Neighbor stealing Wi-Fi

Question

My Internet connection is slow and I am (almost) sure that the neighbor is stealing it. Whenever they are home, my Internet connection is slow. I logged in to my modem, but I am unable to find any strange devices in Device Manager. Is it possible that they are hiding on my network? I also notice that when I do a modem reset the Internet speed increases, but after a while slows down again.

Thanks for the input everyone, I am reading and writing down stuff I didn’t know about, appreciate it. I noticed my previous post lacked information so I decided to add the following:

• OS: Windows 10
• Modem: Huawei hg 659 (provided by ISP, no additional router operational)
• ISP: T-mobile home DSL

I switched off all devices at home unplugged everything and shut down all mobile devices. The WiFi and LAN lights keep on flashing and won’t stop. I still have to try the cable method. During the day I have to work from home so I can’t do anything till the weekend. I will keep monitoring for further information and advice.

Answer 1

The other answers so far are about security, but there is another factor that may well be at least part of your trouble.

A wireless network at 2.4 GHz (in Sweden where I am, using b/g/n) allows 13 channels. (My router also has an "auto" setting.) On top of that, if the router has 5 GHz Wifi there is another set of channels.

I suggest you download e.g. Wifi Analyzer or any similar app into your phone, and use it to check which channels are most used - disregarding your own router [check which channel it uses in the "WLAN settings/setup"].

Now; Avoid those channels!

Look up any channel that is among the least used, and set your router to that - or possibly "Auto" if there is one such setting; assuming it wasn't set while you've had trouble.

Note: move about in your apartment / house and check in different locations. You might discover that the signal strength is weak where your computer is - related to the router (remedy: move the router and computer closer to each other; avoid having walls between).

Possible root cause:
If your router uses the same or a neighboring channel as any other nearby router - then your throughput will be lessened by "collisions", the more intense use, the more of it.

One more thing to think of:
If you have a lot of devices running on WiFi - and many in use at the same time; this itself may become a problem. "A lot" of active users might create such an amount of traffic that you get congestion i.e. WiFi "traffic jam".

Worth mentioning:
A microwave owen uses 2450 MHz to create the heat. This is inside a Faraday cage though - shouldn't leak much, normally.
Bluetooth devices on the other hand has more potential to cause trouble - as the frequencies used in that radio are the same as for WiFi.
The ISM Bands include the same frequencies, many more device appear here. (e.g. cordless phones, wireless headphones, car keyfobs, security cameras, zigbee devices, remote control devices(?), ...)
Yet another Wikipedia article covers the technicalities, which include some details that, to some extent, also laymen could understand. The Interference section might be of interest for anybody. Detail; Wifi uses "CSMA/CA" in contrast to "CSMA/CD" for wired networks.

Answer 2

Not knowing your setup there are more possibilities than a hack:

If you are using a leased line from a telco or have a dial-in line (even with UMTS/LTE = 4G/5G) the line/cell may be shared between users. So the more users the lower the bandwidth for the single user. Some telcos are very creative to limit usage for normal users. If one ore more users on a shared connection has a premium service (like IP-TV or some other "package") or pays a special fee with bandwidth minimum this user/s get/s e.g. 9/10 of the bandwidth). So this might be the case here too.

To rule out a hack connect directly via cat5/6/7 cable to the router and switch the wifi part off for a week or two. If the problem is solved that way - either get a secure router (No firmware hacks available, no backdoors known), enable strongest possible security (not WPA as it is compromised) and use strong network passwords changing on a regular basis.

But to have a real secure line you will need cable connections to the router (what goes over the air can be hacked). In my neighbourhood from ten scanned devices 9 have known weaknesses (old firmware, outdated security features, weak password, known telco/provider admin passwords, and so on). That's why I go over cable or direct encrypted LTE/VPN dial in ;-)

Answer 3

You will need to provide a lot more information prior to getting a truly useful reply. Otherwise, only general advice can be given. Also, you will need to work on this systematically, there is no single "press here, use that tool" recipe.

First, you must be sure where the problem is. You think the neighbour "steals your Wifi", alright, so let's formulate the problem as "something Wifi", and get back to "stealing" later.

First of all test with Wifi turned off and an ethernet cable attached to the router.

Problem gone? So the problem is really within the "something Wifi" realm.
Problem persists? Not related to Wifi, stop searching there!

Next, you need to be sure that what you see is not "perfectly normal" because you are in some way using a shared-bandwidth channel (such as every back-channel cable modem because that's just a technical limitation, the majority of 4G/5G, and a good number of cheapish DSL providers).
For example, being with a cheapish DSL provider in a third world country such as Germany can imply that it is perfectly normal if your 100MBit/s link suddenly drops to 70MBit/s for no apparent reason. That's because they acquired a few extra customers in your neighbourhood, and they didn't book enough bandwidth on the fiber backbone, so they're just reducing bandwidth silently. As long as nobody complains, they leave it there. Sometimes, reconnecting and getting a different slot in the DSLAM "magically" fixes it. Whatever. Such issues are annoying, but they can be very real, and they're unrelated to your neighbour. Same for cable modems. Neighbour starts to download porn, and your bandwidth drops. That's normal. It's just how the technology works.

Now, assuming the problem is indeed gone after using an ethernet cable, what's next. First, of course, your neighbour may indeed be stealing your internet bandwidth, but you should be sure that's acutally the case before burning down his house.

There are many ways Wifi can be slowed down (regularly, accidentially, and deliberately). First, your neighbour may have his own WiFi, and all networks on the same channel influence each other. Additionally, neighbouring channels can be, and usually are affected, too (often several of them!). Depending on channel width and clever or not-so-clever channel selection, this can range anywhere from "who cares" to "total desaster", in normal operation. And, this is entirely legitimate.

Also, devices and the type of protocol that they use on the same channel, play a role. A "typical" 2.4GHz router supports 802.11 b/g/n by default, unless told otherwise. Which is actually a really stupid choice because if you have a single "b" device nearby, you're down to 11MBit/s for all devices. Then there's microwave emitters such as actual microwave ovens, or seemingly harmless microwave emitters such as e.g. cheap LED lightbulbs, or a Playstation. Neighbour comes home, turns on light, Wifi dies. That's actually possible! Depending on what exactly it is, that is not "legitimate" in most countries, but you will have to find out first.

Now, you said that you even tried to turn on WPA, which is funny because not only is WPA very outdated (even WPA2 is on its way being phased out) but it sounds like before that you didn't have any such thing as a Wifi password at all?
Now you should know that while WPA2 is subject to e.g. KRACK, which is, in layman words, a way of eavesdropping communications, it is reasonably safe against being "stolen" otherwise. The eavesdropping is not normally a problem because the internet itself is unsafe, so anywhere it matters, you use TLS anyway. Only just, accessing your router's admin panel via Wifi (telnett, likewise), and consequently entering your password for everybody nearby to read, is not such an awesome idea for that very reason. Cable, please. Ethernet cable. Only. Ever.

Apart from that, WPA2 is reasonably safe, except, well except most routers have WPS enabled by default.
What's that? It is a functionality that makes setup more comfortable (press button method). Unluckily, it is also something that is trivial to brute-force (4-digit PIN), and for which there exist tools that let anyone break into your WPS-enabled network within a minute. Every no-shit router has an option to turn WPS on only temporarily on demand, and restrict access to already known devices otherwise. Do that. Even if your neighbour isn't stealing your Wifi, still do it. Just, because.

So you change your password and an hour later you feel like someone is stealing your Wifi again? That looks just like them exploiting WPS. Turn WPS off, change password, and see what happens. Problem gone? There's your answer.

Rule out possible causes one by one that way. If disabling WPS didn't change a thing, look how many wireless network SSIDs you see advertized in your network connections pane (or in the tray). No tools needed.
If there's like two dozen of them, it's clear why internet sucks at times. If there's just you and nobody else, it's a bit suspicious. Etc. etc.

Answer 4

Go into the wireless setup section of your modem or router and change the wireless password. This is the important one. Make it a strong password with one or two special characters. Then restart your wireless and now reconnect your devices with the new wireless password.

This will stop the connection by anyone else.

Also make sure no one can log into your router, but probably no one can.

Answer 5

Another possibility not mentioned here is that no one is stealing your WiFi and no channel collisions happen. But simply cheaper router or buggy firmware that causes this.

I so far seen on different cheap-o routers:

• overheating — make sure your router (and/or any transceiver that is connected to it before it goes to the wall) is in well ventilated area and doesn’t feel hot to the touch. Overheating on embedded microcontrollers (specially RF ones) is the same as overheating of your desktop - the clock will be throttled and in RF case this causes de-sync and packet loss and thus decreased speed even if signal itself is strong
• memory leaks in firmware — nothing you can fix about that. Depending on specifics it can be either slow performance degradation or fast one with reset in the end. You can try searching for updates firmware but chances are pretty low as most manufacturers rarely fix those issues

In general - first rule out your side issues before blaming someone else.

Answer 6

First, use WPA2, not just WPA, use a good password, and you can additionally make the WiFi connection less obvious.

Second, the issue is more likely local than a free-loading neighbor.

• You can see whatever devices are logged onto your network with a free tool, such as Nirsoft's Wireless Network Watcher for Windows (you don't state your OS, which would have been useful information to provide). If any device, such as a networked video monitor or your neighbor's PC, is connected, you'll see it in the list.

• Very likely, a process on your machine, such as malware or Windows Update, is consuming bandwidth. You can view the actual network traffic using a tool such as free Glasswire. Perform a full virus scan using an additional tool (e.g. Malwarebytes free) as well as with your current anti-malware suite.

Answer 7

If you suspect your router is compromised, there are a couple things to consider.

If someone cracks your pre-shared key (WPA2-PSK), most people's response when they suspect someone has gained access to their network is to immediately log into the web GUI or telnet in to see what's going on.

This isn't a good response, as telnet sends credentials in plain text across the network, as does HTTP. The attacker may be able to sniff your administrative password and then create a remote backdoor through the Internet. If you changed your password after you suspected foul play on your network, the attacker could easily log in through a cell phone data connection to your administrative GUI and see what you changed your WPA2 password to.

The proper response.

• Unplug the power from the router.
• Remove the antennas temporarily if you can (if you can't, wrapping them in aluminum foil will dampen the signal significantly)
• Plug into the router via Ethernet.
• Factory reset the router per your device's instructions.
• after device boot, immediately log into the router.
• Change the administrative password (16 digit alpha-numerical with uppercase lowercase and special characters) avoid using words that are found in dictionaries.
• Disable WPS! (!important!)
• Change the WPA2 PSK and use AES only (no less than 16 digits and alpha-numerical with uppercase lowercase and special characters).
• Avoid using words that are found in dictionaries. Example: "L1nksTr1-F0rc3$@v3sZe|da~!"
• Disable telnet and use ssh if possible.
• Disable HTTP login and use HTTPS.
• Update the firmware on your router. (This can help with a router that will not let you disable WPS.)
• Install antennas again, or remove the aluminum foil.

That's pretty much it. The problem has become pretty serious. It used to be if you wanted to try and crack a password, you would have to setup your own distributed processing network using "pyrit" or similar hashing programs to test password hashes.

There are now websites available to crack simple to very complex passwords. You pay a couple of fractions of a bitcoin, and they use massive networks of GPU hashers to retrieve a password for you.

This has put hacking back in the realm of script kiddies, and people who would not have previously had this kind of processing power available to them. A simple Google search should find plenty like this: https://gpuhash.me/

You have been warned!

Answer 8

While you shouldn't be too quick to rule out security or other issues with your local network, it's not unheard of that internet slows down during peak hours.

This is similar to the WiFi channels getting overloaded, but it's not quite the same (and it's much harder to solve).

A few things are generally true:

• Your modem/router needs to connect to the internet through some cables, switches, etc.
• A number of these things are shared with other people.
• These things have some maximum amount of data that can pass through them at any given point in time.
• People are, on average, more likely to use the internet during certain times of the day.

Your neighbour might not be affecting you much by themselves, but rather the problem could be the combined traffic from everyone living in your building, block or city or using the same ISP.

If this combined traffic exceeds what the network can handle, things will get slow.

Your ISP may also intentionally "throttle" (slow down) your connection during peak hours to prioritise higher-paying customers or to avoid getting overwhelmed and everything getting much slower. This could be more likely if you use a large amount of data: some ISPs might throttle you during peak hours after you've used some amount of data or for certain types of traffic (like video streaming or file sharing). The latter could be the case if you notice certain things still working at lightning speed while others are extremely slow or your connection only slows down later in the month (although they may also monitor this across multiple months).

Depending on the exact nature of the problem, it could be possible to see the temporarily increased internet speed that you're seeing after resetting the modem.

If this is your problem, you could look at:

• Other packages offered by your ISP (specifically check if they mention something like throttling).
• Different ISPs (but this is likely to matter primarily if your current ISP throttles, which may not be too easy to find out).
• Different ways to connect to the internet, like fiber.
• Moving.
• Just living with it.

Answer 9

Another possibility could be that one of your devices is slowing down your network. If, for example, your router and most of your devices are using 802.11g, but one is on 802.11b, then the speed will be reduced to adapt to the speed of the slowest device.

You should check if all your devices are capable of using a standard that matches your router's highest (or close to) speed and not the slowest.

Answer 10

If you want to increase the security your WiFi connection you can enable "Wireless MAC Filtering" on your router. Once you enable it ( every single modem has his own way to set it up so google for your modem name before ) only the devices with the mac in the list will be able to connect via WiFi.

So, first retrieve the MAC address from all your device, google for how to enable the filter on your router, enter the modem admin page ( usually http://192.168.0.1/ ) and add the MAC of your devices.

Answer 11

The easiest way forward is, perhaps, to look at the status lights on your router/access-point. Unfortuantly, they tend to vary from device to device, but should include

1. Power/Self test
2. WiFi status
3. ADSL/VDSL/Cable status
4. Internet status - this may be combined with the ADSL etc status
5. Ethernet port status

The manual for your access point should be available online, and it will list what the LEDs indicate; a websearch should locate it.

The status lights should be on solidly when connected, and blinking when there is activity. The WiFi light is probably the easiest to identify - it looks like a stick with several partial circles encircling the top of it.

Start a internet speed test, and the WiFi and internet lights will blink a lot. Once it completes, turn off (or disable the WiFi) on all your devices that have WiFi - beware that TVs and SmartDevices might have an active connection when in standby.

Observe the WiFi and Internet lights again. If they remain blinking then there is an unknown device accessing your internet.

Answer 12

Provided that all devices have access to electric sockets that are on the same electrical circuit then you could use Powerline Adaptors. You don't say what the "mobile devices" are but provided that they've an alternative method of connection to the Internet then with Powerline Adaptors you could turn your wi-fi off

Answer 13

the user manual should show how to whitelist your devices. It's worth a call to your isp for help, they are often quite good.

https://support.huawei.com/enterprise/en/access-network/hg659-12-pid-19922362

• turn off ssid broadcasting.
• use long password.
• check the encryption used, WPA2-PSK is good, WPAWPA2-PSK (TKIP/AES) is better but some older devices may not be able to use it.
• use a SSID like "Error24", never use an ssid with your name or any identifying words that can be connected to yourself.

https://www.hellotech.com/blog/which-router-security-option-should-you-choose