WIFI Security

devildog93 said:

Jonathan_King said:

It is said that Wireless Security is an oxymoron. In other words, you can never be 100% secure with wireless.

However, you can tighten things down enough that the chance of you getting hacked is virtually nil. I'm sure that the FBI could find a way, if it was important to them, but I doubt you are that suspected.

So do what you can. Block all mac addresses not in your white list, use WPA-2 encryptions, don't broadcast your SSID, but most importantly, if you see a black van by the side of the road near your house, shut down your internet connection.

I like the black van part. lol :)

I also limited my ip address range to the two devices in the network.

range 192.168.1.64 (being PS3)- 192.168.1.65 (being my PC). Some people might rip on this suggestion, but in my case, with use on LAN limited to pretty much myself, it works well for me, no probs. I will be adding X-Box 360 soon, and just have to allow one more ip allocation ie. 192.168.1.64 to 192.168.1.66

I have dhcp enabled, but have port forwarding setup for a sharing program on the PC and ports forwarded for voice chat and various PS3 required functions, with no worries of ip wandering, AS LONG as I turn the devices on in the proper order, but seeing my PC stays on nearly 24/7 it never loses it's assigned ip and the PS3 automatically takes the only other one available. It has been a few months now and I have not had to mess with my router, or other setting due to ip's not matching, and ports getting screwed up.

This is in a wired setup, but this might be another way to tighten up your security on the wifi as well. If you have many people logging in and out, and need a wider ip range to allow more ip's to be dished out, this might not be for you.

Just a thought, something that is working for me.

Tell me to butt out if I missed the mark here.....lol

No. I'm open to all ideas, but I will have to consider if I can apply them to my situation. I don't have anything that needs to access the network, except two computers, and the router is set to identify them via their MACs. I think that would be equal to their IPs. However, in my first configuration attempt, I did enable DHCP, and it lists IP and MAC for both computers. Perhaps I should disable DHCP...I'm not sure.

Just as I moved away from this thread, this link came up on Twitter by @MSWindows: Selecting a wireless router or another wireless network device. It seems appropriate to backtrack and add it to the mix here as it may be helpful to someone else looking at wireless.

Corrine said:

The article referenced, seekermeister, is talking about connecting to public hotspots. You are setting up a home network so will not be accessing "Phony access points (APs) that use spoofed service set identifiers."

Although a couple years old, you may want to read The ABCs of securing your wireless network. Also be sure to use a strong password for your wireless network. Set up a security key for a wireless network. Then, as Jonathan said, any hacker still has to get past the Windows logon. In Network and Sharing, limit any files being shared to public and require a password for access.

Curiously, your first link seems to discount the benefit of most settings, other than encryption method. Perhaps I'm making this harder than need be...don't know.

In Network and Sharing, limit any files being shared to public and require a password for access.

This idea throws me somewhat, because I wanted to be able to access any file from either computer. Unless I misunderstand, sharing with the "public" includes other computers on the network...yes/no? I was hoping that within my network access would be simple, but with a hard shell to outside access.

Jonathan_King said:

Look in your router for the encryption type, if you're not already.

Even though there is a dropdown window for choosing the encryption method, the only option that it contains is TKIP + AES. How strong is that?

Strong enough.

I suppose, but since Opera uses 256 bit AES, 128 AES sounds weak. Of course, direct internet access does provide greater time and opportunity for a hacker to focus on one computer.

Watch this in this context - really funny:

What a ditzy chick. That kind of made my day.

polarbear said:

There is no 100% but with a strong password without using real words and add other char as well will get you a fairly safe system. For WPA-2 cracking they must run your packets through a dictionary and if the password used is not within, it will not pick it up... To find more info on this visit Back-Track and read a little... GL :)

It appears that Back Track is simply a distro of Linux, which may be quite good...I don't know. However, my concern is WIFI security in general, regardless of the OS being used. So this is something that I will bookmark for future use, but it doesn't seem to fit what I'm looking for now.