Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

security help...

  • 04-01-2007 11:10pm
    #1
    Closed Accounts Posts: 127 ✭✭


    i looked through the threads and can't find any info on this even though i saw it here before....
    i checked the sticky at the top but i can't understand it....
    can anyone tell me in plain english how to go about securing my wireless network?
    any help mucho appreciated.


Comments

  • Closed Accounts Posts: 17,208 ✭✭✭✭aidan_walsh


    Well, first things first. What wireless router do you have? That will determine what options can be explored in terms of what encryption methods can be used.


  • Closed Accounts Posts: 127 ✭✭loadabollocks


    i have the netgear WGT624.....


  • Closed Accounts Posts: 127 ✭✭loadabollocks


    i have been messing around with it....the WEP shared key.... passphrase key generation etc..... but i haven't a clue what i'm doing to be honest. I've read a couple of things about WPA, suggesting this may be more secure....is this correct and if so how do i go about setting it up?
    I don't really want my performance (strictly tech related here :D )to be affected to much either....


  • Registered Users, Registered Users 2 Posts: 640 ✭✭✭Wcool


    ok, this is all rule of thumb:

    WEP = least secure (except for unencrypted of course)
    Apparently, someone with a sniffer and the right software can find the key in a day.

    WPA = better. AFAIK the password key is changed at a regular interval by shifting the keyword

    WPA2 = even better

    All these protocols work by supplying a password to both the router and the client(s). Whenever you want to attach a new client to the network you need to enter a key in the client computer (once..)

    But there are many more ways to make it more secure:

    - disable remote login to your router (only from a fixed network computer you can logon to your router)
    - disable reply to ICMP (pings) requests. If the don't know you , they will not attack you.
    - allow only certain MAC addresses (of your network cards) to the network. This won't stop anybody serious but it helps
    - have the least amount of ports on your router open as possible
    - install a firewall on your client computers that warn you when you make an connection FROM your computer

    Of course, if you life in a rural area, there is less chance of anybody snooping, it all depends...


  • Closed Accounts Posts: 127 ✭✭loadabollocks


    that sounds like good informaition.....thanks.
    i'l give all of that a shot, although i'm not sure how to go about enabling WPA2.....should that be in my router settings?


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 2,051 ✭✭✭mayhem#


    Standard checklist for basic level security for a Wireless AP;

    1) Disable DHCP and only use static IP adressing.
    2) Enable WPA.
    3) Enable MAC-address filtering.
    4) Disable SSID broadcast.
    5) Change the standard logins on the router & modem.
    6) If possible decrease transmit strenght to limit signal to premises.

    All other security measures (port blocking, firewall etc. are off course nececsary but are not related to the wireless bit..).

    E.


  • Closed Accounts Posts: 127 ✭✭loadabollocks


    great stuff thanks for the help lads....
    the fun starts now trying to figure out how to do all this stuff.........watch for my post on how to rebuild my pc from scratch hehe...


  • Registered Users, Registered Users 2 Posts: 7,265 ✭✭✭RangeR


    i looked through the threads and can't find any info on this even though i saw it here before....
    i checked the sticky at the top but i can't understand it....
    can anyone tell me in plain english how to go about securing my wireless network?
    any help mucho appreciated.

    I typed up a pretty comprehensive guide a while ago for a dlink adsl wireless router. Specifically this and this. The steps are the same but you will have to consult your manual for the exact specifics.
    I've read a couple of things about WPA, suggesting this may be more secure
    WPA IS more secure than WEP, no maybe about it.


  • Closed Accounts Posts: 127 ✭✭loadabollocks


    ok i put in the password and stuff for the WPA.

    then i tried connecting using the laptop....i punched in the password and it said it was connected etc.....however i can't get onto the internet!

    im baffled


  • Registered Users, Registered Users 2 Posts: 3,568 ✭✭✭ethernet


    mayhem# wrote:
    Standard checklist for basic level security for a Wireless AP;

    1) Disable DHCP and only use static IP adressing.
    2) Enable WPA.
    3) Enable MAC-address filtering.
    4) Disable SSID broadcast.
    5) Change the standard logins on the router & modem.
    6) If possible decrease transmit strenght to limit signal to premises.

    All other security measures (port blocking, firewall etc. are off course nececsary but are not related to the wireless bit..).

    E.
    7) Disable remote access, especially on port 80.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 7,541 ✭✭✭irlrobins


    however i can't get onto the internet!
    Read step 5 in the FAQ stickied at top of the forum and let us know how u get on.


  • Registered Users, Registered Users 2 Posts: 2,051 ✭✭✭mayhem#


    ethernet wrote:
    7) Disable remote access, especially on port 80.

    Remote access to what?

    E.


  • Registered Users, Registered Users 2 Posts: 3,568 ✭✭✭ethernet


    mayhem# wrote:
    Remote access to what?

    E.
    Remote access to the router's web-based config pages, especially if using a weak password.


  • Closed Accounts Posts: 884 ✭✭✭NutJob


    WEP can be broken and i have managed to do it between 7min and 7 hours depending on settings and aggressiveness of the attack (iv done it legally).

    -Once ur key has been broken disabling ur DHCP address and limiting mac addresses are effectively useless as i could sit back and watch all ur traffic then with enough information join ur network.

    -Ogh and Hiding SSID only hides it from windows not anyone on a linux box with kismet (its in the linux repositories)

    Now WPA is far more secure and is not fundamentally broken but is subject to brute force attacks using rainbow tables and a tool called cowpatty. This would be my recommendation for a home user.
    (That is unless ur lucky enough that your hardware(unlikely) supports WPA2 the use that as its tougher again.)

    A. So how do you protect against a rainbow table attack simple rainbow tables were generated last year for all of these SSIDS so dont use one of these
    http://www.wigle.net/gps/gps//Stat

    B. Use a long pass phrase and mix it up with non alphanumeric characters. A password like this will never be brute forced as most people will give up after a week https://www.grc.com/passwords.htm

    So simply to secure wireless use WPA with a crazy password + crazy SSID.


  • Closed Accounts Posts: 127 ✭✭loadabollocks


    great thanks for all your help lads......much appreciated.


Advertisement