Welcome to WebmasterWorld Guest from 54.197.94.141

Forum Moderators: open

Message Too Old, No Replies

Setting Up Wireless Security

   
7:55 pm on Sep 6, 2006 (gmt 0)

10+ Year Member



Hello...Thinking of going wireless for our pc's but am a bit concerned about security as we run e-com sites...
How secure is a wireless router? any extra particular measures that anyone has taken to ensure security?
Any feedback would be greatly appreciated...
7:51 am on Sep 7, 2006 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



setup the route to only handle preset MAC addresses .. you will find the mac address in the your Network Connections in windows

Dave

9:02 am on Sep 7, 2006 (gmt 0)

WebmasterWorld Senior Member kaled is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I discovered recently that it's possible to fake/clone mac addresses.

Kaled.

5:18 pm on Sep 7, 2006 (gmt 0)

WebmasterWorld Senior Member jtara is a WebmasterWorld Top Contributor of All Time 5+ Year Member



I discovered recently that it's possible to fake/clone mac addresses.

That's certainly possible. Most network adapters today have configurable MAC addresses. They have a built-in one, but it's possible to override it. In Windows, it can be as simple as using the control panel applet or notification area applet that came with the network adapter driver.

However, somebody would first have to know what MAC address to set. The router doesn't "advertise" the MAC addresses that it accepts, and they aren't sent over the air in the clear (i.e. without encryption) assuming that encryption is properly set-up.

11:40 am on Sep 8, 2006 (gmt 0)

WebmasterWorld Senior Member lorax is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



IMHO - The folks most likely to bother with trying to gain access through your router - and have the skills to do it - aren't likely to bother with it unless there's a reasonable reward for their efforts. Your neighbors are more likely to try (if broadcast mode is enabled) but as was noted, they'd need to know your MAC address.
4:00 pm on Sep 26, 2006 (gmt 0)

5+ Year Member



WEP key encryption on $50 Linksys router can be cracked in less than a half hour.

Requiring specific MAC addresses adds security but they can also be grabbed from the air by someone who knows how to do it.

You are safe from the average person in your neighborhood if you are buying off the shelf wireless equiptment at the local computer store. You aren't so safe from a 17 year old neighbor with some time on his hands, moderate technical skills, and who considers cracking your wireless a fun challenge.

1:23 am on Sep 28, 2006 (gmt 0)

10+ Year Member



Use WPA for security, with a relatively long (~25 characters, but the more the better) random key. The only attack vector on WPA that I am aware of is a dictionary attack on poorly chosen keys. Make sure to change the key whenever someone leaves the company.

You could then also set it up to only accept a preset list of mac addresses, though that doesn't really add much security, for reasons already mentioned.

WEP is a joke. Don't use it.

3:28 pm on Sep 28, 2006 (gmt 0)

10+ Year Member



1) Turn off network ID broadcasting (SSID)
2) Turn on WEP or WPA
3) Turn on MAC address control
4) Accept you've done all you reasonably can, that your network is as secure as it can be, but it can still be hacked by someone with the time, skills and inclination!
5:22 pm on Sep 28, 2006 (gmt 0)

5+ Year Member



0) Change the administrator password for your wireless router to something other than the default.
.
.
.
5) Ensure that your laptops / PCs only connect to your wireless router and not neighbouring unsecured networks.
6) If your router allows it, reduce the signal strength to operate in a more sensible range.
7) If you are still worried, there are some reasonably priced WLAN network monitoring devices, which can alert you to new wireless devices in your vicinity.
8) Send all of your cables to cable heaven.
9) Forget you ever heard the word hacker.
10) Pour yourself a drink, lean back in your sun lounger, relax and / or scrutinize your campaigns.
1:51 pm on Oct 14, 2006 (gmt 0)

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



11) Get yourself a copy of NetStumbler to check out what else is around in your neighbourhood, if only so that you can then get your kit on a different channel to them.

Most people seem to leave their kit with default SSID, default channel, default username, and god knows what default else.

12) If all your kit uses only 11b or 11g or something else, then limit connections to just that one type.

 

Featured Threads

Hot Threads This Week

Hot Threads This Month