Wireless Security???

Discussion in 'other security issues & news' started by ArchAngel_8, Jan 5, 2004.

Thread Status:
Not open for further replies.
  1. ArchAngel_8

    ArchAngel_8 Registered Member

    Joined:
    Dec 25, 2003
    Posts:
    89
    Location:
    US
    Hello All... I have not seen any threads dealing with software/practices on securing wireless networks and the computers on them? I was wondering if its a topic not best suited for this Forum or if it is just not a popular topic? I have a basic Wlan set up and am always looking for better ways to secure it! SO if anybody has any suggestions? :D ;
     
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,332
    Location:
    Netherlands
    Hi ArchAngel_8,

    I'm no specialist, but I found this very helpful: http://www.mail-archive.com/techtarget@lists.techtarget.com/msg00205.html

    Hope it does the same for you,

    Pieter
     
  3. ArchAngel_8

    ArchAngel_8 Registered Member

    Joined:
    Dec 25, 2003
    Posts:
    89
    Location:
    US
    Hey Pieter.. Thanks for the link.. I'll give it a look. I started the thread because I noticed that the topic was rarely disscused... As far as I can tell. But I have all the basics down.. WPA, a strong shared key, a unique SSIDS, setting SSIDS not to broadcast, selective MAC addresses, ect. I was just curious if there were any Wireless Security Guru's out there? Pieter do You use a WLAN? I have a laptop so it is somewhat convinient for me! :p
     
  4. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,332
    Location:
    Netherlands
    Hi ArchAngel_8,

    Yes, my laptop is wireless as well.
    Using WEP and the Wireless Access Point only allows traffic from one MAC address. Since the entire network is behind a router I considered that sufficient.

    Regards,

    Pieter
     
  5. ArchAngel_8

    ArchAngel_8 Registered Member

    Joined:
    Dec 25, 2003
    Posts:
    89
    Location:
    US
    Hey Pieter.....

    I have "Blurred" my eyes over many a page and it seems WEP is most certinally "crackable". Aperentally there is a weakness in the algorithim in conjuntion with the shared key. So the "powers to be" have replaced WEP(Wired Equivilency Protocol) with WPA(WiFi Protected Acess).Aperentally this WPA is a "BETA" of sorts, filling in until the new stadard 802.11.iwhich is , from my understanding, the replacement for 802.11.g. is ratified. I have just recentally purchased and set-up my WLAN so I have Linksys products (802.11.g) that are WPA certified. But, after even more surfing..... It turns out even WPA is not "Toatally Secure"! I suppose since WiFi is a relativeally new technology, it will take some time to secure it especially with the "wireless" aspect, which wired LANS do not need to worry about! :rolleyes: again I welcome any ideas for making my "airwaves" more Secure!..LOL
    :cool:
     
  6. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,332
    Location:
    Netherlands
    Hi ArchAngel_8,

    As far as I understood right, one would have to intercept quite some traffic to crack the WEP key.
    First of all, I think would notice some idiot with a Pringles tube parked out front ;) and maybe I should change the key a little more often. But I really don't use the laptop that much to make it worth the trouble.

    I'm thinking of replacing this computer with one with a wireless NIC and that would change the situation, so I will follow the rest of this thread with special interest. :)

    Regards,

    Pieter
     
  7. ArchAngel_8

    ArchAngel_8 Registered Member

    Joined:
    Dec 25, 2003
    Posts:
    89
    Location:
    US
    Hey .. Well I guess its all relative..
    I am to understand that the "wireless" part introduces numerus security concerns, as been the "hot" topic of the WiFi conventions. I have read that the US is rumored to be thinking of "regulating" wireless networks/products do to the security concerns and the amount of people setting up WLANS has increased substantially. I feel the same though.. I live in a rural area and i think i would pick-up any "WarDrivers" with "PRINGLES" cans parked out front..lol :p
    Although, I understand in cities it is common for unsavory folk to steal bandwith and much more just on the basis of the proxsimity of the networks.... :'(
     
  8. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    771
    Location:
    Headquarters - London & Field Offices -Worldwide
    Hello ArchAngel_8

    Where did you read that WPA is not secure? We are up on wireless security and have not read about anyone cracking WPA security.

    Furthermore (if we do say so ourselves) you have a good set-up as it is good to

    1)Change password (to some non-word code)
    2)Change SSID (to some non-word code)
    3)Disable SSID Broadcast
    4)Change channels
    5)Enable MAC filtering
    6)Enable WPA encryption (using 21 or more characters (0-9 and a-f only) and which are not words)

    Pieter - Have you not heard of MAC cloning? And BTW - three gentlemen from Berkeley, California have cracked WEP a while ago and the means to obtain the key is easily gotten after capturing a mere 5 million packets which is about 2 hours of heavy router traffic or 3-5 hours of lighter traffic.

    Best wishes
     
  9. ArchAngel_8

    ArchAngel_8 Registered Member

    Joined:
    Dec 25, 2003
    Posts:
    89
    Location:
    US
    Hi QSection....
    Actually it was the weakness of the PSK that made WPA vaunerable...
    But I also got the impression that WPA was so "new" that there may be more problems to come... :rolleyes:
    I have NO knowlage or indication that is true, but I am, as I said always looking for better ways to secure my network.....
     
  10. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    You might be interested it the post's here concerning wireless security




    http://www.wilderssecurity.com/showthread.php?t=17936
     
  11. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    771
    Location:
    Headquarters - London & Field Offices -Worldwide
    Modified to reflect the latest update thanks to ArchAngel_8
     
  12. ArchAngel_8

    ArchAngel_8 Registered Member

    Joined:
    Dec 25, 2003
    Posts:
    89
    Location:
    US
    Hey Q... thanks :D Heres one link on the issue... its not the one I originally read but covers the same topic..

    http://www.ecommercetimes.com/perl/story/32070.html

    One other thing about PSK's is that I have read they must be genirated using the letters A-F and 1-9 . There is a name for this group of numbers but I forgot o_O
     
  13. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    771
    Location:
    Headquarters - London & Field Offices -Worldwide
    Hexadecimal. :)
     
  14. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    771
    Location:
    Headquarters - London & Field Offices -Worldwide
    Hah! Now here it is! Thank you again ArchAngel_8.
     
  15. ArchAngel_8

    ArchAngel_8 Registered Member

    Joined:
    Dec 25, 2003
    Posts:
    89
    Location:
    US
    Hey.. Q

    I have AES selected as an encryption algorithim verses TKIP. I understand AES is more secure algorithim? Whats your opinion? and no problem for the info.. I am ecxited to be of assistance to the members of the forum. As I said in a previous post, I reside iin a somewhat, rural area. my internet conection is located in a corner of my home, so it is broadcasting, outside of my home. unfortunatally I cannot move my conection so I am concerned that the 50 or so feet that the connection is broadcasting outside my home is one of my main security issues. aside from that and the potential for MAC address "spoofing" I think I am ok o_O
     
  16. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    771
    Location:
    Headquarters - London & Field Offices -Worldwide
    As to the AES vs. TKIP we will get to that later. For now, have you considered a reflector for your antennae to increase privacy? Please refer to this for an idea.

    Let us know what you think.
     
  17. ArchAngel_8

    ArchAngel_8 Registered Member

    Joined:
    Dec 25, 2003
    Posts:
    89
    Location:
    US
    Hi...

    Well I am not sure I need to go to that yet? The corner in question is surrounded by woods, so although it is possible that someone coud sniff out my network from that direction, it is unlikely. ;) Also, I went to the edge of my property and the signal is very weak near the tree line, so that is a posotive. I suppose people living in densly populated areas have a much greater risk of someone attempting to connect to their WLAN.
     
Loading...
Thread Status:
Not open for further replies.