Page 1 of 1

Wireless Security.

Posted: Fri Jan 23, 2009 4:20 pm
by Mseries3
I have been told that a bloke that lives near me has been "Hacking" into wireless networks, I think i have set mine up the best i can set it up security wise but i was just wondering to know if there was anything else I could do to stop the the c**t apart from have a wired network.. Not Pratical!

So far i have...

WPA2 Personal Encryption
Mac Filtering
Turned broadcasting off
A Long password with capital letters and numbers.

Anything else?

P.s It is a Linksys router...

Cheers

Posted: Fri Jan 23, 2009 5:59 pm
by MAD-Miles
Wear a hat made of tin foil

Posted: Fri Jan 23, 2009 6:02 pm
by MudShark
That's plenty - don't worry. There's a lot of people out there that don't bother with security at all. That's still "Hacking" in PC plods book. Also there's lots of kit that can only do WEP or people use WEP because they think its enough. There are even large Telephone companies (Naming no names BT) that used to set their kit up with WEP. WEP is as broken as it comes. A script kiddie can break it in 2 minutes.

There are rumours that inroads are being made into WPA but nothing certain yet. It will no doubt be next but is safe for the moment.

WPA2 is currently safe as houses.

Posted: Fri Jan 23, 2009 6:07 pm
by MudShark
Bullet? Really

and Miles - bugger off back to la la land.

Peaople really don't take wireless security seriously. You could be responsible for whats downloaded via your internets. How would you like it if the pr0n squad knocked down your door at 4am because you were d'loading kiddie pr0n? Or maybe the MAFFIAA sent you a bill for $5000 because you were downloading the latest boys are us mp3?

The shame!

Posted: Fri Jan 23, 2009 6:27 pm
by Mseries3
Cheers guys.

As far as i know the bloke in question does not really know what he is doing.. I mean there are guides to cracking WEP all over the internet so it is not very hard to do it!

Posted: Fri Jan 23, 2009 8:19 pm
by Die_Doggy_Die
Stop worrying mate. Just make sure you keep the guys details somewhere else - on paper maybe. If anything ever did come of it you have his name and address

I've got a netgear wireless router (though currently not using it as down to one old PC which is wired into the router). Security seems pretty tight on that one so maybe consider getting a new router at some point?

Don't know how secure it is but can't you only allow connections from Mac addresses your router knows. I can do this with the netgear. I may be wrong but I thought Mac addresses were ultra safe?

Posted: Fri Jan 23, 2009 9:46 pm
by Mseries3
Die_Doggy_Die wrote:Don't know how secure it is but can't you only allow connections from Mac addresses your router knows. I can do this with the netgear. I may be wrong but I thought Mac addresses were ultra safe?
Mac Addresses are very easy for someone that knows what they are doing to clone!

Posted: Sat Jan 24, 2009 10:28 am
by recruit
Yes as everyone has said - dont worry about it at all. WPA is still secure as far as home users are concerned. To break it he/she would have to be in range of your network and sit packet sniffing on a notebook for quite literally days. Even then if you go into your router settings you can bring up the currently connected machines table and see if he/she is listed.
If your still worried about someone finding all your extreme granny porn or you see a spotty 15 year old in a 1991 ford fiesta outside your house furiously masturbating as he waits for his Acer notebook his mummy got him from Tesco for Christmas your wpa key – You may want to enable your router to only serve the MAC addresses of the machines in your house, this way even if he was to break your WPA key he would not get served an ip address from the routers dhcp server. Dont worry about MAC spoofing - they would have to create a specific IP packet then replicate it and that is HARD and no offence I doubt a someone that could get £100 grand a year as a security specilist wants to have your home network.

Woot.

Posted: Sat Jan 24, 2009 2:16 pm
by Die_Doggy_Die
Thats exactly how my wireless was set up when I had it working!

Re: Wireless Security.

Posted: Sun Jan 25, 2009 7:16 pm
by Myth
Mseries3 wrote:...
Mac Filtering
Turned broadcasting off
...
MAC filtering and SSID turned off = 100% secure.

Posted: Sun Jan 25, 2009 11:46 pm
by MudShark
Thats very stoopid groiny, your router will not save you from a virus that you bring in yourself. Either e-mail or some infected web site.

Posted: Mon Feb 09, 2009 6:33 pm
by MRX
Mac filtering does next to nothing since MAC addresses can be easily modified to get around them.

Not broadcasting your BSSID is recommended, but again, it can be enumerated once an attacker has gathered enough traffic.

WPA2 is going to be you're best saving grace. WPA (specifically WPA with tkip) has been cracked in a real-world scenario, however it is non-trivial and will only work in certain situations. Someone would really want to be out to get you for them to spend the time and effort it might take.

If you are really worried about your wireless, you could always run a linux box on your WIRED network with a free VPN server on it (such as FreeSwan) and then use a VPN tunnel over your wireless. That way, if you do get popped, they're still going to have to compromise your VPN endpoint to get anywhere.

Personally, lifes too short.. Just dont do anything too sensitive over your wireless, use WPA2 with a nice strong password (16 chars, alpha (upper and lower case)-numeric-specialchars) and stop worrying. :)