Wireless Security.

Post in here if you're having problems with any hardware\software (not just PC related) or you want some advice on either.

Moderator: Administrator

Post Reply
Mseries3
[OFc] Member
[OFc] Member
Posts: 277
Joined: Mon Aug 13, 2007 12:00 am
Location: Surrey, England

Wireless Security.

I have been told that a bloke that lives near me has been "Hacking" into wireless networks, I think i have set mine up the best i can set it up security wise but i was just wondering to know if there was anything else I could do to stop the the c**t apart from have a wired network.. Not Pratical!

So far i have...

WPA2 Personal Encryption
Mac Filtering
Turned broadcasting off
A Long password with capital letters and numbers.

Anything else?

P.s It is a Linksys router...

Cheers
User avatar
MAD-Miles
[OFc] Member
[OFc] Member
Posts: 312
Joined: Mon Aug 13, 2007 12:00 am

Wear a hat made of tin foil
User avatar
MudShark
[OFc] Clan Council
[OFc] Clan Council
Posts: 1401
Joined: Mon Aug 13, 2007 12:00 am
Location: Aberdeenshire
Contact:

That's plenty - don't worry. There's a lot of people out there that don't bother with security at all. That's still "Hacking" in PC plods book. Also there's lots of kit that can only do WEP or people use WEP because they think its enough. There are even large Telephone companies (Naming no names BT) that used to set their kit up with WEP. WEP is as broken as it comes. A script kiddie can break it in 2 minutes.

There are rumours that inroads are being made into WPA but nothing certain yet. It will no doubt be next but is safe for the moment.

WPA2 is currently safe as houses.
---------------------------------------
Life is a Terminal Disease

Muddy
User avatar
MudShark
[OFc] Clan Council
[OFc] Clan Council
Posts: 1401
Joined: Mon Aug 13, 2007 12:00 am
Location: Aberdeenshire
Contact:

Bullet? Really

and Miles - bugger off back to la la land.

Peaople really don't take wireless security seriously. You could be responsible for whats downloaded via your internets. How would you like it if the pr0n squad knocked down your door at 4am because you were d'loading kiddie pr0n? Or maybe the MAFFIAA sent you a bill for $5000 because you were downloading the latest boys are us mp3?

The shame!
---------------------------------------
Life is a Terminal Disease

Muddy
Mseries3
[OFc] Member
[OFc] Member
Posts: 277
Joined: Mon Aug 13, 2007 12:00 am
Location: Surrey, England

Cheers guys.

As far as i know the bloke in question does not really know what he is doing.. I mean there are guides to cracking WEP all over the internet so it is not very hard to do it!
Die_Doggy_Die
[OFc] Member
[OFc] Member
Posts: 126
Joined: Thu Aug 16, 2007 12:00 am
Location: Chesterfield

Stop worrying mate. Just make sure you keep the guys details somewhere else - on paper maybe. If anything ever did come of it you have his name and address

I've got a netgear wireless router (though currently not using it as down to one old PC which is wired into the router). Security seems pretty tight on that one so maybe consider getting a new router at some point?

Don't know how secure it is but can't you only allow connections from Mac addresses your router knows. I can do this with the netgear. I may be wrong but I thought Mac addresses were ultra safe?
I play the game for the game's own sake.
Mseries3
[OFc] Member
[OFc] Member
Posts: 277
Joined: Mon Aug 13, 2007 12:00 am
Location: Surrey, England

Die_Doggy_Die wrote:Don't know how secure it is but can't you only allow connections from Mac addresses your router knows. I can do this with the netgear. I may be wrong but I thought Mac addresses were ultra safe?
Mac Addresses are very easy for someone that knows what they are doing to clone!
recruit
[OFc] Member
[OFc] Member
Posts: 51
Joined: Tue Sep 23, 2008 12:00 am
Location: Glasgow
Contact:

Yes as everyone has said - dont worry about it at all. WPA is still secure as far as home users are concerned. To break it he/she would have to be in range of your network and sit packet sniffing on a notebook for quite literally days. Even then if you go into your router settings you can bring up the currently connected machines table and see if he/she is listed.
If your still worried about someone finding all your extreme granny porn or you see a spotty 15 year old in a 1991 ford fiesta outside your house furiously masturbating as he waits for his Acer notebook his mummy got him from Tesco for Christmas your wpa key – You may want to enable your router to only serve the MAC addresses of the machines in your house, this way even if he was to break your WPA key he would not get served an ip address from the routers dhcp server. Dont worry about MAC spoofing - they would have to create a specific IP packet then replicate it and that is HARD and no offence I doubt a someone that could get £100 grand a year as a security specilist wants to have your home network.

Woot.
The Techno Scotsman!

www.sinweb.co.uk
Die_Doggy_Die
[OFc] Member
[OFc] Member
Posts: 126
Joined: Thu Aug 16, 2007 12:00 am
Location: Chesterfield

Thats exactly how my wireless was set up when I had it working!
I play the game for the game's own sake.
User avatar
Myth
[OFc] Senior Admin
[OFc] Senior Admin
Posts: 50
Joined: Mon Aug 13, 2007 12:00 am

Re: Wireless Security.

Mseries3 wrote:...
Mac Filtering
Turned broadcasting off
...
MAC filtering and SSID turned off = 100% secure.
User avatar
MudShark
[OFc] Clan Council
[OFc] Clan Council
Posts: 1401
Joined: Mon Aug 13, 2007 12:00 am
Location: Aberdeenshire
Contact:

Thats very stoopid groiny, your router will not save you from a virus that you bring in yourself. Either e-mail or some infected web site.
---------------------------------------
Life is a Terminal Disease

Muddy
User avatar
MRX
[OFc] Clan Council
[OFc] Clan Council
Posts: 61
Joined: Sat Feb 16, 2008 12:00 am
Location: Washington, DC (USA)

Mac filtering does next to nothing since MAC addresses can be easily modified to get around them.

Not broadcasting your BSSID is recommended, but again, it can be enumerated once an attacker has gathered enough traffic.

WPA2 is going to be you're best saving grace. WPA (specifically WPA with tkip) has been cracked in a real-world scenario, however it is non-trivial and will only work in certain situations. Someone would really want to be out to get you for them to spend the time and effort it might take.

If you are really worried about your wireless, you could always run a linux box on your WIRED network with a free VPN server on it (such as FreeSwan) and then use a VPN tunnel over your wireless. That way, if you do get popped, they're still going to have to compromise your VPN endpoint to get anywhere.

Personally, lifes too short.. Just dont do anything too sensitive over your wireless, use WPA2 with a nice strong password (16 chars, alpha (upper and lower case)-numeric-specialchars) and stop worrying. :)
Post Reply