Thread: Wireless network Heads up
August 13th, 2003, 11:48 PM #1
Wireless network Heads up
With wireless networks becoming even more popular and more affordable, more people are using them to make networking easier in there life. Whether its to share off internet, share off movies and music or to play games this notice is for the people who are running wireless networks. Especially in close housing areas and apartments. LOCK THEM DOWN. I was driving to work this morning with my laptop and antenna i found 28 accesspoints, 4 were only protected and this was only in a 1 mile radius of my house. And with the right tools people will be able to log right into your network (thank you winxp) and monitor everything you are doing.
Please take a minute to look over these links. Post any questions in this thread about your concern with wireless networking or solutions. We have plenty of members who know there stuff.
it doesnt take long to set up and is really easy to do.
things you can set up.
1. WEP encryption. (Most new G products are coming out with WPA. will add more info about)
2. Mac address Filtering. Limits what wireless network cards can access the wireless accesspoint/router
3. Disable SSID (while wep is on only machines with the right WEP key will be able to see your accesspoint/router)
4. Limit the ip addresses your router/accesspoint gives out. if you have 5 machines on your network, allow only the router to give out 5 ip addresses.
For people who are using G wireless routers and some B standards will be able to use WPA:
Overview of the WPA Wireless Security Update in Windows XP
WPA Wireless Security for Home Networks
WPA wireless security offers multiple advantages over WEP
Remeber tho, WPA has its flaws just like WEP. Nothing is full proof
Please feel free to post any links you have on wireless networks or pertaining to it.
August 14th, 2003, 12:10 AM #2
i've heard about this "bandwidth stealing" i think its called something like Hard Chaulking everyone should look out theres no telling what may happen.
August 14th, 2003, 12:13 AM #3
War Driving is where you drive around looking for wireless networking (it is legal to do this, its illegal to access a open network that you dont have premission to be on)
war chalking is signs put on the sidewalk or wall to show a open or closed ap. I honestly really dont hear much about people doing this.
August 14th, 2003, 12:19 AM #4
Does anyone know how to setup MAC Filtering? I have a BEFW11S4 router and I was playing around with the wireless settings and found an option called "Mac Address Filtering" (imagine that..). Ne ways, I proceeded to type in the MAC address of my sisters wireless card, and the second I hit the "enable" checkmark next to it, she lost her connection and couldnt reconnect. Anyone have any idea why?
maybe I should put this in a seperate thread?
August 14th, 2003, 12:23 AM #5
August 14th, 2003, 12:28 AM #6
Stupid me, works now! Thx for the link
(or at least i think it works, I havent heard her screaming downstairs yet)
August 14th, 2003, 12:36 AM #7
lol what did you do different this time? Do you have wep enabled on your network also?
August 14th, 2003, 12:41 AM #8
Anyone got any advice for me on adding wireless to my existing wired LAN?
I have a IPCop linux router/firewall which priotects my wired LAN, and allows reasonably secure connection to the internet, as well as having a DMZ zone for my servers.
I was originally just going to add a WAP to the LAN, but am now wondering if I can add another linux router with a wireless card in it instead of using a hardware WAP (got plenty of old spare boxes )
Anyone done this? Which linux router distro did you use? Which wirelss PCI card? Any other pointers?
PS Hope this post fits here GZ3. Otherwise I'll start a new thread.I don't like sigs on forums like this.
August 14th, 2003, 12:42 AM #9
Wireless would definetly be cool, but it's expensive compared to my wired 100mb LAN, and my freinds don't have their own cards.
August 14th, 2003, 12:47 AM #10
atuaclly mick im interesting in this too. i talked to some friends and they mentions something about having the ap hooked into the linux box (having two nics) then having the linux box hooking to the wired lan. he explained it to me, let me find any info on what he was talking about
maybe this thread could help?
this thread is dedicated to anyone and there wireless protection questions.
(fixed it! you are no longer ignored mick )
August 14th, 2003, 12:52 AM #11
haha, 28 access points in a 1 mile radius? where I live, we'd be lucky to have one every 280 miles, lol. (*sigh*)- om3ga -
August 14th, 2003, 12:57 AM #12
Virgina Beach a popular tourist area during the summer is a breeding ground for open wireless networks on business lines!
August 14th, 2003, 01:16 AM #13
Hmm... I could just add a WAP to my DMZ, and it would be unable to connect to the rest of the LAN, so would be pretty secure. But I would like to have access to the LAN for file services, though.
I already have 3 NIC's in my IPCop box: WAN, LAN, DMZ, and I don't think I can (easily, at any rate) and another LAN NIC. So I might see if I can make a WAP using a linux router/firewall distro and a wireless PCI card. Then I can hopefully use both WEP and the firewall rules to make it securer, and plug it straight into a LAN switch.
Just what linux router distro would be best I'm not sure of yet. Someone has suggested ClarkConnect in another forum, and they use it with a specific PCI wireless card, so I may give that a go. Not sure how it'll work yet, but will give it a go.
MickI don't like sigs on forums like this.
August 14th, 2003, 01:17 AM #14
clarkconnect is great software. the guy at my work who talked about the linux box suggestion clarkconnect a while back when i wanted to play around with software firewalls.
August 14th, 2003, 01:22 AM #15Originally posted by om3ga
haha, 28 access points in a 1 mile radius? where I live, we'd be lucky to have one every 280 miles, lol. (*sigh*)
[i] Originally posted by GroundZero3[i] lol what did you do different this time? Do you have wep enabled on your network also?
August 14th, 2003, 01:26 AM #16
Bah! ClarkConnect only supports wireless in it's Office version, which is not free anymore. I'll have to look at either e-smith (Mitel) or some other free firewall distros and see what I can find.
Otherwise I'll create another IPCop box and see if I can get a wireless card configured.
MickI don't like sigs on forums like this.
August 14th, 2003, 02:32 PM #17
- Join Date
- Aug 2002
Mick, I just added a wireless AP to a box running RH9 and it works great. What I did is add another NIC to the box (for a total of 3), and run a crossover cable to the AP. The first card is hooked into the network at large and the second is connected to a switch. I could've hooked the AP into the switch directly, but wanted to have the firewall as secure as possible, which means restricting traffic by card as well as by IP.
I have an SMC 802.11a AP and card and when I enable the MAC address filtering, the card will connect, but only if within 20 feet or so. Afterward, it shows as available and asks for the WEP key when trying to connect, but doesn't connect and repeats the process over again.About 5% of the people in the world can't think.
Another 5% can think and do.
The remaining 90% can think, but don't.
August 14th, 2003, 02:37 PM #18
hope that DVNT1 will have some interesting links to post
thanks for the info ruler i might try this out
August 14th, 2003, 04:38 PM #19
most tips are about the same but here are some slightly different flavors...
http://www.pcmag.com/article2/0,4149,858787,00.asp (more geared toward office environment)
August 14th, 2003, 07:50 PM #20
Well, after lots of reading last night on making a wireless access point with linux, I've decided that I will stick with buying a WAP and plugging it into my LAN.
The main reason for my decision is the lack of really solid linux support for wireless in the better configured firewall distros, which would be my main reason for making a linux WAP. Adding support myself may introduce holes, so that's not the best option, IMO.
IPCop may have wireless support in the next version, so I may try it then. But in the meantime, I'll buy a WAP and plug it into the LAN. Because I want access to my file server, I can't easily just plug it into my DMZ, so I'll plug into the LAN and try to configure security as best I can.
Nice links, DVNT1! Thanks!
MickI don't like sigs on forums like this.
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)