In order to participate in the GunBroker Member forums, you must be logged in with your GunBroker.com account. Click the sign-in button at the top right of the forums page to get connected.
Wireless Question?
Nighthawk
Member Posts: 12,022 ✭✭✭
I was reading Eric's post and it made me wonder, can my neighbor tap into my wireless connection and use it?
Comments
If you set a password and locked the system then unless they "hack" it some how then no they can not.
If you have an open (ie unlocked) system then yes they can.
This is assuming they are in a spot they can get the signal.
Well, if they were all educated on these topics, I would not have a job. So no complaints here.
If you can't feel the music; it's only pink noise!
Enable encryption and use the strongest method offered by your product and turn off the beacon so that your SSID isn't broadcasted and neighbors or internet thieves can't see your Router. Your setup will then be very secure!
you old fart, you ain't just another pretty face are you??? a geek in sheep's clothing.
quote:Originally posted by Old-Colts
Enable encryption and use the strongest method offered by your product and turn off the beacon so that your SSID isn't broadcasted and neighbors or internet thieves can't see your Router. Your setup will then be very secure!you old fart, you ain't just another pretty face are you??? a geek in sheep's clothing.[:I][:I][:D]
If you can't feel the music; it's only pink noise!
Can you log in to your router and see the configuration settings? If not I will start by getting you in to the router and then we will go from there.
Read over the user guide if you have it. If you don't, download a copy from the manufacturer website. Once you have looked it over you may find the answer yourself. If you are still confused I will be glad to help.
Trust me when I say that your PCs are not secure if you open up your router. I got tired of the teenage neighbor here trying like hell to crack my router/firewall. I installed a new wireless network and left the old one up (with slightly less security). When he finally hacked the decoy, there were no more attempts on it for almost a month. Hope the little turd had lots of trouble with his PC for awhile.
DHCP is not secure. Even if your router is not open, all it takes is some skill with HTML (the language of the we page) and some basic script language know how to access many routers. Hell, the tutorials and even the exact code to hack specific Linksys, Netgear, and even Cisco routers can be found on the internet via a Google search.
Here is a tech read out on DHCP and it's lack of security if interested.
https://forums2.symantec.com/t5/Emerging/DNS-Pharming-Attacks-Using-Rogue-DHCP/ba-p/370377
This makes it a little more work for you to manage adding something new on the network, but is your security worth the time? Mine is.
Hiding your SSID just marks it as hidden - it is still transmitted, and many wireless apps will cheerfully show hidden networks.
All encryption is breakable - wep in about 30 seconds, WPA2 takes a few days and more data to examine. Trivial to do in a neighborhood.
And changing your MAC address to match one you've sniffed out is trivial as well, at least on real operating systems....
quote:Originally posted by BaseJumper
Use WPA-2, do not broadcast your SSID, and then choose to only allow the MAC addresses that you specify and never allow remote administration. Makes it much harder from outside the network. Most won't even try, especially when your neighbors have an open network 3 houses down.
This makes it a little more work for you to manage adding something new on the network, but is your security worth the time? Mine is.
All it takes is a laptop/desktop with wireless capability - Linux operatingsystem and a program that comes with Linux as standard.
You can setup the Linux computer so it "listens" to any traffic on the different channels on the wireless - regardless of it being "SSID Off", encrypted with WEP, WPA or WPA-2 - and even MAC-adressen can be taken/recorded and cloned directly from the wireless communication.
I've personally seen a 128bit coded WPA-2 wireless network with "Do not broadcast SSID" and set to only allow certain MAC-adresses - be cracked in 7 minutes.!
That was sone with a HP Pavilion laptop, running UBUNTU (Linux) and the serviceprograms that comes with that operatingsystem.
We're not safe.
But set it up as good as you can - and hope there are no geeks that want to put some blame on you.
You can only block out the "regular" users - i.e. those that live close by and tries to scan for open networks.
"SSID Broadcast" is a function that makes the router broadcast it's network ID - if you turn it off, you have to know there is a network, and make the computer search specifically for that network name, in order to get a responce.
So when you are done setting it up - turn off "Broadcast SSID".
Of WEP, WPA and WPA-2 - the WPA-2 is the strongest/most complicated coding.
If you don't have many neighbours and consider it a low risk - it doesn't matter much which one you choose.
If you live in a city, with many people within range, you should use WPA-2 and the strongest encoding you can.!
But in order to keep out "regular" users - any 128bit encoding will do.
As wireless routers are usually 10MBit or 54MBit, and the internet is WAY less.... you won't feel any speed-difference between the different encodings - so just choose the strongest encoding that your setup will accept.
Also, change the IP-adress as well as the ADMIN-account password.!
You use the factory IP-adress to connect to the router, when setting it up - and you probably use ADMIN without any password.
Then all a hacker needs to do, is try to connect to the standard factory IP-adresses and type in ADMIN. All other security would then mean absolutely zilch/nada/bubkus.
Also, run through the router settings, scan your MAC-adress and make it one of the approved computers.!
It won't mean nothing for an experienced/semi-experienced hacker, but it would keep out the "regular" users that might get lucky with trying passwords.
If they crack the password and make contact to the router - the router checks if the MAC-adress is correct.
MAC-adress is a code that is put together from different hardware-options in your computer - and with a serialnumber in the wireless network hardware.
"Regular" users won't have the same MAC-adress and the router will filter them out.
Hackers can "sniff" MAC-adresses, and any passwords in WEP, WPA and WPA-2 encryption - simply by letting the computer listen to any traffic on the wireless router frequencies.
If you do these things - you will keep out most people, except semi-experienced/experienced hackers. (nerds)
So:
select the strongest encryption available in the wireless router and the computer. - it might be WPA or WPA-2 - or if it's an older system, it might be the WEP.
You can update your system to allow for stronger encryptions, and WPA-2 would be the best.
Chance the Admin-password (remember, passwords are case sensitive... so "broadway" isn't the same as "bRoaDWaY", for instance)
Change the router IP-adress, so it won't respond to hackers or regular users trying to detect factory set router-IP's.
Remember when you change the IP-adress, if you need to make changes - it will be the new IP-adress that you would have to use to gain access to the Admin-part of the router.
Change the wireless networkname to something only YOU know.
Set it to "Broadcast SSID = OFF" - then regular people won't get "Nighthawk Wireless" to pop up when they scan for networks.
They would have to know the networkname. (it's a soft code in itself)
Set the router to accept your own MAC-adresses of your various computers.
If you can - setup a Log, and keep an eye on it from time to time.
It will help you see if anyone tries to make a fool out of you.
That should do it - for the most part.!
The only way to make the network more secure than the tools allowed on common routers (WPA-PSK, allow only know MACs, no broadcast) is to install programs on your PCs that encrypt all data going over the network with 256 bit AES encryption keys. That way none of the data you send is in the clear and much harder to capture any of it even with the listening tools available.
Security on wireless is not like the Showtime Rotisserie Ovens: you can't "Set it and forget it". Check your logs, set your security to email you upon certain events and don't give your kids the password to log into the router and change anything.