WIFI Security

Page 4 of 4 FirstFirst ... 234

  1. seekermeister
    Posts : 6,618
    W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE
    Thread Starter
       New #31

    Jacee said:
    You could always try Network Magic to cut down on the paranoia
    Cisco - Network Magic Essentials Features
    Unfortunately, reducing paranoia requires understanding. Having a program make decision for you is obviously easier, but it doesn't reduce worry. Besides, Network Magic doesn't support Linux.
      My Computer
    Quote Quote

  3. Corrine
    Posts : 2,303
    Windows 7 & Windows Vista Ultimate
       New #32

    seekermeister said:
    Corrine said:
    The article referenced, seekermeister, is talking about connecting to public hotspots. You are setting up a home network so will not be accessing "Phony access points (APs) that use spoofed service set identifiers."

    Although a couple years old, you may want to read The ABCs of securing your wireless network. Also be sure to use a strong password for your wireless network. Set up a security key for a wireless network. Then, as Jonathan said, any hacker still has to get past the Windows logon. In Network and Sharing, limit any files being shared to public and require a password for access.



    Curiously, your first link seems to discount the benefit of most settings, other than encryption method. Perhaps I'm making this harder than need be...don't know.
    The ABC's link is a couple years old. I provided it for information.

    seekermeister said:
    Corrine said:
    In Network and Sharing, limit any files being shared to public and require a password for access.
    This idea throws me somewhat, because I wanted to be able to access any file from either computer. Unless I misunderstand, sharing with the "public" includes other computers on the network...yes/no? I was hoping that within my network access would be simple, but with a hard shell to outside access.
    No, not other computers on the network. I meant public folders -- placing music and videos in public folders, and making them accessible but not documents, thereby further protecting any confidential materials.

    In fact, if you are only going to use the wireless connection "just for the purpose of giving my secondary computer access to streaming media from the internet," then you don't even need to provide access to the other files.
      My Computer
    Quote Quote

  4. zzz2496
    Posts : 1,325
    Windows7 Ultimate 64bit
       New #33

    CarlTR6 said:
    seekermeister said:
    I sort of fit into item 5, but I have to balance that with what I think that I'm capable of managing. I'll start at item 1 and progress as I can.
    Disable DHCP

    Switching DHCP off and using static IP addressing is no defense against hacking. Anyone snooping the network can usually figure out the pattern that has been used to assign the IP addresses in question and then make a specific request accordingly.
    The ABCs of securing your wireless network
    As I said earlier, it's we can't really make a network 100% secure...

    Here's a thought. Here, you, a wifi snooper, sniffing wifi AP in a neighborhood. You found one, unsecured, connect to it... then connected. But when you check your IP, Windows (or whatever your OS) used APIPA addessing (the one that starts with 169.x.y.z) indicating no DHCP server. The first to try is 192.x.y.z network, see if it works, do a scan in the subnet. If nothing shows up, use 10.x.y.z, do another scan, etc... What I propose was for our TS to use, let's say, 180.99.99.x network, with 27 bits subnet (that is 255.255.255.224 subnet mask). This will hinder the hacker's attempt to connect to the network.

    In my more advanced suggestion (point 5) is like this:
    LAN = 180.99.99.x/255.255.255.224, gateway at 180.99.99.29, and use another DNS server, let's say we use 180.99.99.27 and 180.99.99.28 as DNS servers. That alone will slow the so called hacker down... Unless the hacker use packet sniffer and try to look for packets that are running around... But then again, if the WPA2 key is at least 32 characters long with random chars + symbols, it'll be A LOT harder do "crack". If you use dictionary attack, that attack will only work for words in the "dictionary", 32 random gibberish doesn't count as a "dictionary" word... After the hacker succeed, he then needs to scan the network for another host to connect to... This will be the VPN server, the open port is only the VPN server listen port... connecting to this will engage another authentication dialog. Set the VPN server to black list host that failed upon 3rd try... Once he can connect to the first VPN server, the hacker needs to do the process all over again to connect to the next VPN server... urgh... here's the simple "map":

    Internet
    |
    [public IP]Router[180.99.99.29]-->LAN(180.99.99.x/255.255.255.224)
    |
    Wifi Network honeypot 1, VPN server + Traffic filtering + SNORT server
    [15.1.1.x/255.0.0.0]
    |
    Wifi Network honeypot 2, VPN server + Traffic filtering + SNORT server
    [18.25.4.x/255.224.0.0]
    |
    Wifi Network honeypot 3, VPN server + Traffic filtering + SNORT server
    [12.81.3.x/255.255.128.0]
    |
    Wifi Access point [12.81.3.8/255.255.128.0 Static assigned IP address]
    |
    [The hacker starts here...]

    There...

    zzz2496
      My Computer
    Quote Quote

 
Page 4 of 4 FirstFirst ... 234

  Related Discussions
So I finally decided to try and set up some security for our home wifi and I dont have the confidence to prod away at it without the risk of ending up doing something really bad... What Im looking to do: . Set up home wifi for 3 person use . Admin(me) not around to give out wifi access all...
'Hello, this is my first post here, so I am sorry if anything is confusing. The reason why I signed up in this forum is s I can seek help fron those that might know more about computer than me, in order to solve my problem A few days ago, my laptop was working perfectly fine. But then, I...
I am considering using a powerline system to give me additional wifi cover, but I am unclear how the available wifi connection is protected. They make a great deal of encrypting the traffic over the power circuit, but no mention is made of protecting the wifi connection. Surely, the risk with...
Hello, I have recently bought a new pci wifi lan card (Ralink rt61 turbo) and have plugged in and installed drivers. Initially the drivers the company I bought it from told me to install didn't work, but after some googling found the correct drivers and downloaded from Ralinks website. However...
Hi. I live in an apartment here in Bangkok and have my own wireless router, provided by the apartment block. The management have changed things recently though and I have a few questions - some probably a bit basic: wifi and networking is not one of the areas of IT in which I have much know-how......
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 20:46.
Find Us