wireless security question
in [Wireless]
|
From: kaloochi on 1 May 2008 15:13 I've just recently networked my xbox 360 with my computer using a D-link router. I'm using a wired connection so i didn't set encryption on set up. Now i've just connected, wirelessly, to my sons PSP and it automatically detected my SSID. Does this mean the router is wirelessly 'active' and anyone can piggyback off me? And what about accessing anything i'm doing on my network? Would setting encryption rectify this or what should i do?
From: Barb Bowman on 1 May 2008 15:43 You definitely need encryption or others can steal your service and possibly shared documents on computers. WPA2 is the best, followed by WPA. WEP is really poor security and can be easily broken. On Thu, 1 May 2008 12:13:06 -0700, kaloochi <kaloochi(a)discussions.microsoft.com> wrote: >I've just recently networked my xbox 360 with my computer using a D-link >router. I'm using a wired connection so i didn't set encryption on set up. >Now i've just connected, wirelessly, to my sons PSP and it automatically >detected my SSID. Does this mean the router is wirelessly 'active' and anyone >can piggyback off me? And what about accessing anything i'm doing on my >network? Would setting encryption rectify this or what should i do? > -- Barb Bowman MS-MVP http://www.microsoft.com/windowsxp/expertzone/meetexperts/bowman.mspx http://blogs.digitalmediaphile.com/barb/
From: Jack (MVP-Networking). on 1 May 2008 19:46 Hi From the weakest to the strongest, Wireless security capacity is. No Security MAC______(Band Aid if nothing else is available). WEP64____(Easy, to "Brake" by knowledgeable people). WEP128___(A little Harder, but "Hackable" too). WPA-PSK__(Very Hard to Brake ). WPA-AES__(Not functionally Breakable) WPA2____ (Not functionally Breakable). Note 1: WPA-AES the the current entry level rendition of WPA2. Note 2: If you use WinXP and did not updated it you would have to download the WPA2 patch from Microsoft. http://support.microsoft.com/kb/893357 The documentation of your Wireless devices (Wireless Router, and Wireless Computer's Card) should state the type of security that is available with your Wireless hardware. All devices MUST be set to the same security level using the same pass phrase. Therefore the security must be set according what ever is the best possible of one of the Wireless devices. I.e. even if most of your system might be capable to be configured to the max. with WPA2, but one device is only capable to be configured to max . of WEP, to whole system must be configured to WEP. If you need more good security and one device (like a Wireless card that can do WEP only) is holding better security for the whole Network, replace the device with a better one. Setting Wireless Security - http://www.ezlan.net/Wireless_Security.html The Core differences between WEP, WPA, and WPA2 - http://www.ezlan.net/wpa_wep.html Jack (MVP-Networking). "kaloochi" <kaloochi(a)discussions.microsoft.com> wrote in message news:A94C5E14-E216-40D3-890E-09FEE01F1722(a)microsoft.com... > I've just recently networked my xbox 360 with my computer using a D-link > router. I'm using a wired connection so i didn't set encryption on set up. > Now i've just connected, wirelessly, to my sons PSP and it automatically > detected my SSID. Does this mean the router is wirelessly 'active' and > anyone > can piggyback off me? And what about accessing anything i'm doing on my > network? Would setting encryption rectify this or what should i do? > >
From: Trespasser on 1 May 2008 20:33 IMHO:: Some simple things to increase security. At least try to increase your encryption to 128bit as a minimum. It wont stop people trying to break in but it will slow them down a little Change the password to access your router !!!!! If they have access to your wireless, they have access to your router and could wipe out the log files or perhaps lock you out altogether so you cant alter any settings including the new wireless key. DO NOT use things such as: names, admin, nimda, 1234, 1111, 0000, your house number .... etc. As an example you need to look for something like the date (02May2008), or your birthday (22ndApril1966) ... you see the point of using numbers and letters ???? Perhaps an alternative is to turn off 'SSID' broadcasts, I say this on the basis that if I can't see you, Im going to look for more visible targets. Go around your wireless devices and look for the 'mac' addresses, then edit your firewall in your BB router to allow access by the specified 'mac' addresses you have found on your devices. (can be tricky for the novice) Rename the wireless connection you have at the moment. This is a give away when I see wireless stations flying the ISP's brand name (2wire (bt), 3Com (sky), Netgear (virgin), HomeHub (bt) .... etc). It also gives clues as to the security level provided by default, as most home users dont bother messing and foolishly trust the broadband provider to look after them. Admitably wireless is very usefull (I use it myself), however if you can use network cable to connect devices in the same room ...... DO IT! Try turning down the wireless power if possible (usually a setting in the router). The less area you transmit over, the less likely you are of being picked up.
From: Chuck [MVP] on 2 May 2008 01:08 On Fri, 2 May 2008 01:33:08 +0100, "Trespasser" <annonymous99(a)hotmail.com> wrote: >IMHO:: Some simple things to increase security. > >At least try to increase your encryption to 128bit as a minimum. It wont >stop people trying to break in but it will slow them down a little > >Change the password to access your router !!!!! If they have access to your >wireless, they have access to your router and could wipe out the log files >or perhaps lock you out altogether so you cant alter any settings including >the new wireless key. DO NOT use things such as: names, admin, nimda, 1234, >1111, 0000, your house number .... etc. As an example you need to look for >something like the date (02May2008), or your birthday (22ndApril1966) ... >you see the point of using numbers and letters ???? > >Perhaps an alternative is to turn off 'SSID' broadcasts, I say this on the >basis that if I can't see you, Im going to look for more visible targets. > >Go around your wireless devices and look for the 'mac' addresses, then edit >your firewall in your BB router to allow access by the specified 'mac' >addresses you have found on your devices. (can be tricky for the novice) > >Rename the wireless connection you have at the moment. This is a give away >when I see wireless stations flying the ISP's brand name (2wire (bt), 3Com >(sky), Netgear (virgin), HomeHub (bt) .... etc). It also gives clues as to >the security level provided by default, as most home users dont bother >messing and foolishly trust the broadband provider to look after them. > >Admitably wireless is very usefull (I use it myself), however if you can use >network cable to connect devices in the same room ...... DO IT! > >Try turning down the wireless power if possible (usually a setting in the >router). The less area you transmit over, the less likely you are of being >picked up. Turning off SSID broadcasts is security by obscurity. Maybe you don't see someone with SSID broadcast disabled. Anybody worth fearing will see you though. <http://networking.nitecruzr.net/2005/05/disabling-ssid.html> http://networking.nitecruzr.net/2005/05/disabling-ssid.html Also, remember that the people to be feared will have ultra sensitive receivers. Your turning your power down will inconvenience you more than the bad guys. The only real WiFi security is from using WPA or better, with a randomly generated key. <http://networking.nitecruzr.net/2005/05/setting-up-wifi-lan-please-protect.html> http://networking.nitecruzr.net/2005/05/setting-up-wifi-lan-please-protect.html Renaming the SSID to something a) unique and b) not relevant to your identity is a good idea though. If only for physical security. -- Cheers, Chuck, MS-MVP 2005-2007 [Windows - Networking] http://networking.nitecruzr.net/
|
Pages: 1 Prev: Advise on small business setup, please Next: Belkin N Router assistance req'd |