Wireless Security???

Hello All... I have not seen any threads dealing with software/practices on securing wireless networks and the computers on them? I was wondering if its a topic not best suited for this Forum or if it is just not a popular topic? I have a basic Wlan set up and am always looking for better ways to secure it! SO if anybody has any suggestions? ;

 

Hi ArchAngel_8,

I'm no specialist, but I found this very helpful: http://www.mail-archive.com/techtarget@lists.techtarget.com/msg00205.html

Hope it does the same for you,

Pieter

 

Hey Pieter.. Thanks for the link.. I'll give it a look. I started the thread because I noticed that the topic was rarely disscused... As far as I can tell. But I have all the basics down.. WPA, a strong shared key, a unique SSIDS, setting SSIDS not to broadcast, selective MAC addresses, ect. I was just curious if there were any Wireless Security Guru's out there? Pieter do You use a WLAN? I have a laptop so it is somewhat convinient for me!

 

Hi ArchAngel_8,

Yes, my laptop is wireless as well.
Using WEP and the Wireless Access Point only allows traffic from one MAC address. Since the entire network is behind a router I considered that sufficient.

Regards,

Pieter

 

Hey Pieter.....

I have "Blurred" my eyes over many a page and it seems WEP is most certinally "crackable". Aperentally there is a weakness in the algorithim in conjuntion with the shared key. So the "powers to be" have replaced WEP(Wired Equivilency Protocol) with WPA(WiFi Protected Acess).Aperentally this WPA is a "BETA" of sorts, filling in until the new stadard 802.11.iwhich is , from my understanding, the replacement for 802.11.g. is ratified. I have just recentally purchased and set-up my WLAN so I have Linksys products (802.11.g) that are WPA certified. But, after even more surfing..... It turns out even WPA is not "Toatally Secure"! I suppose since WiFi is a relativeally new technology, it will take some time to secure it especially with the "wireless" aspect, which wired LANS do not need to worry about! again I welcome any ideas for making my "airwaves" more Secure!..LOL

 

Hi ArchAngel_8,

As far as I understood right, one would have to intercept quite some traffic to crack the WEP key.
First of all, I think would notice some idiot with a Pringles tube parked out front and maybe I should change the key a little more often. But I really don't use the laptop that much to make it worth the trouble.

I'm thinking of replacing this computer with one with a wireless NIC and that would change the situation, so I will follow the rest of this thread with special interest.

Regards,

Pieter

 

Hey .. Well I guess its all relative..
I am to understand that the "wireless" part introduces numerus security concerns, as been the "hot" topic of the WiFi conventions. I have read that the US is rumored to be thinking of "regulating" wireless networks/products do to the security concerns and the amount of people setting up WLANS has increased substantially. I feel the same though.. I live in a rural area and i think i would pick-up any "WarDrivers" with "PRINGLES" cans parked out front..lol
Although, I understand in cities it is common for unsavory folk to steal bandwith and much more just on the basis of the proxsimity of the networks....

 

Hello ArchAngel_8

Where did you read that WPA is not secure? We are up on wireless security and have not read about anyone cracking WPA security.

Furthermore (if we do say so ourselves) you have a good set-up as it is good to

1)Change password (to some non-word code)
2)Change SSID (to some non-word code)
3)Disable SSID Broadcast
4)Change channels
5)Enable MAC filtering
6)Enable WPA encryption (using 21 or more characters (0-9 and a-f only) and which are not words)

Pieter - Have you not heard of MAC cloning? And BTW - three gentlemen from Berkeley, California have cracked WEP a while ago and the means to obtain the key is easily gotten after capturing a mere 5 million packets which is about 2 hours of heavy router traffic or 3-5 hours of lighter traffic.

Best wishes

 

Hi QSection....
Actually it was the weakness of the PSK that made WPA vaunerable...
But I also got the impression that WPA was so "new" that there may be more problems to come...
I have NO knowlage or indication that is true, but I am, as I said always looking for better ways to secure my network.....

 

You might be interested it the post's here concerning wireless security




http://www.wilderssecurity.com/showthread.php?t=17936

 

Modified to reflect the latest update thanks to ArchAngel_8

 

Hey Q... thanks Heres one link on the issue... its not the one I originally read but covers the same topic..

http://www.ecommercetimes.com/perl/story/32070.html

One other thing about PSK's is that I have read they must be genirated using the letters A-F and 1-9 . There is a name for this group of numbers but I forgot

 

Hexadecimal.

 

Hah! Now here it is! Thank you again ArchAngel_8.

 

Hey.. Q

I have AES selected as an encryption algorithim verses TKIP. I understand AES is more secure algorithim? Whats your opinion? and no problem for the info.. I am ecxited to be of assistance to the members of the forum. As I said in a previous post, I reside iin a somewhat, rural area. my internet conection is located in a corner of my home, so it is broadcasting, outside of my home. unfortunatally I cannot move my conection so I am concerned that the 50 or so feet that the connection is broadcasting outside my home is one of my main security issues. aside from that and the potential for MAC address "spoofing" I think I am ok

 

As to the AES vs. TKIP we will get to that later. For now, have you considered a reflector for your antennae to increase privacy? Please refer to this for an idea.

Let us know what you think.

 

Hi...

Well I am not sure I need to go to that yet? The corner in question is surrounded by woods, so although it is possible that someone coud sniff out my network from that direction, it is unlikely. Also, I went to the edge of my property and the signal is very weak near the tree line, so that is a posotive. I suppose people living in densly populated areas have a much greater risk of someone attempting to connect to their WLAN.