homepage Welcome to WebmasterWorld Guest from 54.197.108.124
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Subscribe to WebmasterWorld
Visit PubCon.com
Home / Forums Index / Hardware and OS Related Technologies / Smartphone, Wireless, and Mobile Technologies
Forum Library, Charter, Moderators: bakedjake

Smartphone, Wireless, and Mobile Technologies Forum

    
Securing my Wi-Fi Network
I think it's time
stuntdubl




msg:932078
 10:03 pm on Nov 1, 2003 (gmt 0)

I keep hearing bad things about unsecure wi-fi networks, and I really don't want to become a statistic.

I've been putting it off with my network because configuration is always a pain in the butt, and it seems to give me enough trouble as is.

Anyhow...I think I'm ready to take the time and do it.

I'm using an SMC EZ wireless card in my laptop, and a SMC WAP behind a Linksys router with a cable modem.

I'm not real sure where to start as I don't really think I did ANY configuration on the WAP.

I'm kinda in the dark here. Can someone give me a bit of background?

 

jamesa




msg:932079
 10:59 pm on Nov 1, 2003 (gmt 0)

Log into your admin and enable encryption using WEP. That'll encypt the data in transit, and if it's like mine (Airport) it will also enable password only access to the wireless network.

Xoc




msg:932080
 9:29 am on Nov 2, 2003 (gmt 0)

My linksys hub will also allow you to specify the MAC addresses of the devices it will recognize. If you only have a few specific devices that connect to the hub, I strongly recommend using it, because even 128 bit WEP security has some known flaws where a day or so of traffic analysis can compromise it. Even MAC addresses can be spoofed, but it becomes one more step the hacker has to go through.

I also recommend putting a firewall between your hub and the rest of your network.

ogletree




msg:932081
 5:30 pm on Nov 30, 2003 (gmt 0)

WAP is not a good thing to turn on. I creates overhead on the wireless network and can slow it down. Anybody that wants to break that can and anybody that can't well can't. Even if somebody can break it all they can do is see your traffic. It would be easier to break into your house and steal your computer. The way I lock them down is change the SSID to some random alpha numeric ID. Then turn off the beacon so that the SSID is not broadcasted. Most wireless access points have the ability to lock down access by MAC address. That is more than enough to keep 99.9% of people off. If somebody can break that and wants to you got bigger problems. If you are just really paranoid you can use an all CISCO solution they are one of the few companies that can defeat the whole access point spoof thing. Also you can get 3rd party solutions that encrypt all network traffic. That is expensive.

rogerd




msg:932082
 1:55 am on Dec 4, 2003 (gmt 0)

A couple of other thoughts - instead of using DHCP, assign static IP addresses to your devices. And don't forget to change the default password on your router admin console to something harder to break.

Restricting MAC addresses is good, as is changing the SSID. On my network, though, I found that my wireless cards couldn't connect to the access point when I turned off the broadcast SSID. I ended up having to turn it back on.

ogletree




msg:932083
 8:45 pm on Dec 5, 2003 (gmt 0)

If you turn off broadcast you just have to make sure you put the exact SSID when you set up the client card. It is case sensitive.

rogerd




msg:932084
 8:56 pm on Dec 5, 2003 (gmt 0)

I was careful about that, ogletree, & it still didn't work. I did a bit of research on the Linksys & Microsoft knowledgebases and apparently there's a bug that affects some systems - they won't connect to an access point with a hidden SSID.

I gather that serious wireless hackers aren't slowed down too much by a hidden SSID anyway, so I decided not to spend more time troubleshooting it. I'm mainly worried about the random neighbor browsing my network, and the other precautions should take care of that.

ogletree




msg:932085
 9:13 pm on Dec 5, 2003 (gmt 0)

I have set up about 5 linksys routers and acces points with XP and Pocket PC and have never had a problem with hidden SSID.

bill




msg:932086
 6:07 am on Dec 7, 2003 (gmt 0)

apparently there's a bug that affects some systems - they won't connect to an access point with a hidden SSID.
I've seen this on some XP machines. Sometimes you can get around it by connecting to a visible SSID and then turning the SSID off. If you have trouble connecting again it sometimes helps to reenable the SSID broadcast for a few minutes.
Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Smartphone, Wireless, and Mobile Technologies
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved