homepage Welcome to WebmasterWorld Guest from 54.211.95.201
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / Hardware and OS Related Technologies / Webmaster Hardware
Forum Library, Charter, Moderator: open

Webmaster Hardware Forum

    
Setting Up Wireless Security
fiu88




msg:3073987
 7:55 pm on Sep 6, 2006 (gmt 0)

Hello...Thinking of going wireless for our pc's but am a bit concerned about security as we run e-com sites...
How secure is a wireless router? any extra particular measures that anyone has taken to ensure security?
Any feedback would be greatly appreciated...

 

DaveN




msg:3074546
 7:51 am on Sep 7, 2006 (gmt 0)

setup the route to only handle preset MAC addresses .. you will find the mac address in the your Network Connections in windows

Dave

kaled




msg:3074588
 9:02 am on Sep 7, 2006 (gmt 0)

I discovered recently that it's possible to fake/clone mac addresses.

Kaled.

jtara




msg:3075103
 5:18 pm on Sep 7, 2006 (gmt 0)

I discovered recently that it's possible to fake/clone mac addresses.

That's certainly possible. Most network adapters today have configurable MAC addresses. They have a built-in one, but it's possible to override it. In Windows, it can be as simple as using the control panel applet or notification area applet that came with the network adapter driver.

However, somebody would first have to know what MAC address to set. The router doesn't "advertise" the MAC addresses that it accepts, and they aren't sent over the air in the clear (i.e. without encryption) assuming that encryption is properly set-up.

lorax




msg:3075958
 11:40 am on Sep 8, 2006 (gmt 0)

IMHO - The folks most likely to bother with trying to gain access through your router - and have the skills to do it - aren't likely to bother with it unless there's a reasonable reward for their efforts. Your neighbors are more likely to try (if broadcast mode is enabled) but as was noted, they'd need to know your MAC address.

Moosetick




msg:3097725
 4:00 pm on Sep 26, 2006 (gmt 0)

WEP key encryption on $50 Linksys router can be cracked in less than a half hour.

Requiring specific MAC addresses adds security but they can also be grabbed from the air by someone who knows how to do it.

You are safe from the average person in your neighborhood if you are buying off the shelf wireless equiptment at the local computer store. You aren't so safe from a 17 year old neighbor with some time on his hands, moderate technical skills, and who considers cracking your wireless a fun challenge.

Captaffy




msg:3099857
 1:23 am on Sep 28, 2006 (gmt 0)

Use WPA for security, with a relatively long (~25 characters, but the more the better) random key. The only attack vector on WPA that I am aware of is a dictionary attack on poorly chosen keys. Make sure to change the key whenever someone leaves the company.

You could then also set it up to only accept a preset list of mac addresses, though that doesn't really add much security, for reasons already mentioned.

WEP is a joke. Don't use it.

steve




msg:3100551
 3:28 pm on Sep 28, 2006 (gmt 0)

1) Turn off network ID broadcasting (SSID)
2) Turn on WEP or WPA
3) Turn on MAC address control
4) Accept you've done all you reasonably can, that your network is as secure as it can be, but it can still be hacked by someone with the time, skills and inclination!

azazello




msg:3100732
 5:22 pm on Sep 28, 2006 (gmt 0)

0) Change the administrator password for your wireless router to something other than the default.
.
.
.
5) Ensure that your laptops / PCs only connect to your wireless router and not neighbouring unsecured networks.
6) If your router allows it, reduce the signal strength to operate in a more sensible range.
7) If you are still worried, there are some reasonably priced WLAN network monitoring devices, which can alert you to new wireless devices in your vicinity.
8) Send all of your cables to cable heaven.
9) Forget you ever heard the word hacker.
10) Pour yourself a drink, lean back in your sun lounger, relax and / or scrutinize your campaigns.

g1smd




msg:3120997
 1:51 pm on Oct 14, 2006 (gmt 0)

11) Get yourself a copy of NetStumbler to check out what else is around in your neighbourhood, if only so that you can then get your kit on a different channel to them.

Most people seem to leave their kit with default SSID, default channel, default username, and god knows what default else.

12) If all your kit uses only 11b or 11g or something else, then limit connections to just that one type.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Webmaster Hardware
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved