Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: Basics of Wireless Security...

Hybrid View

  1. #1
    Senior Member
    Join Date
    May 2003
    Posts
    1,199

    Basics of Wireless Security...

    Due to the high volume of recent request I decided to post this little checklist that I made for some of my customers and friends. I hope you all find it useful.
    Basic Wireless Security:

    Should be done:

    - DO NOT use the default SSID
    - DO NOT broadcast SSID
    - Change the administrator Username/Password for your router
    - Use WEP or WPA (if available on your router)
    - Use MAC filtering if possible
    - Limit the number of DHCP assigned IP address (or use static IP)
    - Block ALL unassigned IP addresses
    - Turn off default shares on the computer, set permissions for files that need to be shared.
    - Turn off Printer sharing if it is not needed.

    Optional: (not so basic)

    - Limit broadcast range
    - Use rotating WEPS
    - When assigning IP addresses use class A or B IP’s and a class C subnet (sort of a Security through Obscurity technique against people scanning for active IP’s)
    - Use a form of data encryption during transfers
    - Rotate assigned IP addresses

    In addition to these wireless security percussions that must be taken you must also remember to:

    - Keep your operating system fully updated.
    - Be sure to update your antivirus program
    - Use Strong passwords (a good password should be at least 8 characters long, contain both upper and lower case letters, numbers, and special characters)
    - Change your password every few months
    - DO NOT use standard passwords (i.e. the same password for everything)
    - Be careful what you download
    - Use a program such as Ad-aware, or Spybot search & destroy to help control adware/spyware
    - Use a firewall, there are many free software firewalls available.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  2. #2
    Senior Member
    Join Date
    Dec 2006
    Location
    Myrtle Beach, SC
    Posts
    238
    i have a question. here goes. i have a wireless network adapter not a router and im near someone who does have a router but i dont know who. windows says it is an unsecure network and things may been seen by others on this network. am i safe on this network if i have comodo firewall and windows defender or am i a sitting duck? please help me. cause if im a sitting duck then im highly screwed. thanks

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Quote Originally Posted by chaosclown
    i have a question. here goes. i have a wireless network adapter not a router and im near someone who does have a router but i dont know who. windows says it is an unsecure network and things may been seen by others on this network.
    Well, if you don't know who owns the router you doubtless do not have permission to use it?

    That leaves you with three problems:

    1. Is it a trap?
    2. As it is unsecured what malware is lurking on it? It would be a reasonable assumption that the rest of the system is unsecure as well?
    3. Are you already "owned"

  4. #4
    Quote Originally Posted by nihil
    Well, if you don't know who owns the router you doubtless do not have permission to use it?

    That leaves you with three problems:

    1. Is it a trap?
    2. As it is unsecured what malware is lurking on it? It would be a reasonable assumption that the rest of the system is unsecure as well?
    3. Are you already "owned"
    Nihil is right your'e owned..or he do have a ad-hoc connection running between pc's (peer to peer).The reason why he's network is not secure because WEP encryption don't work with ad-hoc networks.
    Get yourself a acces point.
    The Power Of Your Imagination:

  5. #5
    Senior Member Aardpsymon's Avatar
    Join Date
    Feb 2007
    Location
    St Annes (aaaa!)
    Posts
    434
    chaosclown, firewalls only control what traffic goes in and out. So, firewalls WILL help but you have to remember that ANY traffic that does get through the firewall is then transmitted to everyone in a 100m radius depending on router strength and wall thickness etc etc.

    So, everything you post/read on here can be read by anyone else nearby if they so choose. Your online banking should still be safe since its encrypted 128bit anyway by the browser.

    Bottom line, anything you can do on this unsecured network anyone else can see you doing with the right hardware/software.
    If the world doesn't stop annoying me I will name my kids ";DROP DATABASE;" and get revenge.

  6. #6
    Junior Member
    Join Date
    Jan 2003
    Posts
    8

    cool dude

    i kinda found your post quite educative about the basics of wirelesscause i was finding it hard but your post simplifies everything.

    thanks again

  7. #7
    Junior Member Darksat's Avatar
    Join Date
    Mar 2007
    Location
    London
    Posts
    9
    Another good idea is to turn of your wireless router when your not using it.
    If you have it on all the time people can/will eventually crack it.
    Darksats Security Forum
    The Internet is boring, I want the expansion pack.

    The Real Sexism is against men
    Rapebombing

  8. #8
    Junior Member nvzsc's Avatar
    Join Date
    Mar 2007
    Posts
    12
    Here's a thought, don't use wireless. :P

  9. #9
    Senior Member Aardpsymon's Avatar
    Join Date
    Feb 2007
    Location
    St Annes (aaaa!)
    Posts
    434
    amen to that
    If the world doesn't stop annoying me I will name my kids ";DROP DATABASE;" and get revenge.

  10. #10
    Junior Member
    Join Date
    Aug 2002
    Posts
    10
    As a general rule it is definitely better to have WEP instead of nothing at all. But other than that i would not recommend using WEP. It's relatively easy to crack and with some recent improvements in aircrack-ng (one piece of software used for cracking WEP keys) it only takes a matter of few minutes to get access to the network.
    If you plan on cracking a wireless network, not broadcasting your SSID and not using DHCP can be easy to work around. IMHO using WPA (or WPA2 even better, if all your machines support it) + changing your default SSID name serve as a much better protection against unwated visitors

    But again, WEP is better than no encryption at all to protect from casual users searching for free internet (or with a malicious intent)
    You last visited: July 24th, 2004 at 02:40 AM <--- DAAAAMN

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •