Wireless network security

J

jimmyjazz

2,500+ Posts
Can somebody translate all this "WEP" and "WPA-PSK" crap for me?

I got sick of my old Dell "sharkfin" wireless router struggling to reach the next room, so I bought a NetGear "G" router at CostCo. I finally managed to get both of my computers to pick up the signal, but I have security disabled. Where should I go next if I want things to be a bit more secure? How much of a pain is it? What records do I need to keep? I'm totally lost.
 
WEP encrypts your signal so that anyone trying to "listen" in to you signal won't be able to decypher what you're doing. WEP is a bit of a pain b/c you have a long *** key you have to keep track of any use on any computer you hook up to the network. I use MAC address filtering as my security. You can do this on most routers. You simply specify which MAC addresses (each computer has its own unique address) are allowed on the network.
 
I've heard WEP can be hacked by a diligent individual, but most anything can these days anyway. For the vast majority, it's safe enough. If your wireless cards support it, I'd recommend upping the encryption level to 128-bit. The key (hexadecimal, 26 characters) will be long but you could make it something to remember. I set my girlfriend's up to be a series of ADF's followed by her house number and birth year.

I don't know anything about WPA or MAC filtering. However, if MAC filtering by itself is secure enough, I'd suggest ditching WEP since it can slow down your network.
 
Here's a really good article on MAC filtering:
The Link

I didn't realize it was so simple to spoof a MAC address, but MAC filtering will prevent your average neighbor from connecting to your access point without paying the performance hit of WEP.
 
Yeah, MAC addresses can be spoofed. This isn't a full blown security measure, but for most, it'll do. I just do it to make sure nobody else in my complex uses my connection. For that purpose, its great.
 
I don't care if my neighbors use my connection -- at least, I don't think I do -- I care if people can hack their way into my computer.

Does that change anything?
 
The only way to prevent hacking is to leave your computer turned off. To make it much tougher for a hacker, you'll want both MAC address filtering and WEP. You'll also want to enable as many firewall features as are available on your wireless router, and if your computer is running XP, go ahead and enable the XP firewall for your wireless connection while you are at it. If you have file sharing enabled, turn that off too. Don't leave your computer on all day if you aren't using it.
 
The Link

The good news is that it's easier to connect to your neighbors unencrypted network than to try and hack into yours. II would set up WEP and not broadcast the network ID which helps cut down the mischief. Also i would turn off the wireless when not using. Also if you set up the MAC address stuff be careful. Set up a wired connection first so you can get back in when you screw up the MAC stuff. Otherwise you just locked yourself out of your router until you find the reset button. Also look at the logs every know and then and see what computers were attached.
 
WEP can be cracked in a matter of about an hour, just takes the ability to capture about 1,000,000 packets, then 15-20 minutes to run a brute force attack on them to find the key, that is the problem with WEP, the key never changes.

Your best bet is to enable not only MAC filtering, but also WPA-PSK (WiFi Protected Access - Pre-Shared Key) WPA-PSK also uses a pre-shared key, the difference is that once entered, the key dynamically changes (known as TKIP) at a certain interval (usually 30 minutes) by the time a hacker has time to break the key, it has already changed and is now useless. WPA-PSK was developed as the answer to all of WEP's problems.

In reply to:
Click to expand...
 
You must log in or register to reply here.

Weekly Prediction Contest

* Predict HORNS-AGGIES *
Sat, Nov 30 • 6:30 PM on ABC

Recent Threads

Prediction Results Threads

2024 Schedules

Back
Top