close

Privacy guaranteed - Your email is not shared with anyone.

Wireless Security Check

Discussion in 'Tech Talk' started by Wulfenite, Jan 22, 2007.

  1. Wulfenite

    Wulfenite The King

    Messages:
    1,862
    Likes Received:
    5
    Joined:
    Jun 1, 2000
    Location:
    Pretty Fly for a White Guy
    I just put in a new Netgear Router.

    I've got it filtering MAC addresses.
    I'm using the WPA-PSK [TKIP] Security with a 2 dozen character pass phrase that includes numbers, capitol letters, and non capitol letters.
    I've stopped SSID broadcast and I've changed from the default SSID.

    Seems like the firewall doesnt need any special setup.

    Do I have the bases pretty well covered with this configuration?
     
  2. Seminoles

    Seminoles Millennium Member

    Messages:
    489
    Likes Received:
    62
    Joined:
    Oct 17, 1999
    Location:
    Huntsville, AL
    Wulfenite, is there a website that has a walk through on how to set up the security for a wireless network? I don't understand any of this. I set up a router last night but it is unsecured right now. I dont want any neighbors trying to connect to my internet.
     

  3. HAVOC

    HAVOC Remember CLM Millennium Member

    Messages:
    5,054
    Likes Received:
    0
    Joined:
    Jun 20, 1999
    Location:
    Location: Location:
    WPA2 would be better if you can do it in all parts.

    GRC has a great way to build really secure passwords, and even SSIDs if you're really serious. I don't care for the passphrase generators myself, I like just hard coding a solid string.

    Changing the default subnet and using a restrictive subnet mask makes it harder for someone to blunder into your IP range.

    Many routers let you isolate your wireless from the wired network, so even if they crack your security, all they can get to is your internet service, not any of your wired resources. This won't work if you want to share printers or such to your wireless machine though.

    Oh... change the default password in the router, turn off Universal Plug 'n Play and disable remote administration.
     
  4. Wulfenite

    Wulfenite The King

    Messages:
    1,862
    Likes Received:
    5
    Joined:
    Jun 1, 2000
    Location:
    Pretty Fly for a White Guy
    Well, I'm far from an expert but here's what I know about what I've done.

    SSID is the name of the wireless service. Usually the router will default to the brand name...."Belkin" "Netgear" "Linksys". First you change the SSID name, then you set the router not to broad cast the name. That way if somebody scans for Wifi radio signals in your area they will see that there's a network there, but the wont know what its name is without engaging in some geek'ery to sleuth it out. Without the name you cant use the service.

    With MAC address filtering, you're basically telling your router that you only want it to play with remote computers that have serial number XXXX. The MAC address is kind of like the serial number of the wireless card in your computer. So now somebody would have to figure out the name of your network, figure out the MAC address of your wireless card, and then configure their wireless card to pretend it has your MAC address to use your resources.

    The WPA, and the WPA2 Havoc mentioned are a data encryption system. Whereas above we were talking about preventing access to your network...here we're talking about encrypting the traffic that goes back and forth so it cant be seen by someone else.
     
  5. Wulfenite

    Wulfenite The King

    Messages:
    1,862
    Likes Received:
    5
    Joined:
    Jun 1, 2000
    Location:
    Pretty Fly for a White Guy
    I'll have to read up on WPA2....not even sure if the new router is capible. Same thing with the subnet masks....I saw in the router where you can play with them, but I dont really understand that yet.

    And I already reassigned the password for the router....again a mix of caps and non caps and numbers. I really dont like randomly assigned passwords because they're so dang hard to remember and type.
     
  6. Ljunatic

    Ljunatic On The Fringe

    Messages:
    1,034
    Likes Received:
    0
    Joined:
    Oct 23, 2001
    Location:
    Lincoln, Nebraska
    One last thing that I do with my 4 machines is install the Netbeui protocol and unbind all file and print sharing from TCP/IP. Here is a tutorial that describes the setup
     
  7. JaredB

    JaredB

    Messages:
    2
    Likes Received:
    0
    Joined:
    Nov 12, 2006
    Depending on how you have your IP address's assigned DHCP or Static. I would limit the range of IP's that your router will assign. I think that what you have done so far is enough for the average home user.

    There are always ways to break in. All you can do is make it more difficult and not worth the time.