wireless internet security

[d’76]

I spoke with a verizon chat rep tonight and was a bit confused by the end of the conversation.

Heres what I want to do.


I want to limit access to the net through my router. The gentleman that I spoke with said it was impossible (unless i want to disable the wireless and put a cable in the back of the laptop). When I mentioned that I have seen screens that say "security enabled wireless network" he said all that means is that you cannot access the network but can still access the internet. However when I try to access that network I need a password in order to go to the next step. I need some input in normal talk none of the fancy geek talk. Any help would be cool.

THanks!

[team teebow]

Dave1976,

Are you looking to limit access through the wireless part of your router or the router itself?

[d’76]

Dave1976,

Are you looking to limit access through the wireless part of your router or the router itself?

I dont want to have folks sitting in the street using my connection to the internet. I live in a very close neighbor hood and realized that any of my neigbors could be using my connection to the web. I dont want them to be able to do that.

[robt]

Dave,

If you enable Wep on the router it will prevent others from accessing the internet through your conection. It is kinda like a lock on your door, it will prevent most from getting in as long as they are not smart enough and determined enough to get around it. Let me know and I can call you and try to help you with it. I am going to need some more info on what equipment you have. Also there may be other methods that are availible to you to encrypt and lock down your conection but a wep key is widely used and for the most part affective to prevent most from getting on.

Robt

[Haffy]

I dont want to have folks sitting in the street using my connection to the internet. I live in a very close neighbor hood and realized that any of my neigbors could be using my connection to the web. I dont want them to be able to do that.

Oh you mean what we do when we are on the road and stop to get onto someone else's network to get online?........ Don't you just love Netstumbler?

[WhereRWe?]

Oh you mean what we do when we are on the road and stop to get onto someone else's network to get online?........ Don't you just love Netstumbler?

Sheesh! You mean I'm NOT the only one who does this? LOL!

[Hiram357]

Sheesh! You mean I'm NOT the only one who does this? LOL!

it's people like you that keep the rest of us honest folk stuck with cables running across our apartments...

[bgrffdave]

While it is true that it's darn near impossible to make a wireless network 100% secure it is possible to do a few things that will come as close as most of us home users need to be.

I would agree with some of what ribnag and others have said. I'd add #3 on the list as I didn't see it mentioned before. Some of what has been mentioned I think is a waste of time... more trouble than it's worth. A good friend of mine has spent the last 13 years working in the navy with electronics and computers. Here's his advice and what I currently use to secure my network and limit access to the internet:

1. Rename the login and password of your router! Most people never take the time to do this... even though most manuals tell you to. This is a must do basic security move! There are lists of default logins and passwords for routers all over the internet. Why wouldn't you take the time to change yours? If someone knows, or can guess, the login and password for your router they can change any setting they want.

2. Change the SSID of your wireless network and disable SSID Broadcast! The name of your wireless network SHOULD NOT be the default set by the manufacturer. This falls into the same category as #1. While you're in there changing settings disable SSID broadcast. While it's still not impossible to find the SSID when it's not broadcast most hackers would never spend the time considering you probably don't have anything worth that much time and effort AND there are so many unsecured networks around.

3. Disable remote administration (a.k.a. remote management)! This is usually found under Security or Administration in the router settings. USUALLY this is disabled by default. If this is enabled anyone with access to your wireless can screw with the settings of your router. You don't want that! You want to have to connect to your router by ethernet cable to make changes. Don't assume this is disabled... check!

4. Enable MAC Adress Filtering (a.k.a. Access Control List)! Each wireless device has a unique MAC address. For most devices it's listed on a tag or sticker. For computers/laptops you've just got to look it up via software on the computer. This is easy to do and there are intructions all over the internet... google "find mac address". When you want to allow someone to use your wireless you give them your SSID AND put their MAC address into your router. When you want to remove them you delete it. It's that easy! Even if they stil know your SSID, without their MAC address in your router they're out! No passwords or keys to change like WEP or WPA. While it is possible to steal or clone a MAC address most hackers aren't going to bother. They're just going to go find one of the bazillion unsecured networks around.

A lot of people use WEP encryptoin but here's the deal... it's really weak. WPA was created because WEP is so poor. WPA is MUCH stronger security... WPA Enterprise is a whole nother animal and really only for the commercial environment. WPA isn't too hard to set up IF you have the right equipment. But, all your wirless components, including your computer, have to support it or it won't work. Even some of the cheaper stuff brand new on the shelf today doesn't support it. That's why a lot of people have trouble trying to get it to work.

Just today I was reading that some college kids in Germany can now crack any system using WEP in around 90 seconds consistently. Luckily these are the good guys trying to show that it's not worth using. While we don't live near them it shows how weak WEP is. Why bother with keys and passwords for something that doesn't offer good security.

If you do the things listed above you can sleep reasonably well that you're in good shape. While not 100% fool proof it's really as close as most of us need to be.

[attroll]

Robt has it. You can enable WEP and no one can get to your wireless unless they know the password.

[Trezurs*-R-*Fun]

Robt has it. You can enable WEP and no one can get to your wireless unless they know the password.

Take a look at the claims of this freeware: Cain and Abel. Its sells itself as a "password recovery" tool but is actually used to bust into peoples wireless networks and steal your passwords. Where there is a will there is a way.

I do agree that you should not leave your network open and should take advantage of all the security measures you can. "Wardrivers" are looking for easy targets therefore even a 64 bit WEP would keep out most.

my 2 cents


Cache On!!!