Skip to comments.
Wi-Fi cloaks a new breed of intruder (Turn on your router's encryption, people!)
St. Petersburg Times ^
| July 4, 2005
| Alex Leary
Posted on 07/05/2005 11:21:25 PM PDT by Dont Mention the War
click here to read article
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-60, 61-80, 81 next last
41
posted on
07/06/2005 4:26:25 AM PDT
by
firewalk
To: BeforeISleep
Had second thoughts...huh?
To: tarator
Oh and as far as admin for password, if that be the case......change that too, I have found networks that were unsecure and had the default password as admin!! This allows me to get you main ISP email address and account password, using a simple program.
43
posted on
07/06/2005 4:28:10 AM PDT
by
.308 PSS
To: Dont Mention the War
By the way, WEP encryption is so lame as to be almost totally useless. Turn on WPA encryption instead. Encryption of communications between the devices doesn't prevent the communication.
To limit the devices that can access your wireless network, ID each permitted device by its MAC.
44
posted on
07/06/2005 4:29:56 AM PDT
by
Cboldt
To: HAL9000
Access control - not encryption - is useful for preventing unauthorized use of bandwidth. A point obfuscated by the thrust of the article, and most of the comments on this thread.
45
posted on
07/06/2005 4:32:51 AM PDT
by
Cboldt
To: Cboldt
Using the proper settings for encryption also prevents access to the WAP. Using WPA-PSK/AES with MAC filtering is a "belt and suspenders" way of securing your network.
Of course, the best way would be to use RADIUS and a password token (i.e SecureID). But that's way beyond what's needed for the average Joe's home WLAN.
To: Sprite518
Set your wireless router to not broadcast the SSID. Then, make up a SSID which is difficult to guess, like you would a password - e.g., use @ for 'a' and 0 for 'o' in the SSID. That plus password encryption (the highest your router will support - mine uses 128-bit) will go a long way.
Also: change your password regularly. One good strategy for creating passwords is to take a poem or a limerick you know, and use the first initials of every word to form the password.
47
posted on
07/06/2005 4:49:39 AM PDT
by
COBOL2Java
(If this isn't the End Times it certainly is a reasonable facsimile...)
To: Focault's Pendulum
48
posted on
07/06/2005 4:51:47 AM PDT
by
firewalk
To: PogySailor
Using WPA-PSK/AES with MAC filtering is a "belt and suspenders" way of securing your network. There is more than one way to obtain unauthorized access. For most home networks, it is sufficient to limit the machines that are authorized (e.g., via MAC limiting), without getting to the "user" level.
Encryption is necessary to make it more difficult for strangers to snoop on your broadcast keystrokes.
The problem with this article is that it plants the idea that data encryption instigated/required by the WAP will prevent unauthorized access.
49
posted on
07/06/2005 4:52:10 AM PDT
by
Cboldt
To: .308 PSS
I have found networks that were unsecure and had the default password as admin!! I can't tell you how many commercial systems I've worked on where they had the password set to 'password'! >:-0 Blows my mind...
50
posted on
07/06/2005 4:53:25 AM PDT
by
COBOL2Java
(If this isn't the End Times it certainly is a reasonable facsimile...)
51
posted on
07/06/2005 4:54:16 AM PDT
by
VeniVidiVici
(In God We Trust. All Others We Monitor.)
To: MrsEmmaPeel
"If you have a wireless network, and its not encrypted, you're just plain loopy."
Bump
52
posted on
07/06/2005 4:54:49 AM PDT
by
bwteim
(Fubar + Aruba = Fubaruba)
To: Dont Mention the War
To: .308 PSS
MAC filtering is simple way to keep people out, not bullet proof.......nothing is, but its better than nothing and keeps the casual wardriver out. With MAC filtering the user will go to other unsecure networks. Exactly. It's the same as securing your car or home from theft; let them go look for easier pickings. Sad to say, but you can hope that the crook will pass over your network because it's too difficult, and instead go over to your idiot neighbor's.
54
posted on
07/06/2005 4:59:26 AM PDT
by
COBOL2Java
(If this isn't the End Times it certainly is a reasonable facsimile...)
To: COBOL2Java
I should post here more regularly, I like to read the posts but I do not have alot of time to post.
55
posted on
07/06/2005 5:25:42 AM PDT
by
.308 PSS
To: SDGOP
Is echelon a real thing?
----
Real. Very. Trust me.
To: Cboldt
It does make a hash of access control and packet protection. But then again I don't expect to high a level of technical detail in a newspaper. I didn't link to the article so I don't know if they referenced some other material on the subject.
Since WPA-PSK is one of the standard models of 802.11x, it does control access. If the client (or supplicant in 802.11x lingo) doesn't have the proper key, the WAP will not establish a connection. The data confidentiality is provided by TKIP (WPA) or AES-CCMP (WPA2). The PSK that controls access also is used as the seed for the packet encryption for both methods.
The problem I see with most (if not all) consumer WAP models is that out of the box they are "open" and most people don't bother to set up any authentication or encryption. And the documentation that comes with them (at least 6-8 months ago) isn't really straight forward with the need to change settings.
For instance, I found several open WAP's in my neighborhood when I was setting my WLAN up (scanning to see if I needed to change the WAP's channel) and helped them get locked down. The homeowners didn't know they were at any risk.
If I didn't do networks for a living (I'm a CCNP/CCDP) I'd have never known how important it is to change those defaults.
To: PogySailor
BUMP and Bookmark for later
58
posted on
07/06/2005 6:22:57 AM PDT
by
Ranxerox
To: .308 PSS
Thanks! Actually we've got eight total but it works great! If the MAC address isn't on the list it doesn't get through the gateway! The two I mentioned were wireless PCs but it affects the wired PCs as well. I was worried I'd have to add a couple of hubs but that was not necessary. Thanks again! ;-)
59
posted on
07/06/2005 9:43:38 AM PDT
by
Tunehead54
(In honor of our bravest in armed service to our nation.)
To: Dont Mention the War
I have a rock solid, 100% guaranteed way to secure my computer from unauthorized, Wi-Fi access: I don't USE Wi-Fi! Imagine that!
I never understood the appeal of it anyway. So you can sit on your porch while using your laptop? You can avoid hooking a simple cable into your computer at a coffee shop? WHOOPIE!
What's so taxing and challenging about running wires to where you normally would want to sit and work/play with your laptop? I mean, are Wi-Fi users literally walking around while they're online, and thus couldn't possibly use a cable/cord?
I already know the answer to that question, as my parents have Wi-Fi. But still, given these latests methods of theivery, if I were them I would look into just running wires to the most common points where they like to sit and work on the computer. I mean, why invite trouble?
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-60, 61-80, 81 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson