MTNL Network Madness – People Living Over 30 Km Away On My Wireless Network
Yes, it was a hellish nightmare, and its not ending anywhere soon. I recently got a wireless router on rent from MTNL, so that I could have a wireless home network and could roam around with my MacBook anywhere in my house. I created a network, and to ensure maximum security for the network and to prevent misuse, I used a 3 step security procedure –
1) I encrypted the network with a WPA2-PSK key. My key is over 30 characters long, and is in no way easily brute-forceable.
2) I disabled broadcasting of my SSID (which basically makes my network invisible, unless explicitly dug for)
3) I enabled MAC address filtering, and added my Airport Mac address to the filter, so that the network could be accessed only from my MacBook.
But 2 days ago, the nightmare started. I saw around 25 computers in my local network (or popularly known as ‘Network Neighborhood’). Many out of these computers had names which are normal Hindi names of people, but I did not recognise even a single one of them as my neighbors. I was shocked, but my first impulse was that my wireless network had been compromised. I rebooted my router. I joined my wireless network again. The computers came back. I changed my WPA2 key, and rebooted. No change. Just some of the old computers disappeared and new ones appeared. All this, I did by accessing my router settings from my PC. My default gateway is 192.168.1.1.
The one that is blurred out is my own PC, which SHOULD be there, as it is in my local network.
Next, I connected to the wireless network (my own network and not somebody elses network) from my MacBook, and tried accessing my router settings, by using the same address (192.168.1.1), but again, I got another shock. I was directed to a totally new firmware page, which definitely did not belong to my router. I tried in the default MTNL username and password combination (which is admin/admin) and it worked. From the WAN configuration settings on that page, I got the phone number of the guy to who that router belonged. I did a cross check on that number from MTNL’s online directory, and it turned out to be a number from Dwarka Sector 7. This was another shock, as I live around 30 Km away from Dwarka, and there is no way my wireless router could have that long a range. Five minutes later, I rechecked the same page again (192.168.1.1). This time, it redirected me to another, 3rd new page, which again, did not belong to my router. I tried the admin/admin combination again, and it worked. This time I found another number, which again belonged to a different guy, but from Dwarka Sector 7 AGAIN (but different apartments/societies). This process repeated itself 2 more times, each time with a unique, new guy’s router. I have noted all the numbers down and have a record of them. I then rebooted my router again, and since then, 192.168.1.1 gives me my own router, and not anybody else’s router. Another thing to add here is that in this time, if I checked my IP from an external site such as whatsmyip.org, it gave me that other guy’s IP address, from my MacBook(I know because it was mentioned in that guy’s router config page). And when I checked my IP from my PC, whatsmyip.org gave me my own IP address (listed in my own router config page). What this means is that even though my PC and MacBook were using the same connection to connect to the internet, they had different external IP addresses, temporarily, which is theoretically IMPOSSIBLE. A single line cannot possibly have 2 different IP addresses at the same time.
I tried accessing these computers from Mac OS X, but got nothing, because I expected most of them to be on Windows. I rebooted my Mac into Windows Vista, and saw that the same machines existed there too, in the Network Neighborhood. I tried accessing them from there, and indeed was able to see people’s shared files (obviously only those who had acutally shared their files). I saw shared printers, and even tried printing on one of them, which was successful.
All this made me sure of one thing – this was an MTNL screw up, and these guys weren’t even aware that they were connected on a network. Sometime in between all this madness, I felt as if someone was stealing my bandwidth – my connection was choked. I realised it could be due to someone copying files from my public SMB shares, which I immediately took offline, and indeed, the choking was over.
The madness isn’t over yet, the people are still on my network. In my opinion, this a screw up on the part of MTNL, with different clients getting assigned each other’s IP addresses, causing the whole screw up. If 2 people have the same external IP address, then they will be on the same local network, and hence all the machines I could see were actually on somebody else’s local network near their home. I know there are a lot of things still to be cleared out, but nobody seems to be stealing my bandwidth right now.
If you liked this post, or found it useful, don't forget to subscribe to my RSS feeds. Or you can get my posts delivered to your inbox directly, by subscribing to my feeds by email. Or maybe you'd like to know what I'm doing right now, by following me at Twitter.
ravi kumar on 
sandeep on 
raj on 
lavkush on 
October 27th, 2008 at 7:47 am
LOL, this is fun dude! Try printing a pron mag on somebody’s printer and see what happens.
October 27th, 2008 at 9:23 am
MTNL did not choose to use dedicated lines, but I’m surprised by their lack of concern towards security. Obviously, they aren’t on your wireless network. They’re routed through the same network, which is equally bad.
October 27th, 2008 at 9:26 am
BTW, try using Cmd + Shift + 4 + Space for screenshots.
October 27th, 2008 at 12:53 pm
@Ankur
More than fun, it is terrifying. I first thought I was in the middle of a terrorist e-attack.
@xAbhishek
I take screens by using Cmd + Shift + 4 + Space, the blackness you see here is the fault of Flickr. The images that are saved are transparent pngs, and the transparent space is turned to black after shrinkage. Look at the full size version of the same screenshot – http://farm4.static.flickr.com/3182/2975294280_3b684b6680_o.png
October 27th, 2008 at 8:08 pm
Oh, it’s not because of shrinking. It’s because of the conversion of PNG -> JPEG. Happens all the time.
October 27th, 2008 at 8:11 pm
Changing the default format to jpg might be useful:
defaults write com.apple.screencapture type jpg
October 28th, 2008 at 5:23 pm
Hah. MTNL never fails to amuse me.
Here I am, with my so called “expensive” Airtel connection, enjoing uninterrupted internet access without anyone living in another part of the city stealing my bandwidth.
My line went down, like, two times in the last two years.
Paying Rs.799 for this line is totally worth the money.
October 29th, 2008 at 8:52 pm
*UAhen* … Ahem.
NetGear RoxX.
Last thing I heard from you was something like – “You haven’t even secured your network enough.”
Try Breaking my WPA-PSK [TKIP] + WPA2-PSK [AES] network security key.
Even if you do. Try accessing it outside my house, with an enabled SSID broadcast.
@Uncool
My Router looks better.
P.S. :-
Whenever there is a Router Talk, I just boast about my Wireless Router not even caring what the talk was about.
October 30th, 2008 at 2:06 pm
@ Kitallis
Umm dude..? Read the post again? The problem is NOT related to wireless security but is rather an MTNL issue. People from Dwarka are on my local network, and that is the problem. MY router and security settings are perfectly fine, with much more security than yours.
October 30th, 2008 at 7:33 pm
Hey, there seems to be a bug in the comment system. There’s no space between the commentors’ name and the word “says”. Your comment begins with “Apoorv KhatrejaSays:”.
Using Opera on MacOS Leopard.
October 30th, 2008 at 8:33 pm
Wasn’t a bug in the commenting system, was a mistake in the theme. Fixed it now. Thanks for the notification.
October 31st, 2008 at 12:09 pm
[...] Apurv suddenly discovers that MTNL is bringing his neighborhood closer on his wireless network, with a range of 30 km: I did a cross check on that number from MTNL’s online directory, and it turned out to be a number from Dwarka Sector 7. This was another shock, as I live around 30 Km away from Dwarka, and there is no way my wireless router could have that long a range. Five minutes later, I rechecked the same page again (192.168.1.1). This time, it redirected me to another, 3rd new page, which again, did not belong to my router. I tried the admin/admin combination again, and it worked. This time I found another number, which again belonged to a different guy, but from Dwarka Sector 7 AGAIN (but different apartments/societies). This process repeated itself 2 more times, each time with a unique, new guy’s router. I have noted all the numbers down and have a record of them. [...]
October 31st, 2008 at 12:11 pm
Hahahah… that is funny and scary at the same time! So, what all did you discover?
October 31st, 2008 at 7:52 pm
Not much, except for the fact that I got pwned.
The bandwidth theft has more or less stopped, or is still going on when I’m asleep. Not really sure about the bandwith theft though, because I noticed it on torrents, and torrent speeds usually do fluctuate a lot. All seems to be OK now, except for the fact that the other guys are still there, on my network.
November 1st, 2008 at 10:42 pm
@ Apoorv
Yeah! I don’t care what you talk about, my Wireless Router is the Best in town! YEAH BABY!1! YEAH 1!! C’MON !!1
YEAH!
Holy crap. Spooze.