Wireless network security

sr71000 · May 30th, 2005, 11:26 PM

Hey guys...just a note this thread was started on May 30, 2005. If it's more than a year after that date, I'd suggest ignoring the data in this thread as there is probably much newer, more secure, and relevant information.

This thread will only touch upon the security options you should take but if you are interested, please check back as I am building a website about wireless security with much more information!

In order of effectivness is

1. WPA 2 (aes) - so far..unbreakable
2. WPA (tkip) - so far..also unbreakable
3. WEP - takes about 2 to 3 mins to crack with modern software but is included in this list as it does delay their access time and usually, with the abundance of open wireless networks...it's easier for them to just connect to another one.

there are many myth's however that will not help at all and only create problems.
These are things to avoid.

1. limiting the ip's your dhcp server hands out
2. mac address filtering (probably the world myth out there as mac filter is hell on earth of implement and maintain usually!
3. hiding your ssid (infact there are 5 total signals broadcast from your router...ssid is only one of them)
4. only using 802.11a or bluetooth because it's less popular
5. Placing your antenna and lowering the power so that it's harder to get a signal outside (you're just hurting yourself...hackers use high powered antenna and can probably access your router from a mile away while you have trouble only 200 ft away because of your now absolutely terrible signal!

I must give credit to my sources also. Most of this info came from here. Also, for great info about computer security and new programs I'd recommend checking out Windows Secrets, formally knows as Brian's Buzz.

skaines · May 31st, 2005, 07:22 AM

It is now recommmended by microsoft (http://support.microsoft.com/default...811427&sd=tech) and other sources that disabling/hidding SSID is not recommended. it may make the connection unstable. and all wireless connections will automatically select a wireless connection that broadcasts its SSID if there is one available.

sr71000 · May 31st, 2005, 06:33 PM

yup! used to do that crap....it's a royal pain in the rear. Just stick with either form of wpa if you can (or wep if it's all you have) and don't waste your time on all that other crap!

saltpeanuts · June 2nd, 2005, 04:34 AM

What about using wireless security software like SafetyNet at www.safetynet-pc.com. It seems pretty easy to me.

**GroundZero3** · June 2nd, 2005, 08:23 AM

SR71000 thanks for the updated thread.

Also another suggestion with the lower the power is to keep it in a centeral point in the house. Placing it by the window is an easy way for the signal to reach outside.

sr71000 · June 2nd, 2005, 11:56 AM

i think you misread my post gz. with the newer technology that many people can get their hands on now, such as stronger antenna or cantenna I can connect to the average network from much further away than the averge user. You can lower teh power and put the router in the dead center of your house so that if you take your laptop outside you can't get any signal yet I can still get a full connection from a few houses away. Lowering the signal or "hiding" the router to protect your signal is a foolish waste of time and the ONLY person you hurt is yourself with annoying dropped signals and slow connection speeds. Don't bother.

**GroundZero3** · June 2nd, 2005, 12:00 PM

oops misread

this is an issue with the school system we work out, we are in the process of enabling 802.1x certs to protect the wireless network.

We have alot of win98 laptops with older B products so WPA is out of the question. We really dont care if people sniff the wireless traffic as there is nothing really important going over the wireless

sr71000 · June 2nd, 2005, 12:02 PM

no prob. I used to do the same thing and it was a royal pain in the (well..you know where

lol). Since then i've found this stuff and researched it and stuff...just want to share the knowledge...spare some ppl from the hell i put myself through with terrible connections and stuff. lol.

_-_CwAiG_-_ · June 21st, 2005, 06:03 PM

Hi, I've got 54g PC card for my laptop, and works fine with WEP at home. Problem is at uni the protection is WPA2 with LEAP dynamic IP. My laptop finds the network, but there is no way of conecting even trying other peoples user name and password. I've been told I need a better card, but muy card does support WPA and LEAP so I don't know where the problem is. Any idea?

**GroundZero3** · June 21st, 2005, 06:17 PM

Cwaig please make a seperate thread asking your question