Local FBI officer cyber crimes division i would believe. This is (if accurate) a very serious crime and should be addressed promptly

I'm not sure what they mean by "stealing their IP addresses". If they are on their network, using their internet, they would of course be using their IP's.

How do they get their internet service? DSL, T1, Cable, etc. The internet should come in via something like that, to a modem of some sort. Out of that it will go to a router or switch, and distribute to their computers over their internal network.

If the network is all hardwire (no WiFi), then someone has to plug in to use their internet. It has to be a physical, wired connection. If the equipment is outside of their lease space, in a closet, this is possible.

If they are using WiFi, than someone within range might be connecting. Depending on the signal, this may be someone in the building, sitting in a car, or in a neighboring building.

There are network scanning utilities, that will tell you who is on your network, but you will need to know who should be on it to be effective.

The way to combat this is several fold.

Use fixed IP addresses instead of DHCP. This may not be possible (by that I mean realistic, or convenient). But DHCP hands out an address when a computer gets on the network. If DHCP is off, I have to setup my computer with a specific range of addresses to use the network.

Use a non standard IP range, subnet and gateway. 192.168.0.xxx is the default ip range, 255.255.255.0 is the default subnet, and 192.168.0.1 is the default gateway for most network products. Change it!

Use WEP or WPA encryption for WiFi.

Use a firewall!!

These are things a computer network tech can set up in a few hours. Actually, someone halfway smart with "Networking for Dummies" could do it, but that's not the best thing to recommend to a business.

There are also things like VPN, which might not be secure. But the only reason someone would use that is to steal your information or if going back out to the internet, to make it look like you went somewhere you didn't.

It depends what they're doing. The FBI isn't going to want to be bothered with some kid playing World of Warcraft on his wireless laptop over your network. Now if there is something serious going on, like the guy is hacking places from the tenants internet, or spamming, or child ****. That's different. But we don't know that yet.

Someone stealing the use of your internet connection is wrong, but you have to be proactive as well, before you make a federal case out of it.

Thanks for the responses. I know it's serious, just not how to help them. I will refer them to the cyber crimes division and take some of your questions to her on Monday to try to clarify it.

Officerchick, normally there is a systems security officer/manager who manages things like that. If there is that much mischief going on that has been brought to your attention, you can bet the last donut in the dozen there is more going on than that. Malware and such immediately comes to mind.
Whoever is in charge of that operation should make this known in a discreet manner to the computer crimes unit of the local police department.
As we did before, we can go back channel.
Enjoy the day,
Bill

BTW, WEP and/or WPA encryption comes with most or all routers. It's not something they will have to purchase. (It's for WiFi, not hardwire).

ZoneAlarm makes an excellent firewall. I have used the free version on all of my computers for 10 years now.

I don't recommend using Windows firewall, which comes with Windows. Turn it off and use something better.

My assumption was that there is no IT department or security officer. I figured this was a small office or something.

Last year I had my computer taken over by a nasty little Mal-ware program called VirtuMonde.c that embedded itself in my windows 32 directory. It would attach itself and take control of my computer. When I was running as slow as it could get I checked my Windows Task Manager and under users was Harry Potter. As fast as I deleted him as a user he would reappear. Yes it was my IP that was sending tons of spam E-Mail. Not many anti Virus programs could fix this. It would not allow me to try any. Before anyone of them was able to start the VirtuMonde.c would close it out. After researching on my other computer I was able to find a DOS program that could over ride and remove the VirtuMonde.c in DOS and I was able to take back control. Long story to say your friends computer sounds like the same deal going on.

Typical user stating things like, "THey're stealing my IPs!" THey have no idea what an IP is, only that someone is stealing from them!

1. If you hook a wireless router up and don't turn the wireless off, secure it, or otherwise make it restricted - you are going to have a very hard time proving in civil or criminal court that someone is "hacking" you.

This is the equivalent to not only throwing your doors open, but putting a "free internet" sign outside your doors so that others can see. (The unsecure router broadcasts to anyone within radio range...)

2. No one is "stealing IPs." Because if someone there was technically adept enough to own actual IP blocks, they would be adept enough to have a secure network.

3. Wireless Routers are the devil in corporate environments. Firewalls and stuff keep your computers safe from the WAN (internet), but anyone connecting through the wireless router is now part of the local network.

4. The FBI is not going to care about this unless a violation of federal law has occurred. Generally speaking, you need a violation of the law related to interstate commerce (the internet meets this, but local networks don't), or something like child **** or copyright infringement.

5. The local police probably won't care unless there is a crime against property. If someone is physically taking an ethernet cable and plugging into a network jack, that might be a criminal offense. This depends on how the connection takes place (Are they physically trespassing? Might be burglary then,) if the system actually advises persons who connect to it that it is a closed system and that connections are for authorized personnel only (can't prove intent if you can't prove the user didn't know they weren't authorized in some states...), and if the computer crimes act in that state has certain criteria.

6. Generally speaking, if its someone connecting to your wireless router -- Set the damn thing up correctly, you have no one to blame but yourself for hooking up a home device you don't understand to a corporate network. In fact, if there are damage claims due to the intrusion, you may find yourself without a valid claim for negligence -- you didn't do due diligence before allowing the entire neighborhood into your network.

Note: You is "you," in the general sense, not you in the direct sense. "You" means everyone who randomly hooks up a box they don't understand and don't follow the instructions on its use (which ALL have how to secure with WEP or WPA) then complain when someone is "stealing" their wifi.

While I keep my wireless network card off on my laptop, if I see an open wifi system, I will use it, because a reasonable person can safely believe that the person wants you to. After all, most devices will beat you over the head with instructions on how to secure it.

While I can crack both WEP and WPA security in minutes (so keep that in mind, any idiot can do it), that is the reasonable person's Keep Out sign.

Nate

I mean no disrespect, in fact quite the opposite, when I say
Thanks for a bit of reality check. This is a smallish locally owned company that sublets space and services to other businesses (executive business suites) so I'm not sure how tightly their personnel structure is set up.

Leave us wow players alone

In all seriousness, what she claims which is stealing IP addresses implies that the tenant has knowledge of someone doing this.

I agree that if they are just piggybacking on the network, then the network manager (whoever that may be) isnt aware of even basic network security principles.

Please before you contact the FBI find out if this is just some person piggybacking, or if it someone actually using an IP address for some malicious purpose

If its the former, well integrator has covered the things you can do for basic network security ( if whomever is managing the network isnt 100% sure they can do these things, please hire someone to do this job, it needs to be done right), and his list isnt a to do list, its a must do list.

If its the latter, then i do stand by my suggestion

One of our Ops Managers will be out of Wednesday to look into it. He is very knowledgeable in this area and also has the appropriate contacts if necessary. Thanks again for all the suggestions.

While Nate is correct and I also doubt there's any "theft of IP addresses", I'd only modify his observations slightly concerning WPA to say that you can crack some but not others. The passphrase quality is the key to WPA security. Aside from social engineering techniques, cracking WPA ultimately comes down to using a brute force or "dictionary" hack against a captured passphrase (which takes a little skill, a card that has "monitor" mode and the ability to inject packets). Enforcing strong passphrases should ensure that such an attack could not be accomplished in an individual's lifetime unless they have access to some mighty fancy processing power.

WEP is another story altogether and should not be used anymore.

which type of internet you are using?? if it is wifi then you can easily restrict your wifi with wap encrypted key.