Notices

Overclockers Forums > Software > Internet, Networking, and Security
Internet, Networking, and Security Networking and Viruses/Malware trouble. Get the answers here.
Forum Jump

Wireless 101:A Guide to Security

Post Reply New Thread Subscribe Search this Thread
 
 
Thread Tools
Old 03-13-06, 12:33 PM   #21
cornbread
Member

 
cornbread's Avatar 

Join Date: Nov 2001
Location: The great USA!

10 Year Badge
 
Great sticky, found this info very useful, thhanks.

__________________
Microsoft Windows 7 Home Premium
Intel i5-2500 CPU @ 3.30GHz
10GB Memory
ATI Radeon HD 7570
cornbread is offline   QUOTE Thanks
Old 04-01-06, 10:15 PM   #22
Wiggles
Member

 
Wiggles's Avatar 

Join Date: Aug 2005
Location: Sanford, NC

 
Another good tip to router security is to change the router's IP. It might not keep all out, but at least it'll keep out those who know the famous 192.168.1.1 address that will bring up the login prompt for the admin password. Since most routers give out 100+ to users, change it to something like 2-99.

I do the above, have my SSID changed and admin password changed, and filter by mac address. I'm not worried about encryption due to the area I live in.
Wiggles is offline   QUOTE Thanks
Old 04-29-06, 09:49 AM   #23
Alpha_One

 
Alpha_One's Avatar 

Join Date: Jan 2006
Location: Cavite, Philippines

 
Quote:
Originally Posted by TalRW
Wi-Fi Protected Access Preshared Key (WPA-PSK) (Encryption)
...

Weaknesses: While the encryption itself is virtually uncrackable the pass key a user selects can be prone to dictionary attacks. Attackers could possibly capture packets with a packet sniffer and use brute force and dictionary attacks. To overcome use "strong" passwords consisting of random letters, numbers, and characters as well as long as possible (63 charchters maximum). Use cut and paste to put passwords into devices. Do not use phrases as this is easier to crack through brute force than random characters. [/list]
Another weakness, is that your generally trusted, laptop-wielding brother/sister/cousin/mother/friend/roommate/etc. can - ignorantly or maliciously - give away the PSK. Or someone can look in his/her computer (or yours, for that matter) for it. Not that it's a huge issue anyway with MAC filtering and some paranoia, but I thought it would be worth mentioning.

__________________
"That is what you get when you don't play nice!" -Freespace 2 Wingman

"The Workhorse" : Intel Core 2 Duo E4400 @ 3.21Ghz / 1.34VCore | Foxconn P9657AA-8KS2H | 2x1GB Kingston ValueRAM PC2-5300 @ 642 4-4-4-12 | Inno3D 6600

"The Rebel: Intel Pentium 4 530J @ 3.6GHz | ECS G31T-M | 2x1GB Kingston ValueRAM PC2-6400 @ 960 5-5-5-15 | Intel GMA3100

"The Scholar": Acer 5540 series | Intel Core Duo T2050 | 2GB Transcend PC2-5300 | Intel GMA950

Folding for Team 32 under the name Triple_Ace

Last edited by Alpha_One; 04-29-06 at 09:55 AM.
Alpha_One is offline   QUOTE Thanks
Old 04-29-06, 12:10 PM   #24
macklin01
Computational Oncologist / Biomathematician / Moderator on Vacation, Ph.D.

 
macklin01's Avatar 

Join Date: Apr 2002
Location: Pasadena, CA

10 Year Badge
 
Quote:
Originally Posted by Alpha_One
Another weakness, is that your generally trusted, laptop-wielding brother/sister/cousin/mother/friend/roommate/etc. can - ignorantly or maliciously - give away the PSK. Or someone can look in his/her computer (or yours, for that matter) for it. Not that it's a huge issue anyway with MAC filtering and some paranoia, but I thought it would be worth mentioning.
Physical access can defeat just about any security, so it's not the most valid criticism, although it is a very important point.

MAC filtering is a very weak security vs good encryption, so actually, that is a big deal. (Breaking the encryption brings you within one easy step of getting in. Breaking MAC filtering still leaves you with encryption.)

As far as I understand it, though, it would still take some great effort to extract the key from physical access to the computer, as they generally aren't stored in plain text. But again, once somebody has physical access, most security goes in the toilet.

A good way to store a key might be steganographically, where the information is hidden inside other data. -- Paul

__________________
My heatware (macklin01)

Need image I/O for your science apps? Try EasyBMP

My biomedical research: Mathematical Cancer Modeling & Simulation

I'm on vacation as a moderator as I devote more time to my faculty position.
Thank you for your understanding if I don't respond to your PM. -- Paul
macklin01 is offline Folding Profile Heatware Profile   QUOTE Thanks
Old 08-20-06, 02:14 AM   #25
e6600

 
e6600's Avatar 

Join Date: Aug 2006
Location: Los Angeles

 
Will something like WPA2 slow down your connection at all?
Ive just set up my wireless and i notice that pages take a little longer to load and i have about 10ping lower in some games, even when all of my other computers are turned off.

__________________
Heat
e6600 is offline   QUOTE Thanks
Old 08-30-06, 05:33 AM   #26
soulrider4ever
Member

 
soulrider4ever's Avatar 

Join Date: Dec 2005

 
Quote:
Originally Posted by SinsFeelNatural
This is going in my bookmarks until it gets a sticky. Good work so far!
Maybe stick in links for the major router manufacturers if the user needs more specific information.

http://www.ivisit.com/help/reference/routers-urls.html
soulrider4ever is offline   QUOTE Thanks
Old 11-07-06, 09:04 PM   #27
Incesticide
Member



Join Date: Sep 2005

 
Quote:
Wi-Fi Protected Access Enterprise (WPA2) (Encryption)
What it does: WPA2 is similar to WPA-PSK but is intended for corporate environments. WPA2 uses a server to authenticate each user so that each user has a individual WPA key.
Why use it: Not needed for most home users. A business would want to use this for two main reasons. Firstly if a business was using WPA every end user would have the same password and key and could then spy on other users on the network. Secondly ex-employees who knew the key could gain access to the network with standard WPA-PSK. With WPA2 you can simply remove the ex-employee from the authentication server.
WPA2 is WPA with AES encryption instead of TKIP (read: RC4 based) encryption. WPA-TKIP encryption is vulnerable to the same attacks that WEP is vulnerable to (weak initialization vectors), and adding AES fixed that. And actually on alot of equipment AES provides better performance than WEP or WPA-TKIP due to hardware encryption. So there is no reason not to use it.

I think steve gibson (or wherever you got your information from) got 802.11x and 802.11i mixed up, as 802.11x does what he is talking about, and WPA2 is a full implementation of 802.11i, whereas WPA is a partial implementation of the security standard.

See here: http://en.wikipedia.org/wiki/IEEE_802.11i
Incesticide is offline   QUOTE Thanks
Old 11-07-06, 09:58 PM   #28
JCLW
Member

 
JCLW's Avatar 

Join Date: Apr 2002
Location: Back in Toronto

10 Year Badge
 
Note: If you want to use WPA2 then you're going to want this MS update: http://support.microsoft.com/kb/917021

Here's the screens for a WRT54G. I'm running third party firmware (highly recommended: http://www.thibor.co.uk/) so might screens might look a little different.


- Wireless Network Name (SSID): Use something original
- Wireless SSID Broadcast: "Disable"


- Security Mode: I'd recommend "WPA2 Personal"
- WPA Algorithms: I use "TKIP+AES", which allows legacy WPA-TKIP connections if the client doesn't support WPA2-AES.
- WPA Shared Key: Use something original, with both letters and numbers, and really long


Here you can allow/block PCs according to their MAC addresses.


The only thing worth mentioning here is the transmit power - if you're using your laptop right beside you router (or access point) you could turn the power down to prevent others from picking up the signal.


Always make sure that both remote access and wireless access is turned off for the router (unless you really need it).

--------

Other:

Two kinds of WAP2:
WPA2-Personal uses AES
WPA2-Enterprise uses a RADIUS server

__________________
♫♪ ☺ ♫♪
JCLW is offline   QUOTE Thanks
Old 11-07-06, 10:24 PM   #29
JCLW
Member

 
JCLW's Avatar 

Join Date: Apr 2002
Location: Back in Toronto

10 Year Badge
 
Here's the screens for setting up an intel wireless card:

Start off by adding a profile, which brings you to:

Profile Name: Can be anything, make it descriptive (Home network, etc...)
SSID: Whatever you put in your router


Choose "Personal Security", unless you're running a RADUIS server.
Security Settings: Choose whatever you picked in your router. Because I picked TKIP+AES in the router setup I could use either but WPA2-AES is more secure
Password: Your (hopefully) big long complicated password you put in the router

And that's it.

After it connects the details page should show you:

We've connected using WPA2-Personal / AES-CCMP mode.

__________________
♫♪ ☺ ♫♪
JCLW is offline   QUOTE Thanks
Old 02-23-07, 06:25 PM   #30
Silversinksam
Moderator/ Silver Paste Taster©

 
Silversinksam's Avatar 

Join Date: Aug 2001
Location: Sunshine State, USA

10 Year Badge
 
I'll add a couple noteworthy tidbits of info:

Here's the Default Router Password Database

http://www.routerpasswords.com/


Second, with drive-by-pharming being possible, changing your router password is just one of those things that is on your must do list.



__________________
-15 May 2012: On Hiatus helping bees and the planet at the moment

-You have over 101 posts and Can't see the classifieds??? Click this link.

My Heatware
Silversinksam is offline   QUOTE Thanks
Old 06-24-07, 05:52 PM   #31
Oni
Oni-ni-Kanabō
Ninja Hippo eater Moderator

 
Oni's Avatar 

Join Date: Apr 2001
Location: St. Catharines, Ontario Canada

10 Year Badge
 
Quote:
Originally Posted by Silversinksam
I'll add a couple noteworthy tidbits of info:

Here's the Default Router Password Database

http://www.routerpasswords.com/


Second, with drive-by-pharming being possible, changing your router password is just one of those things that is on your must do list.


This is awesome! I cannot tell you how often I have had to Google to find a default password after resetting some jackass's router back to defaults 'cause he pooched it up so bad.

__________________
Mama, put my guns in the ground. I can't shoot them anymore.

On Indefinite Hiatus

Asus P6T SE
Intel i7 930 @ Stock
12GB Corsair DDR3 9-9-9-24
XFX Radeon 5830 @ Stock
Corsair 750 Watt PSU

Oni is offline   QUOTE Thanks
Old 01-03-09, 06:30 PM   #32
Lian Li
Member

 
Lian Li's Avatar 

Join Date: Oct 2007
Location: Sacramento, CA.

 
I'm going to be getting my first router here pretty soon and after reading so much about them I realize that I have alot to learn. This thread helped tremendously to clarify some things for me so hopefully I'll get to put some of it to use when I setup my Belkin N1 Vision in a couple weeks.

__________________
Mobo Abit AN-M2
CPU AMD Athlon 64 X2 5400 2.8Ghz Black Edition
HD Seagate 7200.10 250GB/Maxtor DM +9 160GB/WD 500gb external
Optical Drive Lite-On LH-20A1L-06 DVD burner
RAM G.Skill DDR2 800 Dual channel 2GB (2 x 1GB)
GPU MSI HD 4830 OC
Audio AudioTrak Prodigy HD2
Speakers Insignia NS-B2111
Receiver JVC UX-G70
PSU Hiper Type-R 580 watts
Case Lian Li PC-7SB w/Window
Monitor Lenovo L222
Lian Li is offline   QUOTE Thanks
Old 02-10-09, 06:08 AM   #33
Mayonati
Member



Join Date: Oct 2008

 
Might be kinda overkill for home users, but you might also want to add information about RADIUS servers and the concepts of AAA.. Nearly unbreakable security for people who need it anyway, definately a point of interest for security nuts.
Mayonati is offline   QUOTE Thanks
Old 05-01-09, 03:12 PM   #34
JimmyG
Member

 
JimmyG's Avatar 

Join Date: Apr 2001
Location: Michigan

10 Year Badge
 
Broken links


All of these links are broken:

Additional Information:

* A Beginner's Guide To Securing a Wireless Network: A guide written by our own macklin01 while slightly out of date (written Sept. 03) it contains many useful bits of information as well as many tips for actually implementing the security methods discussed in this guide
* Kilian's Guide for Wireless Network Security in Windows XP A great guide for secure wireless networking.
* Wi-Fi Security: A guide from http://www.wi-fi.org that covers many of the security tools discussed above.
* WPA Password Generator: A password generator from Steve Gibson at www.grc.com that creates WPA passwords that will be immune to dictionary and brute force attacks. Just copy and paste the random key into a text document and repaste it into all of your wireless devices.

__________________
Main Computer: INTEL 2600K; ASUS P8Z68 Deluxe; 850W Corsair; Antec P280 case;16 Gigs Corsair Vengance;EVGA 560 TI; 120 INTEL SSD; 2x500Gig WD HD; op system: Win 7-64; Backup computer:INTEL Q6600; 650W Corsair in Antec P180 Case; 4 Gigs RAM; EVGA GT430; Gigibyte P45T-ES3G mobo; 1x200 GB WD; 2x160 GB WD; 1x1GB WD. Operating system: Win 7 -64. ***Avatar by Gresyth***
JimmyG is offline Author Profile   QUOTE Thanks
Old 05-01-09, 03:16 PM   #35
macklin01
Computational Oncologist / Biomathematician / Moderator on Vacation, Ph.D.

 
macklin01's Avatar 

Join Date: Apr 2002
Location: Pasadena, CA

10 Year Badge
 
Hmm, as for the password generator, pretty much any random string generator should suffice. I use the one in the Password Safe program, which is a great (encrypted) place to store that random WPA password. :-)

__________________
My heatware (macklin01)

Need image I/O for your science apps? Try EasyBMP

My biomedical research: Mathematical Cancer Modeling & Simulation

I'm on vacation as a moderator as I devote more time to my faculty position.
Thank you for your understanding if I don't respond to your PM. -- Paul
macklin01 is offline Folding Profile Heatware Profile   QUOTE Thanks

Post Reply New Thread Subscribe


Overclockers Forums > Software > Internet, Networking, and Security
Internet, Networking, and Security Networking and Viruses/Malware trouble. Get the answers here.
Forum Jump

Thread Tools Search this Thread
Search this Thread:

Advanced Search


Mobile Skin
All times are GMT -5. The time now is 12:09 AM.
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
You can add these icons by updating your profile information to include your Heatware ID, Benching Profile ID or your Folding/SETI profile ID. Edit your profile!
X

Welcome to Overclockers.com

Create your username to jump into the discussion!

New members like you have made this the best community on the Internet since 1998!


(4 digit year)

Why Join Us?

  • Share experience
  • Max out your hardware
  • Best forum members anywhere
  • Customized forum experience

Already a member?