A couple of months back I had some trouble with my WLAN router. Its little yellow traffic light was blinking continuously, and the router periodically stopped responding to wireless connection attempts from my computers. After some digging I quickly found out that my ISP was routing a lot of bad, crappy and seemingly wrong data to my router. Anyway, even with all this bad data, I couldn’t see why my router should stop responding… OK, it was ’a lot’ of bad inbound data - at some point it was about 2 gigabytes an hour.

To determine the reason I turned of a lot of security features, like MAC access control, WEP, firewall, SPI and what not. To my surprise it somewhat worked. The DDOS attack from my ISP continued, but the router became more responsive and stable. After a couple of days, knowing that my network was now open and visible to nearby wannabe hackers, I started monitoring the client connection log. Not surprised, one of my neighbours was connected. I was annoyed - and he was immediately disconnected. Realizing that I apparently couldn’t trust anyone I re-enabled the security features, but again the router became unstable and unresponsive, and the security was once again disabled.

I didn’t take long before my neighbour was back online. I’m sure he was peeking into my private life, sniffing for passwords and personal information - at least that was what I was doing to him - or maybe he was just stealing bandwidth. I don’t know. Anyway, it couldn’t continue and I had to come up with something that allowed me to keep my firewall open while still not being bugged by this ill-fated person.

The solution was, if not clever, at least efficient. I turned on MAC access control, and included my neighbour MAC in the list. Then I gave him a personal IP from the DHCP server, disabled any outbound data from his connection, and then, the best part, I configured my firewall to route any (inbound) DDOS attacks to his IP address.

I hope on his behalf that he had good firewall protection - anyway, it was just a matter of minutes before he decided to leave my WLAN alone.

This entry was posted on Tuesday, July 10th, 2007 at 2:00 am and is filed under Misc. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.