How can you trace a laptop that accessed an i

April 26, 2010 at 08:27:29
Specs: Windows 7
Is it possible to track/trace down who accessed an insecure wi-fi connection using their computer or laptop? Say the MAC address of the wireless adaptor is spoofed, and the "Computer name" is not identifiable, is there any other way of tracking down someone who used an insecure wi-fi connection?

See More: How can you trace a laptop that accessed an i

Report •

#1
April 26, 2010 at 09:38:47
Are you looking for people who are using your WiFi that are not a member of your MAC filtering list or are you looking to see what WiFis your laptops have accessed to see if one was unsecure?

Either way you can use auditing to do this. You can turn on auditing in your WAP to list connections and times of connection and match it with the connection times of the device that matches the MAC.

This can be tedious and may require some batch scripting so they have made utilities that do this for you...

http://www.wirelessnetworktools.com/


Report •

#2
April 26, 2010 at 19:20:07
No, I want to know how it's possible to trace a laptop that accessed another person's unsecured / secured wi-fi connection but had their mac address spoofed and computer name unidentifiable. There must be a way, right?

Report •

#3
April 27, 2010 at 12:32:56
bump....anyone?


Report •

Related Solutions

#4
April 27, 2010 at 12:58:17
Think about it.
question: How do you do a trace?
answer: you need a active connection
question: Without an live connection how would you trace the unit?
answer: you would not. Or you would have to have sophisicated logging in place.

BTW computer name is useless. if mac address spoofed you don't even have that to go on.


Report •

#5
April 27, 2010 at 16:24:39
Not after the fact. Like said above you can catch this with some kind of packet grabber or sniffer running at the time the user is connected but not after the dead was done. The other problem is if the MAC was spoofed then it would mean the headers of the packets where modified to display the MAC the black hat wanted to display not the his real MAC. If you had access to the laptop that was being used you and you had Auditing turned on like I said above then you could go through the audit logs. Otherwise I don't think you can do what you want.

The problem is your posts are not very detailed can you just tell us what it is you are trying to do like catch an employee surfing porn with company equipment or what? Don't be cryptic, cut to the chase.


Report •

#6
April 27, 2010 at 18:59:11
"Don't be cryptic, cut to the chase"

I LIKE that and wish we could see more of it around here :-)


Report •

Ask Question