General discussion

Locked

Is there such a thing as a secure wireless network for a home LAN?

By Poordirtfarmer ·
I keep reading comments criticizing inadequately protected Access Points as though they are common. This seems to presume the need for some technical understanding for a properly configured Wi-Fi setup and that naturally gives me concern that my home wireless setup is vulnerable.

I simply opened the manual & followed the instructions to a Tee. All I did to set up my D Link DI-624 was make up a silly SSID name and assign a 26 character HEX value for a PASSWORD. I did not enable Pier-to-Pier. I don?t recall that there was anything else I could do. Did I overlook something? Seems too simple ? Is my setup as secure as can be?

Is there some homeowner-priced software (or freeware) that could alert me if someone trying to break in, or is actually using my home internet connection? Since they would be behind my firewall, what about an intruder?s access to the internet printers, and the shared scanner?

The DI-624 is my only firewall since the D Link DWL-520G PCI cards I have wouldn?t communicate with the Access Point with a firewall running on the machine. So couldn?t anyone that gets in see the computers too? Could they take control? Wow! Just what I don?t need is my banking info stolen and all the hard drives reformatted.

A related thought - I read an article awhile back that named a piece of freeware that allegedly could allow a laptop to break 64 bit Wi-Fi protection in less than 30 minutes. If this is true, just how good is the 128 bit protection (26 Hex characters) I?m using with my DI-624? It?s up 24/7.

This conversation is currently closed to new comments.

65 total posts (Page 1 of 7)   01 | 02 | 03 | 04 | 05   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Im glad you asked these question

by DanLM In reply to Is there such a thing as ...

I have held off creating a wireless network just because I was unsure how to secure it.
I heard you can stop people getting access to your network by setting allowed mac address's. Ok, I can do that. But, I do online banking and things and I want a secure connection.

Thanks for posting these questions.

Dan

Collapse -

Banking and bill paying...

by shardeth-15902278 In reply to Im glad you asked these q ...

Is no more at risk over wi-fi, than it is over copper. Either way it is traversing the public internet, where pretty muuch anyone that wants to can see it. The important thing here is that the bank or online site is using an encrypted session (SSL) to transact with you.

Collapse -

Hmmmm. "do you feel lucky, punk"?

by Greeboid In reply to Banking and bill paying.. ...

Wireless IS less secure than copper. Take a look at this: http://tomshardware.co.uk/2006/08/30/defcon2006_janus_project/
Now you might think this is paranoid, and you might ask yourself, "but what are the chances of it happenning to me"?
but that is NOT the question you should ask. You should ask yourself this:
Should I give them the opportunity?
When it boils down to it you can use WEP, WPA, WPA2, MAC Address filtering and choose not to advertise your network, but there's not yet a wi-fi that is as secure as copper sitting behind a stateful hardware firewall and even then there are risks.
The internet is inherrently unsecure. Getting on it is a lottery. If you make yourself REALLY secure with the strongest firewall imaginable you might even be inviting interest from the pesky hackers with their port-scanning tools and their... "wonder what they've got to hide behind all that security" ethos.
You just have to balance your need for visiting cyberspace with the potential risk and ask yet another question:
"do you feel lucky, punk"?

Collapse -

STOP!!

by AJ-Ubuntu-User In reply to Im glad you asked these q ...


Quote:

I heard you can stop people getting access to your network by setting allowed mac address's.


Yes you can, but it is easy to spoof MAC Addresses under linux/unix!

For banking , I at the moment would stay wired and make sure you have a well configured hardware firew0all, software firewall and scan your machine reguarly for spyware/malware/trojans/keyloggers and other virus like software
Collapse -

Re: STOP!!

by VolleyGuy4 In reply to STOP!!

Easy to spoof MAC addresses under Windows too.

Collapse -

I use a Belkin-64

by mjd420nova In reply to Is there such a thing as ...

The software varies from manufacturer to manufacturer but is all pretty much the same. I am able to capture the MAC address of anyone who uses the WIFI to access the broadband connection I have. Capture the address and then block it. This address is unique to each internet WIFI card and wired card. I monitor the client list daily and add those unwanted to the list. They can never get in again unless they change the card, in which case I'll capture a new address and add it to the blocked list. The unit also has a firewall, to keep out others who try to hack in. Each unit in house has a MacAfee firewal besides the Windows firewall in XPHOME. I don't think anyone will get in unless they have a new un-discovered hack. I feel pretty safe. However, I do not use it for ordering anything or do banking on line, that's just asking for trouble.

Collapse -

"I am able to capture the MAC address of anyone who uses the WIFI"

by TonytheTiger In reply to I use a Belkin-64

So can any hacker....

If someone wants to get into a home router badly enough, they're probably going to. But first they have to be able to see it. You can buy directional antennas so that the signal only covers what you want it to cover, but ultimately your doing the best thing... protecting the computers that are hooked to the router.

I do all of my banking, most of my bill paying, and about a third of my purchases online. Never had a problem.


[added: Many routers also have an option to reduce the power output. This will also reduce the likelihood of it being found.]

Collapse -

I've really backed off wireless till now

by DanLM In reply to "I am able to capture the ...

I've been pricing it out, and researching it out. But I knew I didn't have the knowledge to do it securely, so I just didn't jump. That's why when I seen this post I book marked it.
Now that I at least know what to look for in a router, and the procedures that should be done. I think I'll finally go wireless.
Thanks everyone, very much appreciate this set of post's even if I didn't start it.

Dan

Collapse -

placement is key too

by jdclyde In reply to "I am able to capture the ...

decide where you want to have signal and where you DON'T want signal. The further back in the house away from the road, the better. Sometimes even moving it into the basement is a good idea as the signal will come up to the next floor, but will have a hard time reaching the road.

Take your laptop out and walk around with it to see how strong of a signal you are sending out by the road and around your house. If the signal is still too strong, try taking the antenna off and test it again.

Passwords are a must.

You can also usually restrict to only certain MAC addresses. Remember MAC's can be spoofed easily though so don't rely on that.

Isn't it recommended to turn SSID right off?

Your best bet is to get a router with a DMZ port and a wireless access point and plug it into the DMZ. This is more secure than getting a wireless router as it will segment off all of your PC's behind a firewall. As you know the IP range and where to find it, you can open holes based on your MAC address if you need to connect to any of your PC's.

Collapse -

Active management

by TonytheTiger In reply to placement is key too

is also a must. Don't just 'set it and forget it'. Check the router's logs frequently. That way you can see if anyone's getting in that you don't want to.

Back to Networks Forum
65 total posts (Page 1 of 7)   01 | 02 | 03 | 04 | 05   Next

Related Discussions

Related Forums