Need wireless home network security advice
 

How do you secure your network at home? I noticed that I'm picking up two other networks while sitting in my dining room. Do you use a third party software like Norton Internet Security or are there settings in IE options I should use? Thanks.

I came across this today, and plan on implementing it myself...

http://www.sfgate.com/cgi-bin/article.cgi?file=/c/a/2005/03/14/BUG39BO6J51.DTL

You want to do it on your wireless router. If your hardware supports it, use WPA (not wep), if not, use WEP wtih a complex key. Turn off broadcasting your SSID. If you only use one or two wireless devices, lock down your router to only accept connections from their MAC addresses.

That's what I did. I have one wireless card and my router is set up to only accept connections from that card. I'm also only using a "B" router, so the signal doesn't even reach the street (or my garage :()

Picking up other networks doesn't mean YOUR network is compromised. It just means the other networks are broadcasting (and possibly not secured). You already have WEP/WAP enabled and restricted access by MAC address. Just monitor regularly and don't worry - be aware.

Yep - that's the key. Regularly check the logs of the router for any suspicous websites, and check the 'attached devices' list.

In a area where there are lots of wireless routers in use, all you need to do is be the least easiest system to crack. IE: If someone else is running an unprotected network near you, and you're network is protected, chances are that other network will be hacked - not yours.

-Z-man.

How exactly do you hack into someone's computer using their wireless? I don't know enough of how this stuff works to know how people could get in....

Chris, what's your wireless router? Chances are it will have its security software and management control panel built in.

We use a belkin pre-N router for the office and it has great security/controls... all browser based.

Quite easy - if you have a wireless card in your PC (or MAC), you can view what wireless networks are out there. (A list of names of the wireless networks will come up) If there is no password on a network, it is as simple as clicking on the network name, and voila, you're in. Now all you need to do is connect to the other PC's that are connected to the network (via network connections, file sharing...etc) and hack away. If a person didn't lock their network, chances are their file sharing options are wide open too.

-Z.

Steve,

I travel for a living. Recently went to Chicago and the WiFi in the hotel was not working. I fired up the laptop and did a search and found no less than 6 WiFi networks in the area. Logged onto one of them that was not secured and downloaded my emails.

I am not a hacker but if I need access and there is a WiFi network around that is not secured I will use it. Most times its another hotel or business who has not secured their system.

If someone wants to get into another company or persons computer, if they have a unsecured WiFi network, thats a backdoor for a hacker. All of my WiFi system is secured with WEP 128 encription but many people just take the unit out of the box, plug it in and start using it.

The default password for most of them is "1234" and the hackers know this. Its listed on the support website for all of the routers/switch's firms and if someone has not changed the info its easy to get in.

JoeA

One thing to be careful of using other peoples connections is that they can sniff your traffic. And things like POP3 and IMAP mail send usernames/passwords in plain text.

When I use an "open" wireless - hotel, someone elses neighbors, etc - I just ssh to my home machine and tunnel everything over that encrypted connection. Cheap man's way of having a VPN.

I've never understood this hacking thing. Using a network connection is very different from seeing files on anothers computer, right?

I have a hard enough time sharing files between W2K and WXP machines... And I know the passwords.

Does anyone know how to hack into another machine (assuming the entire system isn't opened to share with no passwords enabled)?

Is it as easy as the security people like to make it sound (in order to get you to buy a product)?

- Skip

turn off ssid broadcast, no password, mac address specific. Or use ssh keys.

I wrote a paper on wireless security recently, and I've worked on the security team at the Cisco Technical assistance center.

Like he said, use WPA if your equipment supports it. WEP can be hacked by anyone with some easily downloaded tools and directions from the internet in less than 15 minutes regardless of how complex the key is.

Also, turning off your SSID broadcast doesn't slow someone down that wants to get on your network. It will only make it more difficult for you to get on.

Setting your network up so that only your MAC address can get on will also not keep anyone down. They will just spoof your MAC which is easy to find.

There are two things to consider here. Are you worried about someone around you or their teenage kid hacking into your network to see what they can do or are you worried about your neighbor ending up using your network connection? If it's the second then some of these other steps will help with that, but they won't do anything for the local hoodlum that is trying to see if he can get your stuff.

For some really good info on the latest in wireless security check here

http://blogs.zdnet.com/Ou/ more specifically, go to page 3 and 4
http://blogs.zdnet.com/Ou/index.php?paged=3
http://blogs.zdnet.com/Ou/index.php?paged=4

No WEP encryption is enough, regardless of the size of the key

http://blogs.zdnet.com/Ou/?p=60
http://blogs.zdnet.com/Ou/?p=48