Why Am I Seeing Other Networks on My Computer?

[Amie]

I have an iBook with AirPort Extreme. Sometimes, when I'm at a Hotspot and I click on my AirPort icon, in addition to my wireless network, I see other networks listed as well in the dropdown menu. What does this mean exactly? I'm assuming that it just means nothing more than I'm in the same range as other wireless users and because we're picking up the same signal, their networks are appearing on my computer, and my network is appearing on their computer. Is this correct, or am I way off?

Does this present any type of security issues that I should be concerned about?

 

[symphonix]

I'm assuming that it just means nothing more than I'm in the same range as other wireless users and because we're picking up the same signal, their networks are appearing on my computer, and my network is appearing on their computer.

Not exactly. The network you see in the drop down are basically all wireless networks available to you in your location. You might not actually be able to use these though, as they may require an account and password. A wireless access point can choose to "announce" its presence and any computers in the area with wireless capability will be able to "see" it.

If you choose one of these networks in the drop down, you'll be connecting to that access point. If the access-point is secure, it will ask you for some sort of password. If its not secure, you can use it, though its bad manners to use someone else's access point without permission, as you'll be using their bandwidth at their expense.

I've occassionally seen Access Points appear in the list with names like "Bring beer to unit 5 for password" which make it pretty clear what you have to do if you want to use the AP.

It appears that if your network is in the list, then it is "announcing" itself. So other people will be able to see it. If you give someone in your area the password for it, they can connect too.

 

[Gnomo]

That is correct. You are seeing the list of networks that are in-range.

If you are not using wireless encryption (i.e. WEP) or MAC address filtering on your network, this could be cause for some concern as unauthorized users could access your network.

To help prevent this, you can do any of the following:
1. Create a 'closed' network by disabling the broadcast of your network ID (SSID). This means that users have to know the name of your network to join. This is the lowest form of security --- out of site, out of mind. It may be be possible to determine your network name by listening for your traffic.

2. Enable MAC address filtering. Only the physical devices that you specify can talk to your network. This is the second layer of security, because anyone can still listen.

3. Enable WEP or WPA encryption. This is the third layer of security. Users need to have the key to decrypt the traffic, so listening is much more difficult.

Encryption can be broken if given enough time, but typically this is the best you can do for wireless (unless you put signal dampening materials around your home). If you honestly think you need more security than encryption can provide, get a wired connection.

 

[Amie]

Not exactly. The network you see in the drop down are basically all wireless networks available to you in your location. You might not actually be able to use these though, as they may require an account and password. A wireless access point can choose to "announce" its presence and any computers in the area with wireless capability will be able to "see" it.

If you choose one of these networks in the drop down, you'll be connecting to that access point. If the access-point is secure, it will ask you for some sort of password. If its not secure, you can use it, though its bad manners to use someone else's access point without permission, as you'll be using their bandwidth at their expense.

I've occassionally seen Access Points appear in the list with names like "Bring beer to unit 5 for password" which make it pretty clear what you have to do if you want to use the AP.

It appears that if your network is in the list, then it is "announcing" itself. So other people will be able to see it. If you give someone in your area the password for it, they can connect too.

"Bring Beer to Unit 5"?!?!?! That's frickin' hilarious! LOL Are you serious? People actually do that? Too funny!

Anyway, thank you for answering my questions. So, I guess I need not worry about security issues because even though my network may be showing on their dropdown menu, they would need a user name and password to access it, which I'm not giving out ... unless they bring beer, that is.

 

[Amie]

That is correct. You are seeing the list of networks that are in-range.

If you are not using wireless encryption (i.e. WEP) or MAC address filtering on your network, this could be cause for some concern as unauthorized users could access your network.

To help prevent this, you can do any of the following:
1. Create a 'closed' network by disabling the broadcast of your network ID (SSID). This means that users have to know the name of your network to join. This is the lowest form of security --- out of site, out of mind. It may be be possible to determine your network name by listening for your traffic.

2. Enable MAC address filtering. Only the physical devices that you specify can talk to your network. This is the second layer of security, because anyone can still listen.

3. Enable WEP or WPA encryption. This is the third layer of security. Users need to have the key to decrypt the traffic, so listening is much more difficult.

Encryption can be broken if given enough time, but typically this is the best you can do for wireless (unless you put signal dampening materials around your home). If you honestly think you need more security than encryption can provide, get a wired connection.

Thank you for your reply. I understand what you're saying, but I don't think I need to do all that because in order for them to access my wireless ISP they would need to sign in with a user name and password, and since they are not a paying member to that ISP, they would not have a user name and password. Right?...

 

[lurk]

Nope, if the network is open they can use your network and bandwidth just fine. They can't read your mail any better than anyone else but the can get to the net just fine.

 

[ksv]

Nope, if the network is open they can use your network and bandwidth just fine. They can't read your mail any better than anyone else but the can get to the net just fine.

Actually, when access is gained to an access point, a user with malicious intents can monitor any unencrypted traffic on that AP including email and web.

 

[Amie]

Nope, if the network is open they can use your network and bandwidth just fine. They can't read your mail any better than anyone else but the can get to the net just fine.

Sure, they can *get* to the network, as in ... get to T-Mobile's sign-in page. But they can't *do* anything with it because they don't have a user name and password. Therefore, if they can't sign in, they can't do anything on the Internet. Unless they're paying T-Mobile members.

 

[elander]

Sure, they can *get* to the network, as in ... get to T-Mobile's sign-in page. But they can't *do* anything with it because they don't have a user name and password. Therefore, if they can't sign in, they can't do anything on the Internet. Unless they're paying T-Mobile members.

Well, if the traffic is unencrypted, they can also listen to it, read any email you're reading or sending, watch the same web pages you're watching and so on. If you enter your credit card information on an unencrypted web page, anyone listening in will get that too. I'd be careful about that...

 

[ksv]

Well, if the traffic is unencrypted, they can also listen to it, read any email you're reading or sending, watch the same web pages you're watching and so on. If you enter your credit card information on an unencrypted web page, anyone listening in will get that too. I'd be careful about that...

Yes; the t-mobile login page only blocks the given computer from using the internet, it'd still have access to the local network and be able to monitor any traffic between the local network and the internet.
Thus, if the t-mobile login page is unencrypted (id est, doesn't have a https:// URL), it's simple for anyone with the proper software or knowledge to pick up the login and password also.

 

[lurk]

Sure, they can *get* to the network, as in ... get to T-Mobile's sign-in page. But they can't *do* anything with it because they don't have a user name and password. Therefore, if they can't sign in, they can't do anything on the Internet. Unless they're paying T-Mobile members.

Oh, so you don't have a network at all in this situation. You are joining tmobile's network at a Starbuck's or some such thing. In your original message you has said that "in addition to my wireless network, I see other networks listed as well in the dropdown menu" so I thought you had your own network you were concerned about.

Oh well... never mind.

//RosannaRosannaDanna: What is wrong with violins in movies?

 

[Amie]

Well, if the traffic is unencrypted, they can also listen to it, read any email you're reading or sending, watch the same web pages you're watching and so on. If you enter your credit card information on an unencrypted web page, anyone listening in will get that too. I'd be careful about that...

1. I'm not worried about that because a.) the Web pages I visit are not exceptionally exciting (except this one, of course!), and b.) I don't give my credit card number out online at all.

2. How can I find out if the information/traffic is encrypted or unencrypted? You mean simply by looking for that little pad lock on the corner of the Web page or the "https" ... or are you referring to something else?

 

[Amie]

Yes; the t-mobile login page only blocks the given computer from using the internet, it'd still have access to the local network and be able to monitor any traffic between the local network and the internet.
Thus, if the t-mobile login page is unencrypted (id est, doesn't have a https:// URL), it's simple for anyone with the proper software or knowledge to pick up the login and password also.

Great! Then I have nothing to worry about--because the T-Mobile login page is definitely encrypted with a pad lock and "https."

 

[Amie]

Oh, so you don't have a network at all in this situation. You are joining tmobile's network at a Starbuck's or some such thing. In your original message you has said that "in addition to my wireless network, I see other networks listed as well in the dropdown menu" so I thought you had your own network you were concerned about.

Oh well... never mind.

//RosannaRosannaDanna: What is wrong with violins in movies?

I *am* joining a network: T-Mobile. And, yes, in addition to my network (T-Mobile), I see other networks as well (networks that I'm not familiar with).

 

[elander]

1. I'm not worried about that because a.) the Web pages I visit are not exceptionally exciting (except this one, of course!), and b.) I don't give my credit card number out online at all.

2. How can I find out if the information/traffic is encrypted or unencrypted? You mean simply by looking for that little pad lock on the corner of the Web page or the "https" ... or are you referring to something else?

Well, the first is good for now, but one day you'll find something you want to buy, and just can't resist...

As for the second, no, the padlock only refers to the fact that that particular web page was delivered as an encrypted page. It doesn't say anything about the networks security.

I checked on T-Mobiles site though, and they do use WPA, which is the strongest encryption available for this type of networks (at least to us mere mortals). You have nothing to worry about. Except that guy over in the corner, he looks a bit creepy...

 

[Amie]

Well, the first is good for now, but one day you'll find something you want to buy, and just can't resist...

As for the second, no, the padlock only refers to the fact that that particular web page was delivered as an encrypted page. It doesn't say anything about the networks security.

I checked on T-Mobiles site though, and they do use WPA, which is the strongest encryption available for this type of networks (at least to us mere mortals). You have nothing to worry about. Except that guy over in the corner, he looks a bit creepy...

*looks around paranoid*

What guy? Where? LOL

Seriously though, it's a good idea to watch for people like that in public Hotspot locations. You just never know. Which is why I make a habit of sitting in the corner with my back to the wall. Paranoid? Maybe a little. But with good reason!

 

[ksv]

As for the second, no, the padlock only refers to the fact that that particular web page was delivered as an encrypted page. It doesn't say anything about the networks security.

True, but if the padlock is there, the information is secure and can't be picked up. Well, it actually can, but the hacker would have to crack a 1024-2048 bit RSA key, which just isn't a feasible effort.

 

[Amie]

True, but if the padlock is there, the information is secure and can't be picked up. Well, it actually can, but the hacker would have to crack a 1024-2048 bit RSA key, which just isn't a feasible effort.

Hmmm. I think I'm going to keep an eye on you.

 

[elander]

True, but if the padlock is there, the information is secure and can't be picked up. Well, it actually can, but the hacker would have to crack a 1024-2048 bit RSA key, which just isn't a feasible effort.

This is only true regarding the information that you received from, and send in through a form on that page. Nothing else. If you're using your mail application simultaneously, the email isn't encrypted just because you have a web page with a padlock on it open.

However, as I stated earlier, T-Mobile is using secured networks at their hotspots (WPA).

 

[Amie]

Yay! T-Mobile Hotspot ROCKS.