Page 1 of 2 12 LastLast
Results 1 to 15 of 17
  1. #1
    Silver Lounger
    Join Date
    Jan 2001
    Location
    Northern, California, USA
    Posts
    1,886
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Wireless Security

    OK...

    I'm taking the plunge. After months of anti-wireless sentiment, prices have gone so low that it's now a good time to make my new home wireless. (That, and I really don't want to drill a bunch of holes in my walls.)

    After paying around $35 (Netgear WGR614 - Wireless Cable/DSL Router - http://www.buy.com) for my wireless router, and $21 for my wireless PCMCIA card(http://www.GoGoCity.com), I am ready, or so I think, to set this baby up and surf from anywhere in my home.

    I have avoided this moment like the plague, namely because of the inherent lack of security that exists with a wireless setup. The theory is that anyone and their dog can park outside my house and tap into my network, exploiting files, compromising accounts, and plotting the sale of my small children...

    So, I turn to you, the wise Community of Woody's Lounge, to provide me whatever insight you can with regards to resources, tricks, and tips that have worked for you in Securing your network, in the hopes that I can avoid being a victim with my new setup.

    Advise Away! I am rather proficient, but honestly, this Wireless Stuff is a new frontier for me. Thanks in Advance for any help you can provide!

    Warmest Regards,
    <IMG SRC=http://www.wopr.com/w3tuserpics/Kel_sig.gif>
    Moderator:<font color=448800> Pix Place, Internet Explorer</font color=448800>
    <small>www.kvisions.com

  2. #2
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Wireless Security

    Kel

    1) Leave everything in its box.
    2) Google for books with wireless security in their title.
    3) Buy several.
    4) Read them all.
    5) Implement what they suggest (eg. getting a Wireless Cable/DSL <big>Firewall</big> Router)
    6) Look smug [preen] since you are now the Lounge Expert on this topic!

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  3. #3
    Super Moderator
    Join Date
    Dec 2000
    Location
    Renton, Washington, USA
    Posts
    12,560
    Thanks
    0
    Thanked 4 Times in 4 Posts

    Re: Wireless Security

    With the use of a good fire wall most of the security issues go away.

    True some one could sit out in the street and use the "Bandwidth" but getting to your data, they still have go through the firewall.

    I have ONLY the IP addresses of my different machines entered in to my firewall (ZoneAlarm Free). so if I have a visiting machine, I must enter it's IP address for it to access my network.

    Now running HP Pavilion a6528p, with Win7 64 Bit OS.

  4. #4
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Re: Wireless Security

    When I set up home wireless networks I always do the following.
    <UL><LI>Change the SSID to something not likely to be guessed - write this name down somewhere you won't lose it
    <LI>Hide the SSID, so that the Network Access Point doesn't broadcast its name
    <LI>Enable 128 bit WEP with as random a key as I can generate - write this key down somewhere you won't lose it.
    <LI>Enable MAC Address filtering, and tell the Network Access Point the MAC Addresses of all my cards
    <LI>Now configure my PCs to use the correct SSID and WEP Key[/list]Network firewalls are irrelevant in this configuration, since anything that connects wirelessly will be on the LAN side of the network, not the WAN side, so will be inherently trusted! Even many personal firewalls are configured to allow local LAN devices to connect, so you really do need this level of care.

    StuartR

  5. #5
    Silver Lounger
    Join Date
    Jan 2001
    Location
    Brantford, Ontario, Canada
    Posts
    2,391
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Wireless Security

    Sorry about bringing up an old thread, and possibly hi-jacking Kel's original intent... but....

    If I have 128-bit WEP enabled, is the MAC Filtering really required? I've been attempting to get both working, but for whatever reason, my DLink DI-524 doesn't want to allow both of my NICs to access the network (internal nor external) with MAC Filtering enabled.

    I've got the latest Firmware (1.05) for the DI-524, and the firmware is also up-to-date for the NICs.

    The funny part of all this - before I called DLink support, I had my Linksys PCMCIA 802.11b card working with the MAC filtering - the DLink DWL-G122 USB 802.11b/g NIC didn't. After speaking with support, it was the reverse!!!

    Any thoughts?
    Christopher Baldrey

  6. #6
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Re: Wireless Security

    MAC address filtering gives only a very small increment after implementing other measures. It is very easy to find a valid MAC address by simple scanning of the airwaves, and all Wireless cards allow you to change the transmitted MAC address in the advanced properties.

    If it isn't easy then don't bother.

    StuartR

  7. #7
    Silver Lounger
    Join Date
    Jan 2001
    Location
    Brantford, Ontario, Canada
    Posts
    2,391
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Wireless Security

    Thanks for that Stuart - I'll stop pulling my hair out now.
    Christopher Baldrey

  8. #8
    Gold Lounger Rebel's Avatar
    Join Date
    Jul 2001
    Location
    Canada
    Posts
    3,024
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Wireless Security

    This article debunks a few of the more popular "security" measures.
    John
    A Child's Mind, Once Stretched by Imagination...
    Never Regains Its Original Dimensions

  9. #9
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Re: Wireless Security

    Nowadays I would always recommend WPA encryption for securing wireless networks. The only drawback is that you can no longer use Windows 9x clients. I got rid of my last Windows 98 laptop a few weeks ago and almost immediately changed my personal wireless network to WPA-PSK.

    StuartR

    P.S. If you can't find a kit for breaking WEP encryption within 5 minutes of searching then you're not the browser I take you for

  10. #10
    Lounger
    Join Date
    Oct 2003
    Location
    Charlottesville, Virginia, USA
    Posts
    43
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Re: Wireless Security

    This string is quite good, so I will add my questions here. I have set up my WPA Linksys wireless router with TKIP encription. Now I want to get my wireless laptop to connect. It has been working fine with MAC filtering, but I see from the link provided in this string that MAC filtering is not secure. I have a home network so security is not a huge concern, but better safe than sorry. I have two questions.

    1. My Toshiba Satellite Pro Centrino with WinXP SP2 has only WEP encryption. I went to Network Connections and properties of my wireless connection. For my SSID properties, the only Data encryption choices are Disabled and WEP. How do I get a WAP selection?

    2. If I give someone a key to use my encrypted Internet connection, will they be able to see the shared folders on my computer? My assumption is that, if they do not know the workgroup name they will not be able to find out what it is and go into my computer files. Is this true?

    Thanks for your help, Bruce

  11. #11
    Silver Lounger
    Join Date
    Jan 2001
    Location
    Brantford, Ontario, Canada
    Posts
    2,391
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Wireless Security

    To answer your first question regarding the WEP / WPA / etc encryption, your notbook seems to be limited to WEP at most. To enable more encryption, you'll need to see if there is firmware for your wireless card to enhance it's abilities, or purchase a new wireless NIC.

    The second question, I can not give the 100% answer, but I would think if you've setup proper username / password settings, then you should be okay. A file share on any network should never be wide open in my opinion. At the least, it should have a username and password challenge.
    Christopher Baldrey

  12. #12
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Re: Wireless Security

    A different answer to your second question.

    If you give someone your wireless network keys then you let them get in behind your firewall.
    Many home networks are configured to allow Guest access to all their network shares, in which case everyone who is behind your firewall can access them.
    There are many Windows security weaknesses that your firewall protects you from, that you may be vulnerable to if you let a "hacker" into your wireless network.

    StuartR

  13. #13
    Lounger
    Join Date
    Oct 2003
    Location
    Charlottesville, Virginia, USA
    Posts
    43
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Re: Wireless Security

    I expect you are refering to the router's hardware firewall. I have Zone Alarm running on both my networked PCs. Would someone having wireless access to the Internet still be able to get into my shared folders? How does the workgroup name enter into this? Would the hacker have to "guess" my workgroup name to get in?

    Thanks, Bruce

  14. #14
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Re: Wireless Security

    ZoneAlarm on your PCs won't help here.

    If you have file shares on your PCs then you have probably configured ZoneAlarm to allow computers on your local network to be able to access the shares, so ZoneAlarm will happily let the hackers in. Workgroup name is irrelevant here, it is simply a convenient way of allowing you to find shares but any half way competent person on your network can sniff out what you have and then break in.

    StuartR

    Edited by <!profile=StuartR>StuartR<!/profile> to add
    One possible option. If your Wireless Access Point also has a standard ethernet router then you could put it in between the existing router and the Internet. People who connected to your Wireless would then be outside your network. This would also apply to any wireless devices that you want to use - so no access to shares from your wireless laptop, but it would allow somewhat more secure guest wireless access to the Internet.

  15. #15
    Lounger
    Join Date
    Oct 2003
    Location
    Charlottesville, Virginia, USA
    Posts
    43
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Re: Wireless Security

    I am trying a new approach. I set my wireless laptop IP address to manual. My cabled desktop Zone Alarm is set to allow only that IP address into my Trusted Zone. The idea is to prevent someone on the wireless network accessing my desktop. Now my laptop can talk to my desktop fine -- BUT it can no longer access the Internet. From the laptop I can ping the router gateway address fine, but not an Internet URL. Any thoughts on where I could go from here. There must be a way.

    Bruce

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •