I have been told that a bloke that lives near me has been "Hacking" into wireless networks, I think i have set mine up the best i can set it up security wise but i was just wondering to know if there was anything else I could do to stop the the c**t apart from have a wired network.. Not Pratical!
So far i have...
WPA2 Personal Encryption
Mac Filtering
Turned broadcasting off
A Long password with capital letters and numbers.
Anything else?
P.s It is a Linksys router...
Cheers
Wireless Security.
Moderator: Administrator
-
MudShark
- [OFc] Clan Council
![[OFc] Clan Council](./images/ranks/bullet_star_rank6_5.gif "[OFc] Clan Council")
- Posts: 1401
- Joined: Mon Aug 13, 2007 12:00 am
- Location: Aberdeenshire
- Contact:
That's plenty - don't worry. There's a lot of people out there that don't bother with security at all. That's still "Hacking" in PC plods book. Also there's lots of kit that can only do WEP or people use WEP because they think its enough. There are even large Telephone companies (Naming no names BT) that used to set their kit up with WEP. WEP is as broken as it comes. A script kiddie can break it in 2 minutes.
There are rumours that inroads are being made into WPA but nothing certain yet. It will no doubt be next but is safe for the moment.
WPA2 is currently safe as houses.
There are rumours that inroads are being made into WPA but nothing certain yet. It will no doubt be next but is safe for the moment.
WPA2 is currently safe as houses.
---------------------------------------
Life is a Terminal Disease
Muddy
Life is a Terminal Disease
Muddy
-
MudShark
- [OFc] Clan Council
- Posts: 1401
- Joined: Mon Aug 13, 2007 12:00 am
- Location: Aberdeenshire
- Contact:
Bullet? Really
and Miles - bugger off back to la la land.
Peaople really don't take wireless security seriously. You could be responsible for whats downloaded via your internets. How would you like it if the pr0n squad knocked down your door at 4am because you were d'loading kiddie pr0n? Or maybe the MAFFIAA sent you a bill for $5000 because you were downloading the latest boys are us mp3?
The shame!
and Miles - bugger off back to la la land.
Peaople really don't take wireless security seriously. You could be responsible for whats downloaded via your internets. How would you like it if the pr0n squad knocked down your door at 4am because you were d'loading kiddie pr0n? Or maybe the MAFFIAA sent you a bill for $5000 because you were downloading the latest boys are us mp3?
The shame!
---------------------------------------
Life is a Terminal Disease
Muddy
Life is a Terminal Disease
Muddy
-
Die_Doggy_Die
- [OFc] Member
![[OFc] Member](./images/ranks/bullet_star_rank6d_4.gif "[OFc] Member")
- Posts: 126
- Joined: Thu Aug 16, 2007 12:00 am
- Location: Chesterfield
Stop worrying mate. Just make sure you keep the guys details somewhere else - on paper maybe. If anything ever did come of it you have his name and address
I've got a netgear wireless router (though currently not using it as down to one old PC which is wired into the router). Security seems pretty tight on that one so maybe consider getting a new router at some point?
Don't know how secure it is but can't you only allow connections from Mac addresses your router knows. I can do this with the netgear. I may be wrong but I thought Mac addresses were ultra safe?
I've got a netgear wireless router (though currently not using it as down to one old PC which is wired into the router). Security seems pretty tight on that one so maybe consider getting a new router at some point?
Don't know how secure it is but can't you only allow connections from Mac addresses your router knows. I can do this with the netgear. I may be wrong but I thought Mac addresses were ultra safe?
I play the game for the game's own sake.
Yes as everyone has said - dont worry about it at all. WPA is still secure as far as home users are concerned. To break it he/she would have to be in range of your network and sit packet sniffing on a notebook for quite literally days. Even then if you go into your router settings you can bring up the currently connected machines table and see if he/she is listed.
If your still worried about someone finding all your extreme granny porn or you see a spotty 15 year old in a 1991 ford fiesta outside your house furiously masturbating as he waits for his Acer notebook his mummy got him from Tesco for Christmas your wpa key – You may want to enable your router to only serve the MAC addresses of the machines in your house, this way even if he was to break your WPA key he would not get served an ip address from the routers dhcp server. Dont worry about MAC spoofing - they would have to create a specific IP packet then replicate it and that is HARD and no offence I doubt a someone that could get £100 grand a year as a security specilist wants to have your home network.
Woot.
If your still worried about someone finding all your extreme granny porn or you see a spotty 15 year old in a 1991 ford fiesta outside your house furiously masturbating as he waits for his Acer notebook his mummy got him from Tesco for Christmas your wpa key – You may want to enable your router to only serve the MAC addresses of the machines in your house, this way even if he was to break your WPA key he would not get served an ip address from the routers dhcp server. Dont worry about MAC spoofing - they would have to create a specific IP packet then replicate it and that is HARD and no offence I doubt a someone that could get £100 grand a year as a security specilist wants to have your home network.
Woot.
-
Die_Doggy_Die
- [OFc] Member
- Posts: 126
- Joined: Thu Aug 16, 2007 12:00 am
- Location: Chesterfield
![[OFc] Senior Admin](./images/ranks/bullet_star_rank6d_6a.gif "[OFc] Senior Admin")
Re: Wireless Security.
MAC filtering and SSID turned off = 100% secure.Mseries3 wrote:...
Mac Filtering
Turned broadcasting off
...
Mac filtering does next to nothing since MAC addresses can be easily modified to get around them.
Not broadcasting your BSSID is recommended, but again, it can be enumerated once an attacker has gathered enough traffic.
WPA2 is going to be you're best saving grace. WPA (specifically WPA with tkip) has been cracked in a real-world scenario, however it is non-trivial and will only work in certain situations. Someone would really want to be out to get you for them to spend the time and effort it might take.
If you are really worried about your wireless, you could always run a linux box on your WIRED network with a free VPN server on it (such as FreeSwan) and then use a VPN tunnel over your wireless. That way, if you do get popped, they're still going to have to compromise your VPN endpoint to get anywhere.
Personally, lifes too short.. Just dont do anything too sensitive over your wireless, use WPA2 with a nice strong password (16 chars, alpha (upper and lower case)-numeric-specialchars) and stop worrying.
Not broadcasting your BSSID is recommended, but again, it can be enumerated once an attacker has gathered enough traffic.
WPA2 is going to be you're best saving grace. WPA (specifically WPA with tkip) has been cracked in a real-world scenario, however it is non-trivial and will only work in certain situations. Someone would really want to be out to get you for them to spend the time and effort it might take.
If you are really worried about your wireless, you could always run a linux box on your WIRED network with a free VPN server on it (such as FreeSwan) and then use a VPN tunnel over your wireless. That way, if you do get popped, they're still going to have to compromise your VPN endpoint to get anywhere.
Personally, lifes too short.. Just dont do anything too sensitive over your wireless, use WPA2 with a nice strong password (16 chars, alpha (upper and lower case)-numeric-specialchars) and stop worrying.