Reply
 
Thread Tools Search this Thread
 
Old 23 September 2005, 09:46   #21
DGR
Member
 
Country: UK - Wales
Town: Barmouth
Boat name: Blue Marlin
Make: Ribcraft
Length: 7m +
Engine: Yanmar 315/Bravo 2X
MMSI: 235020218
Join Date: Jun 2003
Posts: 827
Roy, RichardB,

Advice taken and implemented !! SSID broadcast is now off - and wireless access is only permitted to the devices that should be using it. AND - I won't be doing any bank stuff over the wireless part of the net - I'll stick to the hardwired bit for that!!

Thanks for your help!!

Dylan...
__________________

__________________
DGR is offline   Reply With Quote
Old 23 September 2005, 10:02   #22
Member
 
Country: UK - England
Town: Newquay, Cornwall.
Boat name: None :(
Make: None :(
Length: 5m +
Engine: None :(
MMSI: None :(
Join Date: Jun 2005
Posts: 1,280
There is a way to make safe your banking over the wireless network as long as you have a pc or server that is on the hard-wred part of the network.

The 128bit encryption used by WEP is actually very hard to crack - but wirelees networks typically transmit a lot of very empty packets just syaing "hello im here" and stuff like that. Its these "weak" packets that make the encryption easy to break - if every network packet was complex and full - no one would ever be able to break the 128 bit encryption with brute force.

So how to make the data secure - using a VPN (Virtual Private Network)

You set up incomming connections on your hard wired pc to accept VPN connections then set up a VPN client connection from your laptop to your PC making sure that in the advanced settings of the connection you have the "Use default gateway on the remote network" ticked.

Now any trafic going over the wireless network is double 128 bit encrypted (no one is going to break that) the packets will then be unencryted by your pc and reach your online banking server with no less security than if you were doing it from a hard-wired network...

Sorry if that was boring or over everyones head - but if anyone wants further instructions on setting this up - let me know...
__________________

roycruse is offline   Reply With Quote
Old 23 September 2005, 11:59   #23
DGR
Member
 
Country: UK - Wales
Town: Barmouth
Boat name: Blue Marlin
Make: Ribcraft
Length: 7m +
Engine: Yanmar 315/Bravo 2X
MMSI: 235020218
Join Date: Jun 2003
Posts: 827
If I follow what you are saying ( ) - then as my wireless hub and router are the same thing I can't do that (i.e. doesn't go through the hard wired PC or a server).

Would the VPN have to go from PC to PC? I can still use the wireless gateway with the Laptop when the hardwired PC is still switched off.

D...
__________________
DGR is offline   Reply With Quote
Old 23 September 2005, 12:06   #24
Member
 
Country: UK - England
Town: Newquay, Cornwall.
Boat name: None :(
Make: None :(
Length: 5m +
Engine: None :(
MMSI: None :(
Join Date: Jun 2005
Posts: 1,280
This is how it works

The packets of data would go by VPN (strongly encrypted) through the wireless connection to the router (which is also a wireless accesspoint bridging the wireless and the wired networks together) then through the wired connection to your PC where it would be decrypted and then go back from the PC through the wired connection to the router and then out via adsl to the internet.

Of course this is all assuming that your PC is wired to the router by a lan cable and is not wireless too ! Other wise forget it !!
roycruse is offline   Reply With Quote
Old 23 September 2005, 14:52   #25
Member
 
Country: UK - England
Town: Portsmouth Harbour
Length: no boat
Join Date: Jun 2005
Posts: 175
Quote:
Originally Posted by Richard B
Locking down your access point to specified MAC addresses (the unique IDs on each of the wireless network adapters on each of your own PCs) stops an unauthorised PC attaching to your router and accessing the other machines in your house and/or your internet connection. Hackers can still "snoop" on your broadcated data though (see previous two points).
MAc address filtering is not as secure as you think, it is very easy to capture a mac address from a data packet and then clone that mac address to enable access.

DGR,

If you have a linksys router, i would suggest that you set up WPA on it as it is a lot more secure than WEP. It is suprisingly easy to crack WEP as roycruse. We were shown in our lectures at university just how easy it is!!! as soon as i got home i stopped using WEP and used WPA atraight away.

Ny probs let me know

Rich
__________________
Rich
RYA Powerboat Instructor, RYA PWC Instructor, RYA Dinghy Instructor

Davies Coaching
laser is offline   Reply With Quote
Old 23 September 2005, 14:56   #26
Member
 
Country: UK - Wales
Town: swansea
Boat name: Too Blue
Make: BLANK
Length: 8m +
Engine: Suzuki DT225
Join Date: Mar 2004
Posts: 12,791
Quote:
Originally Posted by roycruse

The 128bit encryption used by WEP is actually very hard to crack - but wirelees networks typically transmit a lot of very empty packets just syaing "hello im here" and stuff like that. Its these "weak" packets that make the encryption easy to break - if every network packet was complex and full - no one would ever be able to break the 128 bit encryption with brute force.
It is much easier to target the (A+3,FF,x) etc packets but not essential - techniques are evolving pretty fast now - weplab is getting pretty good.

Agree with the VPN method - works fine.
__________________
codprawn is offline   Reply With Quote
Old 23 September 2005, 14:58   #27
Member
 
Country: UK - Wales
Town: swansea
Boat name: Too Blue
Make: BLANK
Length: 8m +
Engine: Suzuki DT225
Join Date: Mar 2004
Posts: 12,791
Quote:
Originally Posted by laser
MAc address filtering is not as secure as you think, it is very easy to capture a mac address from a data packet and then clone that mac address to enable access.


Rich
So true - great fun though.......

The BIGGEST problem(or advantage) of wireless networks is that anyone messing about is TOTALLY untraceable if they use their heads!!!

The only real security is not to have one or to line your room with fine mesh!!!
__________________
codprawn is offline   Reply With Quote
Old 23 September 2005, 15:14   #28
Member
 
Country: UK - England
Town: Portsmouth Harbour
Length: no boat
Join Date: Jun 2005
Posts: 175
have u used that weplab program codprawn? Looks very interesting, mite take a look it for this year of uni, also given me some ideas on what to base my final year project on
__________________
Rich
RYA Powerboat Instructor, RYA PWC Instructor, RYA Dinghy Instructor

Davies Coaching
laser is offline   Reply With Quote
Old 25 September 2005, 12:29   #29
DGR
Member
 
Country: UK - Wales
Town: Barmouth
Boat name: Blue Marlin
Make: Ribcraft
Length: 7m +
Engine: Yanmar 315/Bravo 2X
MMSI: 235020218
Join Date: Jun 2003
Posts: 827
The desktop is wired through a LAN to the router - so will look at setting up a VPN using WPA. I should be sorted by 2007... ... then I can try to work out how to get my X-Box to work.........
__________________

__________________
DGR is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off





Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 14:47.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.