Wireless Security

[Malice]

I have really been investigating Wireless security as of late.

If you use Wireless Networking at home or at an office you need to address this because of the importance of your online identity.

If you have a Wireless Router you need to make sure you have enabled some sort of Encryption on your signal.

I used WEP (Wireless Encryption Protocol) for a little while until I really found out how insecure it is. Granted its better than nothing, I started using WPA (Wi-Fi Protected Access).

I use a Linksys Wireless Router to host my internet connection at home and just recently changed from WEP to WPA using the AES (Advanced Encryption Standard) which is significantly more secure than WEP and its supported whole-heartedly by Windows XP.

 

[jaguarr]

I use WPA2, MAC address restricted access control and preventing my wireless network from broadcasting itself so the average joe doesn't even know that it's there at all.

jag

 

[The Black Goo]

I have a linksys router, but it's not hooked up since my other computer burnt out (literally) but I'll be sure to remember that AES is more secure, thanks Malice.

 

[Badger]

Here's so info I posted in some other threads:

Don't skimp on the router, it needs to do these things: WPA/WPA2 encryption, MAC filtering, and be able to turn off the SSID broadcast.



If you have those things you'll be good to go.



1. Do not use the default IP scheme. Usually it's set to 192.168.0.xxx or 192.168.1.xxx.



Change it to something based off the schema below.



These are the IP schemes for use in Private(Home) Setup:

10.0.0.0 – 10.255.255.255

172.16.0.0 – 172.31.255.255

192.168.2.0 – 192.168.255.255



Be creative don't make it simple.



2. Be sure to change the password on the Router to a Strong Password. At least 8 characters long with a combo of Upper-case letters, lower-case letters, numbers, and symbols.



Again, creative and not simple, but easily remembered.



3. Turn on MAC filtering. Make sure you do this before securing the network with the steps 4-7, or it becomes much more difficult. If you have a newer router this should be easy. Most new router when setting up MAC filtering will capture the MAC addresses of those components already on the network, so you simple have include them by tick box or whatever the GUI for your router uses. Otherwise, you will have to manually find the MAC on each address and type them into the router.



4. Disable the DHCP on the Router, this automatically assigns IP adresses to any computer on the network that dynamically drawing IP's. You will have to manually put in addresses in all wireless/wired components.



5. Turn off SSID broadcasting and change it to something other than the Router's make. This doesn't have to super tricky, just make sure it's not broadcasted.



6. Setup your WPA/WPA2 encryption. It'll ask for a Passcode, be creative and not simple. You will have to enter this Passcode in your wireless enabled devices, make sure they are WPA ready. If they are not you may need to use WEP 128key for your router and adaptors. WEP is less secure and harder to setup because you have to remember a long series numbers and leters, so stay away if you can. If they don't have WEP, buy new adaptors.



7. Go around to your adaptors/components are reconfigure accordingly.



That's about as secure as a home network can get without turning off or changing ports, and that's a whole other ball of wax.



Hope this Helps.

 

[MichaelDigital]

The simple rule to securing a wireless network is to enable WPA or WPA2 and use any (pseudo) random passphrase, like the ones you can generate here (it's client-side Javascript so the site won't see the passphrases you generate).

The best part is you won't even have to remember it. Just save it onto something like a USB drive, paste it into each machine and that's it. It is not practicable for any person or machine to brute-force guess a 63 character passphrase, but any human-memorable password is going to be significantly easier to crack.

Nothing else is then needed, not even MAC filtering. With a 63 character randomly generated passphrase, having MAC filtering is like putting chewing gum on the hinges of a safe already protected by the world's best lock. Or something like that.

 

[black_dust]

Im on my neighbours wifi right now.... dope left it unlocked (also his shared folders have some odd porn in them)