Wireless Broadband Help

[Nick Thompson]

Quote:

Originally Posted by MikeCC

Serious point though - make sure you
2. Set up the WEP or WPA encryption system that comes with all of them these days

I've found it easier (and it's safer) to use the MAC address inclusion function rather than WEP.

Using MAC, only the machines with the network device address entered in the AP/router can see the AP/router, so any potential hacker doesn't know there is a network to attempt to hack into.

[DJL]

Quote:

Originally Posted by Nick Thompson

I've found it easier (and it's safer) to use the MAC address inclusion function rather than WEP.

Using MAC, only the machines with the network device address entered in the AP/router can see the AP/router, so any potential hacker doesn't know there is a network to attempt to hack into.

This is incorrect.

It’s impossible to hide your network completely, even if you turn off SSID broadcast.

It’s not that hard to spoof a MAC address.

Without encryption (WEP/WPA) everything broadcast over wireless is effectively free for people to read. If your using secure websites - ie HTTPS - then that’s ok, however passwords to things like POP3 email accounts could be captured.

Ok, so in most cases this isn't really a big problem, especially if you live in the sticks. However, I would recommend that if possible WPA be used, if not then WEP and MAC filtering (WEP is 'fairly' easy to crack).

[tcwozere]

Quote:

Originally Posted by DJL

However, I would recommend that if possible WPA be used...

How do you enable WPA if my XP doesn't know it exists? I have downloaded every single relevant windows patch, (that I could find,) and still it won't even show the option to use a WPA-PSK key.. I can set the router up with it, (and then the pc can't find the router.. ) I can set my xda exec to use WPA encoding, so at least I know the router is capable of it.. Just cannot find anything to make this pc use it..

[gingercoastie]

I have been with AOL since 1998 with no problems at all. Sold one PC to a friend who does not use AOL and he did not have any problems with it.

It seems to me that the problems with AOL are more of an urban myth.

[laser]

Quote:

Originally Posted by tcwozere

How do you enable WPA if my XP doesn't know it exists? I have downloaded every single relevant windows patch, (that I could find,) and still it won't even show the option to use a WPA-PSK key.. I can set the router up with it, (and then the pc can't find the router.. ) I can set my xda exec to use WPA encoding, so at least I know the router is capable of it.. Just cannot find anything to make this pc use it..

The card will not support WPA then if it doesnt show in windows

[Nick Thompson]

Quote:

Originally Posted by DJL

Ok, so in most cases this isn't really a big problem, especially if you live in the sticks. However, I would recommend that if possible WPA be used, if not then WEP and MAC filtering (WEP is 'fairly' easy to crack).

It depends what you are trying to achieve and what hardware is available, only one of six wireless network cards I have supports WPA.

To stop a neighbour accidentally logging on to your network, MAC addressing is normally sufficient, to stop a hacker getting access to your data you need much more than MAC/WEP or even WPA.

I've found WEP filtering difficult to set up, particularly if there is a mix of network devices made by different manufactures or if you need to move a computer between different access points.

[DJL]

Quote:

Originally Posted by tcwozere

How do you enable WPA if my XP doesn't know it exists?

Make sure you have the latest drivers for the Wireless card - many products were upgraded to support WPA, especially 'G' products. Alternatively post the model number of the card and I can check for you.

[DJL]

Quote:

Originally Posted by Nick Thompson

To stop a neighbour accidentally logging on to your network, MAC addressing is normally sufficient, to stop a hacker getting access to your data you need much more than MAC/WEP or even WPA.

WPA is secure and does stop people accessing your data. Even if all you transmissions were captured it would be almost impossible to get useful data out - you would have decrypt each packet separately as they all have different keys.

There is one flaw in WPA-PSK (the consumer version), which means its possible to crack the encryption if the pass phrase is short. If you use a pass phrase of 20+ characters with WPA-PSK or WPA with 802.1X I don't believe anyone has yet managed to crack WPA.

Quote:

Originally Posted by Nick Thompson

Using MAC, only the machines with the network device address entered in the AP/router can see the AP/router, so any potential hacker doesn't know there is a network to attempt to hack into.

I was just really pointing out that the above statement is incorrect. Whatever you enable, WEP, MAC Filtering, WPA, hide SSID, if the access point has power you can detect it. You might not be able to get at the network but you can start hacking.


Anyway, i'm paranoid about security. I run WPA with 802.1X/PEAP

[Alex Brown]

If you're that paranoid about security turn the wireless off - there's nowt wrong with a nice length of cat5 cable

Also, if the wireless box supports it, turn down the power output to its minimum and then tweak it up until it covers just the area you want. We have some netgear wireless kit at work, and to lower the possibility of interference we went for directional antennas which give a decent inline distance, but it's also allowed us to reduce the power so much so that when you're stood underneath the building the unit is in you cannot detect it.

If someone's extra keen and clued up with the right kit they'll probably get in somehow given a bit of time.

-Alex

[tcwozere]

Thanks Rich and Daniel. I've just updated the card driver, and enabled WPA-PSK on both machines.