th June 2010, 07:13 PM
  3. [Pics] Dangers of Wifi!
    By elsiegee40 in forum Jokes/Interweb Things
    Replies: 9
    Last Post: 23rd March 2010, 01:26 PM
  4. WIFI AP
    By FN-GM in forum Wireless Networks
    Replies: 8
    Last Post: 13th March 2009, 01:59 PM
  5. Outdoor WiFi
    By indie in forum Wireless Networks
    Replies: 9
    Last Post: 14th November 2005, 11:11 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •