@Stem- Services? for Firewall

Hi Stem,

Can you clear up a few things for me?

In my Router Broadcast SSID and UPnP is enabled, should these be disabled? I was afraid to turn them off with out knowing if it could cause the Router to malfunction in any way.

Some months ago when I had ZA FW I disabled SSDP in windows services and my system went haywire. Is this because UPnP was still enabled in the Router?

If any of these need to be disabled in what order should it be done between the Router and Windows Services?

Universal Plug and Play Device Host is disabled in windows.

Thanks

 

My apologies for jumping in to a post addressed to someone else (Stem)
but i thought it was important for you to be aware of this

http://compnetworking.about.com/cs/wirelessproducts/qt/disablessidcast.htm

 

Wow, thanks Texcritter! Never seen this article before. I thought it was needed in order for the computer to communicate with the router.

I have a desktop hardwired to the router and the laptop being wireless. A couple of times my family members screwed up the internet connection where the wireless wasn't being detected and I had to remove the one that was in there and re-add it, so I'm just assuming, if this SSID is turned off and this happens again I would have to have all that information written down some where in order to add it again manually.

 

If you have ticked
Enable Wireless Router Radio
any wireless laptop configured to your network should have no problems connecting (providing they don't screw up again).

 

I checked my AirStation settings and the "Wireless Router Radio" is enabled.

SSID: Use AirStations Mac Address (0108025B94C6). This is a example.

 

for added security I also enable Turn Access Control On
this allows access only to the laptops configured to my network.

 

The only thing I could find about Access Control that is on is under SSID: Mac Address Access Control is enabled.

When I was looking around I found this:

 

In Wireless Settings there is a Setup Access List,
clicking on this takes me to a screen where I can enable Turn Access Control On
It also shows the names and mac addresses that are configured to my network

our routers probably do the same thing but differ in wording etc.

Can't comment on intrusion attacks

 

For Wireless it showed Mac Address Access Control enabled. You are probably right about the wording. I was looking for anything where Access Control was enabled, except mine has Mac Address in front of it.

 

No, no , no, no, keep SSID broadcast on. Turning it off does nothing for your security, and in some cases some things will have trouble connecting to the access point and decreased performance! MAC filtering does nothing as well, since a MAC address is easily spoofed since it is sent in the clear.

Instead, turn on WPA2 or WPA encryption, use a password the length of 63 random characters and numbers, then you are completely secure!

I would recommend turning uPnP(or however you capitalize it) OFF in your router, since it will allow applications to automatically forward ports past your router, and if malware sneaks through and opens a port automatically, you are in for a hurt of trouble.

Cheers,

Alphalutra1

 

Hi Alphalutral,

I have not made any changes at this point cuz I can't really remember which one I turned off*before (SSID or SSDP in windows) and I couldn't get a connection at all. The system was messed up.

I have WPA encryption with password. I also added a password to even get into the Air Station other than the default it came with.

I will disable this one. Besides games and P2P, what else uses UPnP?

 

I must say this statement goes against all the advice given in tutorials.
I will admit it will not prevent the professional hackers but it will make it
slightly harder and should stop most of the opportunists.

I will quote from one such tutorial

In a home Wi-Fi network, roaming is largely unnecessary and the SSID broadcast feature serves no useful purpose. You should disable this feature to improve the security of your WLAN. Once your wireless clients are manually configured with the right SSID, they no longer require these broadcast messages.

 

I would agree there are better ways of being more secure, disabling SSID is just one of many
albeit it may be useless in some peoples opinions
but I cannot see the need to enable something that is not required.

 

Peter2150

I've been having a good read of the posts on that forum and YES they
recommend leaving SSID enabled as per this quote

Do not disable the broadcast of the SSID. Modern hacking tools can easily discover a cloaked SSID

All I can say is it is very confusing for us guys at the lower end of the computer literacy tree.

But maybe thats why we become members of Forums such as Wilders.

 

I fully agree with both statements a 110%.

 

Hey thanks Pete,

I forgot about this forum.

 

Thanks for that info, it probably is a bit more than I personally need but I've picked up some useful information from that forum

 

Did Network Magic come with your router or you bought on your own?