[brainwashington]

Just joined UKOnline and they kindly threw in a 54g wireless router/adsl modem. Can someone please clarify what simple steps I need to take to secure my network.

If I switch on my laptop in my 'hood' I can pick up at least 2 different wirelss access points, and surf their internet so I assume these guys have no security.

Cheers in advance

Carlos

 

[Felix]

In that case, why not cancel your account with UK Online, and just use your neighbours internet for free?[]

In all seriousness - there are a few basic steps you can take on your wireless set up.

Firstly, stop your wireless router from broadcasting your network ID - that way folks cant pick it up when they perform a simple scan of the area.

Next - restrict access by MAC address - that way only your authorised PCs will be allowed to pass traffic through the router.

For most home networks that will do the trick.

Hope that helps.[][Y]

 

[simch]

But does it really matter if they can use your "line"?

 

[Felix]

It does if they use it for porn or illegal movie downloading...

Guess where the letter will arrive? - yep, on your doormat.

Better safe than sorry imho.

What about an extreme example - what is to stop a terrorist renting a house where he knows there is an unsecured wirelss network around - thats some serious trouble the owner is going to find their way out of, not hard to do I would imagine, but the feds will still take your PC away and awake you in the middle of the night etc.... Try explaining that to the neighbours!

There will soon be a serious security issue in this country as wireless devices take off - there must be hundreds of novice people every week buying wireless devices from places like PC world - taking them home, plugging them in and not bothering to secure them, or not understanding how.

This will eventually lead to thousands if not hundreds of thousands of unsecured networks around the land, just itching to be used for dodgy puproses.

Seriously, whats to stop this guy just using his neighbours internet for free?

It will also lead to lost revenues for ISP's, hough not on a massive scale, it will still be an issue. Whats to stop two families living in two joined semi's paying for one connection to one house, and then sharing it? Who would know? I know some friends that do that.

There are a whole raft of repocussions for the abuse of wireless technology - and security is going to be a biggie.

 

[brainwashington]

In that case, why not cancel your account with UK Online, and just use your neighbours internet for free?[]

In all seriousness - there are a few basic steps you can take on your wireless set up.

Firstly, stop your wireless router from broadcasting your network ID - that way folks cant pick it up when they perform a simple scan of the area.

Next - restrict access by MAC address - that way only your authorised PCs will be allowed to pass traffic through the router.

For most home networks that will do the trick.

Hope that helps.[][Y]

Cheers mate,

Follow up question. How do I restrict access by MAC address? assuming that I only want two laptops to access the wireless router.. Do I need to find out their MAC adress and input those into the router settings?

Also is the MAC address the same as WEP or is this another form of security.

Cheers

Carlos

 

[Felix]

WEP is anothe form of security (Wireless Encryption Protocol, if I recall correctly).

Your MAC addresses for the two laptops can be found in a couple of ways - if the wireless cards are seperate cards tha you fit into the laptop (PCMCIA cards) then the mac address may well be printed on the reverse of them.

If not or your wireless technology is builtinto th laptops, then do the following, (ensure your laptop is running, with the wireless network card installed)

Click Start, Run, type "cmd" and click OK. You will now have a dos box or command promt to type into.

type: ipconfig /all

and press return, you should now see a whole rft of information about your network setup on the pc, you are interested in the bit "physical address" it will be in the form xx-xx-xx-xx-xx-xx.

Now you need to find the setting on your router that allows you to restrict by mac address, enable theoption to restrict by mac address, type that address and the address of the other laptop into the list, and you're all done.

 

[brainwashington]

Cheers Felix,

I think I now feel reasonably confident about switching on my wireless router.

Carlos

 

[Felix]

LOL - youll be fine - just post on here if you have any problems, I'm sure there will be someone around to help![]

 

[Eastman]

POST HIJACK Alert!!!

Apologies for butting in here but I need some advize too!

My laptop has a wireless card and picks up other wireless devices. I.e. HPSetup HPVoyager.

How do i connect to these devices and use their internet connection. Apologies for beining so iggnorant.....

 

[spencert]

>>> Next - restrict access by MAC address - that way only your authorised PCs will be allowed to pass traffic through the router.

Mac addresses can be spoofed though, by someone that knows what they're doing, typically these people that are the ones looking for unsecured wireless access points. Although I doubt they'd know your mac address(es)

 

[Felix]

yes thats more often done by reading themac addreses of clients conecting.

i.e. setting up your own unsecured gateway in a hotspot (in a carpark outside a busy office for example). Then when clients scan for the network, they see yours and connect - obviously the dont get very far as your network is a dummy. And these clients then connect to their correct network.

However you now know the MAC address of a valid client inside that building. So now if you know how to spoof a mac address, you are part way there - just the SSID and wep encyption to get round.

I tell ya' - this wireless technology is going to cause chaos sooner or later...

 

[Y0Gi]

On my network ive just got it secured via the mac address numbers. Ie only the cards i tell it can connect?

Is this secure enough?

 

[TouranMan]

I would advise setting up WEP or WPA encryption also.

 

[simch]

I have just moved to a village and street full of old people. They dont even know what the internet is round here, some are still unsure what electric is!

SO I am pretty sure I dont need to worry at the moment, although my wireless laptop is picking up my 80 year old neighbour's, (Ron's!) hearing aid![]

Cripes, his missus dont alf go on!

 

[brainwashington]

Just set up my wireless router with 64bit WEP security key, MAC address filtering and SSID broadcast thingy switched off.

Am I now safe from WiFi hijackers???[8-|]

Carlos

 

[bigburd]

I have just moved to a village and street full
of old people. They dont even know what the internet is round here,
some are still unsure what electric is!

SO I am pretty sure I dont need to worry at the moment, although my
wireless laptop is picking up my 80 year old neighbour's, (Ron's!)
hearing aid![]

Cripes, his missus dont alf go on!

Old people, be careful you may get tarnished with the same brush...

For those wanting to find local wifi points dig out a program called Net Stumbler it's great...

 

[Carlos]

Netstumbler is awesome, I has a drive around my local village with my laptop and about half of the APs were unsecured.

I had some fun with one printing about 10 images of animals to this one printer I found on a LAN. Harmless fun []

 

[rich1068]

Just joined UKOnline and they kindly threw in a 54g wireless router/adsl modem. Can someone please clarify what simple steps I need to take to secure my network.

If I switch on my laptop in my 'hood' I can pick up at least 2 different wirelss access points, and surf their internet so I assume these guys have no security.

Cheers in advance

Carlos

I found myself in a very similar situation last week. I posted on Briskoda and got some useful replies. See here http://www.briskoda.net/forums/t28220-wireless-networks-many-questions.html

 

[iwilliams]

Not wanting to scare to many of you but I do this stuff for a living ( internet security )

and could break a wifi network in seconds...WPA WEP what ever.

Basically turning SSID broadcast off or using wep,wpa its all breakable.

Look at this web site

http://new.remote-exploit.org/index.php/Auditor_main

Download the iso and boot from a laptop..

Netstrumbler or ministrumbler is a basically quick and easy tool for looking at SSID

The auditor program has many many programs written in opensource and will get

the SSID from the packets. Then use a capture util to break the WEP or WPA .

There is many many programs for man in the middle attacks.

The amount of people buying wifi or bluetooth devices without knowing
what can happen is wrong, there will be a major problem oneday.

Remember if you use this on someone elses network your hacking, so I have only used these

tools on my own network.

If you want any help PM me or reply here, I should be charging for this really...