wireless security ?

WinExtra Community Forums » Software, Hardware & Web Help Section » Hardware Help

wireless security ?

Started 3 years ago by moosepucky

There are 47 posts from 10 people

Latest reply from Pierre

(no related topics found)

Tags: No tags yet.

12…4 Next »

moosepucky

offline
Member

I picked up a netgear RangeMax Next router (WNR834B v2).

Since this has a fairly long range I want to make sure I lock it down as tight as I can.

I have set:

Changed default password
NOT brodcast SSID
set to WPA2-PSK [AES] (10 digit random alpha/numeric Passphrase)
Access control is ON and each remote device listed by name/MAC addy

Did I miss anything?
Messes made. Jobs left undone. FREE estimates.

Posted 3 years ago #
xcarlosx

offline
Member

Sounds pretty good. You could periodicaly scan logs as a check for any compromises not to mention the IP owner being responsible for the net surfing. Mine had an option to email me the log files.
No sweat G.I., pretty soon payday.

Posted 3 years ago #
dontor

offline
Member

Consider assigning static ip to each computer/device, set your lan range to include only that range.
Politicians and diapers have one thing in common. They both should be changed regularly and for the same reason.

Posted 3 years ago #
Pierre

offline
Member

dontor wrote:Consider assigning static ip to each computer/device, set your lan range to include only that range.

Good idea. And if you assign static IPs, you can disable the DHCP server altogether.
"If those who say bad things about me knew what I think of them, they'd say even worse." (Sacha Guitry)
------------------------------------------------
"Earth is the cradle of mankind. Nobody can live in the cradle forever" (Constantin Tsiolkovski)

Posted 3 years ago #
moosepucky

offline
Member

dontor wrote:Consider assigning static ip to each computer/device, set your lan range to include only that range.

Isn't this the same as using the built in "access control" feature on the router?

Posted 3 years ago #
Pierre

offline
Member

moosepucky wrote:Isn't this the same as using the built in "access control" feature on the router?

http://www.turtle-web.com/misc/accessControl.gif

No it isn't. The "access control" feature prevents unknown wireless NICs from connecting to the network, whether they use a fixed IP or DHCP (it doesn't apply to wired connections, of course). Turning off DHCP prevents road warriors from trying to access your network unless they know your LAN address range â€“ and with access control, they can't anyway, unless you're stupid enough to use WEP or no encryption. 2 years ago I saw a demo where a guy equipped with a Linux laptop penetrated a wireless LAN with WEP encryption in 7 minutes flat, while explaining what he was doing. His computer cloned, then superseded, a MAC address listed by access control. Uninterrupted, he could have done it in under 5 minutes. With today's processors, the same could be done in under 3 minutes. So far WPA2 is safe from such intrusions.

Posted 3 years ago #
xcarlosx

offline
Member

Great information. Would make a nice tutorial.

Posted 3 years ago #
~David~

offline
Member

xcarlosx wrote:Great information. Would make a nice tutorial.

You'll probably need to fullscreen this to get any sense..

http://www.naden.de/blog/bbvideo-bbpress-video-plugin -->

[+] Embed the video | Video Download Get the Video Player

Text-Link:

HTML-Link:

BB-Code:

Embed:

Posted 3 years ago #
Pierre

offline
Member

~David~ wrote:You'll probably need to fullscreen this to get any sense..

(URL removed)

scary stuff.

It's too much out of focus in full screen, but it does look a lot like that demo I saw, except it doesn't show the start of it (the hunt for WEP-encrypted wireless networks in the vicinity) nor the detection of "allowed" MAC addresses and the taking over of one.

Posted 3 years ago #
xcarlosx

offline
Member

~David~ wrote:You'll probably need to fullscreen this to get any sense..

scary stuff.

There are some clearer, easier ones there. That brings up an interesting question. Is it a crime, or more of a crime to crack the wep and use, than to use an unsecured net? How could they know if the tools were elsewhere (different computer)?

Posted 3 years ago #
Dan

offline
Member

One thing to consider, there are several bills in motion to make the owner of the network responsible for anything illegal that may be done using their network. If this ends up going through, beware the uninvited guest, he may cost you a ton of time and money.
"The American people will never knowingly adopt socialism, but under the name of liberalism, they will adopt every fragment of the socialist program until one day America will be a socialist nation without ever knowing how it happened."

Norman Mattoon Thomas - American Socialist Presidential nomi

Posted 3 years ago #
Pierre

offline
Member

Dan wrote:One thing to consider, there are several bills in motion to make the owner of the network responsible for anything illegal that may be done using their network. If this ends up going through, beware the uninvited guest, he may cost you a ton of time and money.

This is just as idiotic as making you responsible for the misdeeds of a burglar who breaks into your home, then kills someone with a knife taken from your kitchen. The lawmakers have absolutely no idea what they're talking about, and it's your fault: you elected them

Posted 3 years ago #
Garry

offline
Member

~David~ wrote:You'll probably need to fullscreen this to get any sense..

scary stuff.

whats really scary is how well your avatar dances in time to the music in that clip
Prayer, [noun] - the act or practice of telling God that his infallible plan sucks and that you demand changes ASAP

Posted 3 years ago #
codeworks

offline
Member

WEP cracking is incredibly easy with distro's like Backtrack2, I've done it before to prove a point to my mum. Took a bit more than just a few minutes though, the other guys are experienced

Posted 3 years ago #
moosepucky

offline
Member

I have been unable to get the new (and getting older) laptop to connect to my wireless network for 2 months now. I gave up for a long time but I figured I had better get it working before it becomes obsolete.

It is running windows vista business 32 bit and I cannot find out how to get the mac address so that I can add this to the list of allowed connections.

I still cannot connect to share files with a network cable either. I can pass through the router and get online but I cannot see any of the other computers on the network and none of them can see the new computer (thinkpad) so can't install any software. BUT it is a nice light door stop

Posted 3 years ago #