Posted on 11/01/2010 9:50:50 PM PDT by Wooly
Chances are you don't leave your front door unlocked. And you shouldn't leave your Wi-Fi network unsecured either.
Many of you may have heard this before, but many still seem to not be doing anything about it. You should. Here's why. With a $50 wireless antenna and the right software a criminal hacker located outside your building as far as a mile away can capture passwords, e-mail messages, and any other data being transmitted over your network, and even decrypt data that is supposedly protected.
(Excerpt) Read more at news.cnet.com ...
MAC filtering is almost no protection.
Thanks for that information. I layer mine: 5Ghz (fewer radios, much less distance), lower TX power on router, WPA2, frequently changing very long convoluted passwords, and MAC filtering. The latter is the biggest pain to administer when guests or new network cards need to be on the network. I can now drop the MAC filtering as it really isn't that valuable for the protection it offers in trade with the hassle involved.
The computers on the network don't share anything, and encrypt data drives. The only thing open is the network share drive for music, photos, clipart and videos.
I secure my wifi network, but don't really go all out for it. If someone wants in badly enough, they can get in. If you're not willing to accept that, don't use wifi.
That helps if you want to make the bad guy's job a little bit harder, but it is trivial to spoof a MAC address.
“With a $50 wireless antenna and the right software a criminal hacker located outside your building as far as a mile away can...”
With a rock any idiot can bypass your door lock.
Very easily spoofed. Only useful if you're trying to keep out somebody's grandma.
I do - I’m paranoid about that, too......and my incoming is protected by a lock box.
bookmark
I just wish encrypting didn’t adversely affect connection speed.
One thing that has not been mentioned so far in this discussion is to buy a newer model wireless router and adapter. Not only will you get the newer security protocol, but you will increase the speed and range.
The newer ones are inexpensive and easy to install. And as a plus for DSL users, you can get rid of the bloat ware that loaded with your original DSL installation.
Just do not forget to disable the wireless on the cable/DSL Modem/Router
I honestly don’t know. You will have to ask that question of people who are more computer literate than me, however I don’t think you are secured, if it doesn’t say so on that screen.
bttt
I'm shutting the wireless off. There's nothing wrong with CAT5.
I respect him too, most of the time. However, if you read through the article, he says he does it mostly because he believes the risk to his data to be low. That is not the case for everyone. He cites the availability of free wireless at several coffee shops nearby where a freeloader could get wireless in a warm room instead of hanging out in a car in front of his house. He also handwaves away cease-and-desist letters from ISPs, RIAA lawsuits, police investigations etc. He even says that, due to a lack of technical savvy in a courtroom, you could be charged even if innocent if someone else commits a crime on your network, and he goes on to say that your best bet in that case is to do a plea deal.
The thing to keep in mind is that Bruce is like the guy who runs LifeLock. Everyone knows who he is, so he’s not at much risk. He is quite wealthy, so court is an annoyance to him. He is a senior executive at British Telecom, so the police are far more likely to believe him when he says he didn’t use his network to hack, say, British Telecom. He is right that the odds are in your favor that you won’t get hacked, but that only holds until you’re the one who gets hacked. He does point out that his data is at risk this way, but says that if you make your computer secure, it doesn’t matter. The problem with that statement is that it is wrong. Yes, the data on his computer is safe, but the moment his bank password leaves his secure computer, it’s out in the wild and unprotected.
Lastly, Bruce is, as you point out, a security professional, and a very experienced one at that. He most likely has much more of a handle on secure computing than the average user. Because of this, he is much less likely to make the kind of mistake that would leave him exposed than the average user is. Therefore the average user is better served by making as much of their security automatic as possible, so they don’t leave themselves vulnerable when they make the inevitable mistake.
MAC filtering is worthless too, because MACs are easily spoofed.
MAC filtering is worthless too, because MACs are easily spoofed. If I can see your traffic, I can pretend to have one of the authorized MAC addresses. I can even kick the legitimate one off the network, and keep kicking it to prevent it from re-connecting.
4l8r ;-)
Indeed. My desktop is wired at home. I much prefer the stability and security of wired connections.
Any bank that doesn't use SSL for transactions isn't worth keeping money at.
Overall, I agree with the rest of your points. I understand security pretty well, so I make sure the local boxes at home are locked down fairly tight, and we have no MS-Windows computers to provide easy vectors. The wireless network is secured, but I don't have any illusions as to the real benefit of that against a determined adversary. Mallory will get inside if she really wants to.
I cruised a part of my neighborhood with my phone running WiFiFoFum on logging mode. Later I showed the results to a group of neighbors. Boy, were they shocked, 60 access points, one third of them running open, one third with only easily-brakable WEP.
And it wasn’t any sort of special hacking tool — just a phone with free software loaded. If I’d bothered to use a notebook with hacking tools I could have owned 2/3 of the networks in the neighborhood, and probably half the computers.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.