Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: WIFI Security


11 Apr 2010   #1

W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE
 
 
WIFI Security

I thought that with WPA, SSID, MAC, encryption, etc. that WIFI would be fairly secure, but after reading some pages such as this:

Getting Phished: Why SSID Spoofing (Still) Matters - www.wi-fiplanet.com

I'm beginning to have doubts. I'm still waiting on a WIFI adapter to arrive, to complete my WIFI network, but my intent was to have an always on LAN, just for the purpose of giving my secondary computer access to streaming media from the internet, since the location where it shall be does not have a cable outlet. Now, I'm wondering if it is worth the risk?

While I shall continue to use only my primary for online banking and financial transactions, I am wondering if the WIFI needs to be disabled while that is being done? I intend to use RDP or an equivalent program to access the primary from the secondary, but only within the LAN, since I blocked port 3389 to prevent someone on the internet from using it, but that wouldn't stop someone on the WIFI from doing so...would it?

Is it possible to create a truly private ironclad secure WIFI LAN? If so, how?

My System SpecsSystem Spec
.

11 Apr 2010   #2

Windows 7 Professional x64
 
 

It is said that Wireless Security is an oxymoron. In other words, you can never be 100% secure with wireless.

However, you can tighten things down enough that the chance of you getting hacked is virtually nil. I'm sure that the FBI could find a way, if it was important to them, but I doubt you are that suspected.

So do what you can. Block all mac addresses not in your white list, use WPA-2 encryptions, don't broadcast your SSID, but most importantly, if you see a black van by the side of the road near your house, shut down your internet connection.
My System SpecsSystem Spec
11 Apr 2010   #3

W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE
 
 

Actually, I know that nothing with a computer is totally failsafe, including a hardwired LAN, but considering the fact that I know so little about WIFI, I really don't know what precautions to take. I think that I understand the ones that you mentioned (doubt that I have to worry about vans...but who knows), but the article that I linked above left me feeling that they would be inadequate. Commercials on TV about people who drive around looking for an insecure WIFI to do their dirty work on reinforces that feeling.

It took me a long time to become relatively comfortable with a regular connection to the internet, but over time I have acquired a degree of confidence with it. I think that the fact that I'm uncertain exactly what gets broadcast and under what circumstances is a large part of my uneasiness. Especially when RDP is involved.

Let's saying that I'm using RDP to watch a movie via the WIFI, does that mean that everything on my primary computer is being broadcast in a fashion that leaves the system vulnerable to a hacker? Even with RDP shutdown, wouldn't a hacker still be able to use his own RDP to do the same thing, even with SSID not being broadcast, only my own computer's MAC addresses being white listed, etc.?

I got the impression from that article, that the most important security aspect is not to be conspicuous or draw attention, by creating an appearance of being too secured. But that doesn't make a lot of sense to me.
My System SpecsSystem Spec
.


11 Apr 2010   #4

Windows 7 Professional x64
 
 

He could always use his own RDC to log in, but he'd be faced with your Windows password.

While in theory, as long as your signal is in the air, you can be hacked, you are not one of the "unsecured" ones, like my neighbor, who doesn't use encryption at all, or my other one, who uses WEP.

I don't think you have much to worry about. Don't do stuff that would make the Feds come after you, and as always, it's a good idea to keep an eye on your bank account for unusual activity.
My System SpecsSystem Spec
11 Apr 2010   #5

Windows 7 Home Premium 64-bit
 
 

There is no 100% but with a strong password without using real words and add other char as well will get you a fairly safe system. For WPA-2 cracking they must run your packets through a dictionary and if the password used is not within, it will not pick it up... To find more info on this visit Back-Track and read a little... GL
My System SpecsSystem Spec
11 Apr 2010   #6

W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE
 
 

Quote   Quote: Originally Posted by Jonathan_King View Post
He could always use his own RDC to log in, but he'd be faced with your Windows password.

While in theory, as long as your signal is in the air, you can be hacked, you are not one of the "unsecured" ones, like my neighbor, who doesn't use encryption at all, or my other one, who uses WEP.

I don't think you have much to worry about. Don't do stuff that would make the Feds come after you, and as always, it's a good idea to keep an eye on your bank account for unusual activity.
Your last statement touches on one of my main concerns. Am I right in thinking that banking and financial transactions should only be done with WIFI totally disabled?
My System SpecsSystem Spec
11 Apr 2010   #7

Windows 8.1 Pro RTM x64
 
 

I would prefer to do banking and other financial transactions over a wired (Ethernet) link, with the wireless part disabled. If you have no choice but to use the wireless connection, ensure that you are using the maximum possible security. This means using WPA2 and the other features available to you.
My System SpecsSystem Spec
11 Apr 2010   #8

Windows 7 & Windows Vista Ultimate
 
 

The article referenced, seekermeister, is talking about connecting to public hotspots. You are setting up a home network so will not be accessing "Phony access points (APs) that use spoofed service set identifiers."

Although a couple years old, you may want to read The ABCs of securing your wireless network. Also be sure to use a strong password for your wireless network. Set up a security key for a wireless network. Then, as Jonathan said, any hacker still has to get past the Windows logon. In Network and Sharing, limit any files being shared to public and require a password for access.




My System SpecsSystem Spec
11 Apr 2010   #9

Windows 7 Professional
 
 

Quote   Quote: Originally Posted by Jonathan_King View Post
It is said that Wireless Security is an oxymoron. In other words, you can never be 100% secure with wireless.

However, you can tighten things down enough that the chance of you getting hacked is virtually nil. I'm sure that the FBI could find a way, if it was important to them, but I doubt you are that suspected.

So do what you can. Block all mac addresses not in your white list, use WPA-2 encryptions, don't broadcast your SSID, but most importantly, if you see a black van by the side of the road near your house, shut down your internet connection.


I like the black van part. lol

I also limited my ip address range to the two devices in the network.

range 192.168.1.64 (being PS3)- 192.168.1.65 (being my PC). Some people might rip on this suggestion, but in my case, with use on LAN limited to pretty much myself, it works well for me, no probs. I will be adding X-Box 360 soon, and just have to allow one more ip allocation ie. 192.168.1.64 to 192.168.1.66

I have dhcp enabled, but have port forwarding setup for a sharing program on the PC and ports forwarded for voice chat and various PS3 required functions, with no worries of ip wandering, AS LONG as I turn the devices on in the proper order, but seeing my PC stays on nearly 24/7 it never loses it's assigned ip and the PS3 automatically takes the only other one available. It has been a few months now and I have not had to mess with my router, or other setting due to ip's not matching, and ports getting screwed up.

This is in a wired setup, but this might be another way to tighten up your security on the wifi as well. If you have many people logging in and out, and need a wider ip range to allow more ip's to be dished out, this might not be for you.

Just a thought, something that is working for me.

Tell me to butt out if I missed the mark here.....lol
My System SpecsSystem Spec
11 Apr 2010   #10

W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE
 
 

Even though there is a dropdown window for choosing the encryption method, the only option that it contains is TKIP + AES. How strong is that?
My System SpecsSystem Spec
Reply

 WIFI Security




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 05:13 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33