RootsChat.Com
General => Technical Help => Topic started by: Su on Friday 16 October 09 16:43 BST (UK)
-
I was watching on the news today about hackers into wireless broadband. The reporter said that the wireless should be password secured.
How do I find out if mine has a password please?
I'm a bit thick when it comes to that sort of thing.
Kind regards
Su
-
What is available to you depends on the hardware and software you have. The manual and/or help files which came with your router/hub should have details.
If the hardware was supplied by your broadband supplier their help line should be able to talk you through the process.
Graham
-
Basically you need to log in to your router and create a password. The password could be up to 26 characters in length, you then need to add this password to your computer otherwise you will not be able to access the internet if you connect wirelessly. You need to find your paperwork that came with your router or post back on here with the model number you have and perhaps we can help you make it secure.
-
Hi Sue, if you tell us the make of your router then someone with the same will be able to tell you what to do.
If it is a Belkin then type http://192.168.2.1 into your address bar at the top of IE or firefox or whatever browser you are using.
on the first page of your router type in the password if you have created one here, most people don't. Then click on submit.
somewhere you will see your SSID, just like a log-on to, say, Rootschat.com :)
then if you click on the security button you will go to a page with key 1, key 2 & 3 & 4. If a key has NOT been set then the row is a series of 000000's. My first row has been set by me with my own code with the same length as the series of 0000's.
This number is like the password you use to log-on to rootschat, along with your log-on name.
So your router will be secure using (log-on) SSID and (password) Key 1 (or more if you can see the use).
Of course anyone wishing to connect to the internet using wireless and your router will need to know these two items in order to log on to your router.
cheers, falcybe
ps: if you have another make of router then the access to its codes could still be http://192.168.2.1 or http://192.168.0.1 or http://192.168.1.1. Play around a bit or read your manual. The old adage, that: if all else fails, read the manual ;D
-
Perfect timing!
I have to go try & set my sisters wireless up tomorrow and I couldnt remember how to do it (its 3 years since i did mine!)
Thanks for the refresher!
Gaille
-
ALso, your wireless capable Router can still be hjacked, as we discovered even if you still still use cable to connect to it. (We found wireless was slower)
My SO uses a free version of Network Magic. I'm unsure if it's still available.
Mick
-
There are two types of encryption currently in use - WEP and WPA. WPA is the newer one, which some older routers cannot handle.
WEP can be hacked by the average 14 year old geek in less than 10 minutes.
There's even videos to show them how to do it.
Don't use WEP encryption - you might as well have no security at all.
If your modem/router can't do WPA encryption, you may be able to get a firmware update for it.
If you have an unsecured wireless connection, and someone uses it for illegal purposes, then it's you that will be held responsible.
-
Are you sure, Nick? (silly question?) Can you point us towards the videos?
I cannot remember the details now but I thought that 128bit WEP was the best security setting, or was it the best without becoming too complicated? That was last August, when I went over to wireless.
-
Thanks everyone for your replies my wireless is Netgear if that helps.
Kind regards
Su
-
Hello Sue,
That is a start, now do you know the model number?
I had a quick look on the Netgear website and it said, if you look here:
http://kb.netgear.com/app/answers/detail/a_id/1148/session/L3NpZC9ZaFVNbEZLag==/sno/0
default username is admin and default password is either password or (for older models) 1234.
However this is only useful for getting into the router where you will need to check for router protection, the SSID and Key I talked about earlier.
Have you tried the http addresses I gave you in order to get into the router information?
All the best, falcybe
-
Thanks everyone for your replies my wireless is Netgear if that helps.
Kind regards
Su
That is what I have so try and go here:
http://192.168.0.1/start.htm
Login with Admin + password and find the wireless settings on the left hand side. In the Name (SSID) box type what you want to call it, the mode box should be g&b. Then select WPA-PSK and follow the instructions.
If your computer connects to the internet wirelessly then you will need to add this password into the relevant box on your PC, you might need to run a wire from your computer to your router if you lose the connection.
-
Are you sure, Nick? (silly question?) Can you point us towards the videos?
I cannot remember the details now but I thought that 128bit WEP was the best security setting, or was it the best without becoming too complicated? That was last August, when I went over to wireless.
I'd rather not, because encouraging WEP hacking is sailing too close to the forum rules, but I think that a quick Google would find all you need to know :)
-
There are two types of encryption currently in use - WEP and WPA. WPA is the newer one, which some older routers cannot handle.
WEP can be hacked by the average 14 year old geek in less than 10 minutes.
There's even videos to show them how to do it.
Don't use WEP encryption - you might as well have no security at all.
If your modem/router can't do WPA encryption, you may be able to get a firmware update for it.
If you have an unsecured wireless connection, and someone uses it for illegal purposes, then it's you that will be held responsible.
Are you sure, Nick? (silly question?) Can you point us towards the videos?
I cannot remember the details now but I thought that 128bit WEP was the best security setting, or was it the best without becoming too complicated? That was last August, when I went over to wireless.
I'd rather not, because encouraging WEP hacking is sailing too close to the forum rules, but I think that a quick Google would find all you need to know :)
Of course, this is all correct but, for the vast majority of us there is little to be concerned about.
Like everything else it all depends on the risk of somebody trying to break in. If the risk where you live is high then of course you need the highest level of security - but if the risk is low then extra security doesn't have to be number one on the to do list.
Graham
-
There are two types of encryption currently in use - WEP and WPA. WPA is the newer one, which some older routers cannot handle.
WEP can be hacked by the average 14 year old geek in less than 10 minutes.
There's even videos to show them how to do it.
Don't use WEP encryption - you might as well have no security at all.
If your modem/router can't do WPA encryption, you may be able to get a firmware update for it.
If you have an unsecured wireless connection, and someone uses it for illegal purposes, then it's you that will be held responsible.
Are you sure, Nick? (silly question?) Can you point us towards the videos?
I cannot remember the details now but I thought that 128bit WEP was the best security setting, or was it the best without becoming too complicated? That was last August, when I went over to wireless.
I'd rather not, because encouraging WEP hacking is sailing too close to the forum rules, but I think that a quick Google would find all you need to know :)
Of course, this is all correct but, for the vast majority of us there is little to be concerned about.
Like everything else it all depends on the risk of somebody trying to break in. If the risk where you live is high then of course you need the highest level of security - but if the risk is low then extra security doesn't have to be number one on the to do list.
Graham
I'm confused - how can you tell what risk there is, unless you live surrounded by a Faraday cage ? If you have a road outside your house, then someone can stand or park outside with a laptop and log in, wherever you happen to be. I'm in a very rural area, and I can see 5 other wireless networks. Wi-fi signals can travel over a mile if there's not too many buildings in the way.
I live in a fairly low crime area, but I still lock my doors and windows when I go out. I would be very stupid not to.
-
I'm confused - how can you tell what risk there is, unless you live surrounded by a Faraday cage ? If you have a road outside your house, then someone can stand or park outside with a laptop and log in, wherever you happen to be. I'm in a very rural area, and I can see 5 other wireless networks. Wi-fi signals can travel over a mile if there's not too many buildings in the way.
I live in a fairly low crime area, but I still lock my doors and windows when I go out. I would be very stupid not to.
We all assess risk every day - just think about crossing a road as an easy example.
I submit that the risk of anyone standing or parking outside a house in most housing estates, purely in order to try to obtain free Internet access via any unprotected WiFi networks that might happen to be there, is rather less than it is in somewhere like a business district or, perhaps, a rural area.
Given the ubiquitous nature of places like McDonald's with free WiFi people are much more likely to park in their car parks if they are desperate for free access.
Yes, take precautions but don't anybody panic about risks which are unlikely to exist in many places.
Graham
-
Thanks for the pointer, Nick ;D I found the WEP hacker video next to the WPA one :o
One site says change your password regularly just in case,
The general message I seemed to get was that a password that is a line of random numbers, letters and symbols is harder to crack than a word or phrase that could be found in a dictionary, and the longer the pw, the better; up to 63 characters under WPA.
Imagine changing that every 30 days!!
I can check my traffic and as long as it stays steady and when the FBI/CIA/MI5, 6 or KGB stop parking outside my front door, pretending to be patients of our local doctor across the road, then I'll be quite happy ;D
-
My sisters just got a new phone, and an iPod Touch (Which is why we need to sort her wireless network for her at home)
Last week she was sat on my sofa playing with her iPod and announced "Ohhhh i'm online on your network" to which I replied she couldnt possibly be because it was password protected & I hadnt given her the access code.
When I checked the network name I recognsed the name. We named our network after a family member - not living here - as there were alreasy so many sky wireless networks in the area and I could never remember which one was mine, and I knew another freind & neighbour had named hers in a similar way
When I checked I knew right away she had managed to log in on this neighbours network as it was unsecured - but there were also FOUR other unsecured networks in the same area she could have picked from - she only picked this one cos she thought it was ours.
She logged in for an purely innocent reason, but its worring how easy it was for her to use someone elses connection.
We live in on the outskirts of a medium sized town, in a very quiet area that is almost a village.
Gaille
-
My sisters just got a new phone, and an iPod Touch (Which is why we need to sort her wireless network for her at home)
Last week she was sat on my sofa playing with her iPod and announced "Ohhhh i'm online on your network" to which I replied she couldnt possibly be because it was password protected & I hadnt given her the access code.
When I checked the network name I recognsed the name. We named our network after a family member - not living here - as there were alreasy so many sky wireless networks in the area and I could never remember which one was mine, and I knew another freind & neighbour had named hers in a similar way
When I checked I knew right away she had managed to log in on this neighbours network as it was unsecured - but there were also FOUR other unsecured networks in the same area she could have picked from - she only picked this one cos she thought it was ours.
She logged in for an purely innocent reason, but its worring how easy it was for her to use someone elses connection.
We live in on the outskirts of a medium sized town, in a very quiet area that is almost a village.
Gaille
Hey, GrahamH says not to worry, so (unlike most Roots Chatters) you know where to send the solicitors letters when his helpful advice starts costing you money ! ::)
-
My sisters just got a new phone, and an iPod Touch (Which is why we need to sort her wireless network for her at home)
Last week she was sat on my sofa playing with her iPod and announced "Ohhhh i'm online on your network" to which I replied she couldnt possibly be because it was password protected & I hadnt given her the access code.
When I checked the network name I recognsed the name. We named our network after a family member - not living here - as there were alreasy so many sky wireless networks in the area and I could never remember which one was mine, and I knew another freind & neighbour had named hers in a similar way
When I checked I knew right away she had managed to log in on this neighbours network as it was unsecured - but there were also FOUR other unsecured networks in the same area she could have picked from - she only picked this one cos she thought it was ours.
She logged in for an purely innocent reason, but its worring how easy it was for her to use someone elses connection.
We live in on the outskirts of a medium sized town, in a very quiet area that is almost a village.
Gaille
Hey, GrahamH says not to worry, so (unlike most Roots Chatters) you know where to send the solicitors letters when his helpful advice starts costing you money ! ::)
LOL wont cost me anything - MY networks secured and double firewalled !
Have been round & warned my neighbour how easy it is to get on her network - think she has her computer whizz coming to fix it this week for her - aka her teenage nephew!
Gaille
-
My sisters just got a new phone, and an iPod Touch (Which is why we need to sort her wireless network for her at home)
Last week she was sat on my sofa playing with her iPod and announced "Ohhhh i'm online on your network" to which I replied she couldnt possibly be because it was password protected & I hadnt given her the access code.
When I checked the network name I recognsed the name. We named our network after a family member - not living here - as there were alreasy so many sky wireless networks in the area and I could never remember which one was mine, and I knew another freind & neighbour had named hers in a similar way
When I checked I knew right away she had managed to log in on this neighbours network as it was unsecured - but there were also FOUR other unsecured networks in the same area she could have picked from - she only picked this one cos she thought it was ours.
She logged in for an purely innocent reason, but its worring how easy it was for her to use someone elses connection.
We live in on the outskirts of a medium sized town, in a very quiet area that is almost a village.
Gaille
Hey, GrahamH says not to worry, so (unlike most Roots Chatters) you know where to send the solicitors letters when his helpful advice starts costing you money ! ::)
Nick, you really should read posts thoroughly before commenting. Gaille's post talks about unsecured networks. My comments were in response to your comparison between WEP and WPA, both of which show up as secured on a network scan.
Anyone wanting to gain free access (always assuming that they wander/drive the streets with a laptop hoping to chance on a WiFi access point) is going to go for an unsecured network rather than a secured one - so no point in panicking someone who only has a WEP capable hub/router when the risk is low.
Graham
-
Oh dear, Graham. WEP is about as secure as a paper bag ! People don't "roam the streets" looking for wireless networks - the guy stealing your broadband is probably the son of the guy across the road ! I mentioned standing or parking outside only to illustrate that you are not safe, even in rural areas. And the reason these people often need an access point often isn't because they can't afford their own - it's because they want to use your broadband for their own illegal activities, which can be anything from sending out phishing emails to uploading child pornography.
-
Oh dear, Graham. WEP is about as secure as a paper bag ! People don't "roam the streets" looking for wireless networks................. I mentioned standing or parking outside only to illustrate that you are not safe, even in rural areas.
Perhaps you should have been clearer in the first place then, rather than making such a statement ::)
- the guy stealing your broadband is probably the son of the guy across the road ! ................. And the reason these people often need an access point often isn't because they can't afford their own - it's because they want to use your broadband for their own illegal activities, which can be anything from sending out phishing emails to uploading child pornography.
Which is exactly why I responded as I did on Saturday evening. If you can be bothered to look back and read my post correctly you will see that I acknowledged the difference between WEP and WPA but also pointed out that one has to be realistic about the risk:
Of course, this is all correct but, for the vast majority of us there is little to be concerned about.
Like everything else it all depends on the risk of somebody trying to break in. If the risk where you live is high then of course you need the highest level of security - but if the risk is low then extra security doesn't have to be number one on the to do list.
I should have thought it pretty obvious that if one has suspicions about ones neighbours' characters - or even if one just doesn't know them - that one would take more precautions than otherwise.
Graham
-
And the reason these people often need an access point often isn't because they can't afford their own - it's because they want to use your broadband for their own illegal activities, which can be anything from sending out phishing emails to uploading child pornography.
Since my previous post I've done a bit of searching on Google etc and find that the amount of spam originating from the UK is minuscule compared to the rest of the world - source Spamhaus (http://www.spamhaus.org/rokso/index.lasso). Not all (if any) of that UK originating spam would be posted using stolen WiFi access. I should have thought that this would also be a pretty sound indicator of the amount of phishing and other illegal Internet activities originating in this country.
Perhaps, Nick, you could give us some evidence of the amounts of illegal activity which you warn of which take advantage of stolen WiFi access, so that we might all be able to accurately assess the risk.
Hey, GrahamH says not to worry, so (unlike most Roots Chatters) you know where to send the solicitors letters when his helpful advice starts costing you money ! ::)
Whilst you're at it, some evidence of the amounts of money you mean and the numbers of people affected would be helpful.
Graham
-
One of my friends has recently invested in a pub, and one of the things he wanted to offer customers was free wi-fi access. Unfortunately when he sought legal advice, he was told that he would be legally responsible for any activities which took place over this wireless connection, and he found that the equipment and expertise that he would need to put in place to prevent illegal use would make it financially not viable.
If you read your newspapers, you will find several reports of people receiving letters from music and film companies alleging that their internet connection has been used to download and upload copyright material, and some people have been taken to court. In a case like this, the onus would be on you to demonstrate that you did not commit this crime, and this will be very difficult to do if you have little or no security on your wireless connection.
Now, quite frankly, if people choose to ignore it, then it's their lookout, but I don't really think it's very constructive for you to keep playing down quite obvious dangers.
-
One of my friends has recently invested in a pub, and one of the things he wanted to offer customers was free wi-fi access. Unfortunately when he sought legal advice, he was told that he would be legally responsible for any activities which took place over this wireless connection, and he found that the equipment and expertise that he would need to put in place to prevent illegal use would make it financially not viable.
Of course - because in that case a contract would be entered into between the landlord and customers. A different situation.
If you read your newspapers, you will find several reports of people receiving letters from music and film companies alleging that their internet connection has been used to download and upload copyright material, and some people have been taken to court. In a case like this, the onus would be on you to demonstrate that you did not commit this crime, and this will be very difficult to do if you have little or no security on your wireless connection.
We all know that one shouldn't believe all one reads in the newspapers :) However, I'm not one to dismiss anything out of hand. I'll be happy to acknowledge evidence of specific cases of people being taken to court or receiving letters where there is proof that the activity has been as a result of someone illegally using their wireless connection. Please let us have the evidence.
Now, quite frankly, if people choose to ignore it, then it's their lookout, but I don't really think it's very constructive for you to keep playing down quite obvious dangers.
Again, please read my previous posts properly. I have acknowledged that WPA is superior to WEP but it is also the case that WEP is superior to no security. Perhaps if I spell it out in simple language it will be clearer.
Any risk assessment takes into account the likelihood of an event happening as well as the severity of its effects in order to calculate the risk level. Some wireless hubs/routers are capable of using only WEP rather than WPA. In that case the owner has to look at the likelihood in order decide whether to spend money replacing the hub/router with one capable of using WPA.
In this case the likelihood will depend on several factors, such as:
a) is it likely that somebody will try to use the WiFi point at all?
b) if somebody does try will they even attempt to find out if a network flagged as secure is protected by WEP or WPA?
c) if somebody does try will they have (or be bothered to acquire) the skills to hack a WEP secured network?
That approach, I submit, is much more positive than simply saying WEP is no good in any case at all so the only course is to move to WPA.
Graham
-
http://www.theregister.co.uk/2009/05/12/davenport_lyons_acs_law/
http://www.guardian.co.uk/technology/2009/aug/25/file-sharing-internet
People were traced by their IP connection.
Davenport Lyons, the high profile London media law firm, has dropped its mass letter writing campaign on behalf of copyright holders, which accused internet users of illegal filesharing and threatened court action if they did not quickly pay hundreds of pounds compensation.
However, the campaign has been taken up by a much smaller London firm, ACS Law, whose most notable previous action was the civil defence of Vince Acors, the Briton jailed in Dubai last year for having sex on a beach with a fellow expat.
ACS Law began sending out demands for compensation virtually identical to those sent by Davenport Lyons last week, according to posters on the filesharing forum Slyck.com. ACS Law claims the same clients as Davenport Lyons, including Swiss copyright enforcement firm Logistep and similar German outfit Digiprotect.
No doubt, you'll have some smart reply, but I have more important things do do, like making some money :)
-
No doubt, you'll have some smart reply, but I have more important things do do, like making some money :)
Not a smart reply, just a logical one. What I said was:I'll be happy to acknowledge evidence of specific cases of people being taken to court or receiving letters where there is proof that the activity has been as a result of someone illegally using their wireless connection. Please let us have the evidence.
Neither the Register nor the Guardian story makes any mention that the activity described was perpetrated by someone illegally using a wireless connection.
Graham
-
Neither the Register nor the Guardian story makes any mention that the activity described was perpetrated by someone illegally using a wireless connection.
It was not posted with that intention. The post was there to illustrate two facts.....
1. That allowing your internet connection to be used by others (either deliberately or by carelessness) will leave you open to illegal usage by others.
2. This illegal usage could leave the owner of that IP address open to legal action.
When someone uses your wireless connection, as far as your ISP is concerned, it is you using it, and that is very difficult to dispute. Hence the case of an OAP being threatened with legal action over alleged sharing of video games.
-
Neither the Register nor the Guardian story makes any mention that the activity described was perpetrated by someone illegally using a wireless connection.
It was not posted with that intention. The post was there to illustrate two facts.....
1. That allowing your internet connection to be used by others (either deliberately or by carelessness) will leave you open to illegal usage by others.
2. This illegal usage could leave the owner of that IP address open to legal action.
When someone uses your wireless connection, as far as your ISP is concerned, it is you using it, and that is very difficult to dispute. Hence the case of an OAP being threatened with legal action over alleged sharing of video games.
I've never denied that allowing your Internet connection to be used by others (either deliberately or by carelessness) will leave you open to illegal usage by others - but that isn't the point we were discussing. Neither is it careless to make an appropriate risk assessment based on likelihood as previously pointed out.
It is worth also noting that:
1) There is no suggestion at all in the Register report that WiFi hacking was involved in the case of the OAP accused by Davenport Lyons. Did the OAP even have a wireless connection?
2) Davenport Lyons soon backed down when the OAP challenged their accusation - and it was Davenport Lyons' conduct that then came under scrutiny - http://www.theregister.co.uk/2009/03/13/davenport_lyons_apology/
Graham
-
This is a jolly interesting topic, thanks Nick and Graham :)
Meanwhile, back at the palace... according to an article in Yahoo, millions of Americans have downloaded fake security software after seeing that silly flashing thingy saying your computer is at risk...TrafficConverter.biz, which has been shut down, had boasted that its top affiliates earned as much as $332,000 a month for selling scam security software.
Now, earlier on this thread, Nick, you wrote you were off to earn some money, lol. Have you got any good software to sell us?
A little aside: ALso, your wireless capable Router can still be hjacked, as we discovered even if you still still use cable to connect to it. (We found wireless was slower) My SO uses a free version of Network Magic. I'm unsure if it's still available.
Mick
Am I right in thinking that if Mick turned off his wireless side (using, as he does, the cable) then no-one could use his router?
Cheers, falcybe
-
Am I right in thinking that if Mick turned off his wireless side (using, as he does, the cable) then no-one could use his router?
Don't know if the wireless access can be turned off, I never investigated that.
Would one possibilty be uninstalling the wireless network off each computer, I'm not sure if we did that.
I just checked and it's not installed on this one.
I simply took off the wireless antenna on router and computer, installed the cables and then set up the network to use cables
It was some time after this we found there was a hijacker, we should have caught on earlier as our internet usage kept increasing.
Mick
-
Don't think there is any need for that
Just use WPA , if possible turn off broadcasting SID
Change router passwords away from the default
-
This is a jolly interesting topic, thanks Nick and Graham :)
Thank you :)
A little aside: ALso, your wireless capable Router can still be hjacked, as we discovered even if you still still use cable to connect to it. (We found wireless was slower) My SO uses a free version of Network Magic. I'm unsure if it's still available.
Mick
Am I right in thinking that if Mick turned off his wireless side (using, as he does, the cable) then no-one could use his router?
Cheers, falcybe
It all depends on the capabilities of the particular piece of hardware and its associated software. They will determine whether the wireless side can be turned off or not. If not (as Stonechat says) using the security capabilities of the router will povide protection.
Graham
-
Am I right in thinking that if Mick turned off his wireless side (using, as he does, the cable) then no-one could use his router?
Don't know if the wireless access can be turned off, I never investigated that.
Would one possibilty be uninstalling the wireless network off each computer, I'm not sure if we did that.
I just checked and it's not installed on this one.
I simply took off the wireless antenna on router and computer, installed the cables and then set up the network to use cables
It was some time after this we found there was a hijacker, we should have caught on earlier as our internet usage kept increasing.
Mick
Guessing a bit here without having access to the installation itself. Removing the external antenna from the router should decrease the area over which connecting to it is possible. It would seem that the signal broadcast by the internal antenna was still strong enough to allow connection by the hijacker.
Graham
-
At 2.4GHz, the removal of an aerial is going to make very little difference, because the wiring to the aerial will radiate quite a bit. On most routers wireless can be switched off via the on-screen menus.
-
Thanks, Nick, I've found it now.
So Mick, no point in turning off the wireless on the pc, it is the router's wireless broadcast you need to turn off 8)
And make sure your pc stays connected by cable, ;D
cheers, falcybe
I wonder how many mad people like us have a wireless router just to connect the modem by cable? ::)
-
There is one alternative, the one I currently use.
When we went wireless there was one computer in the house running Windows 98 so I could not use encryption.
On Netgears you can secure the wireless by only allowing specific MAC addresses. It may allow someone to snoop on what you are doing on your network but they cannot make use of your broadband ... well actually there is a way but it takes quite an effort.
I actually find this setup quite useful. I have several young adults living here and I know very well that if our setup was password protected the password would very quickly be distributed amongst their friends. ::)
I can even grant access to my neighbor's laptop only, a mutual agreement we have in case of line failures.
It's quite easy to set up if you are interested.
Paul
-
There is one alternative, the one I currently use.
When we went wireless there was one computer in the house running Windows 98 so I could not use encryption.
On Netgears you can secure the wireless by only allowing specific MAC addresses. It may allow someone to snoop on what you are doing on your network but they cannot make use of your broadband ... well actually there is a way but it takes quite an effort.
I actually find this setup quite useful. I have several young adults living here and I know very well that if our setup was password protected the password would very quickly be distributed amongst their friends. ::)
I can even grant access to my neighbor's laptop only, a mutual agreement we have in case of line failures.
It's quite easy to set up if you are interested.
Paul
I agree. We use MAC Access Control in conjunction with WEP on our Sitecom wireless access point.
Graham
-
I hope you both know how easily MAC addresses can be "spoofed" !
http://www.klcconsulting.net/Change_MAC_w2k.htm
-
I hope you both know how easily MAC addresses can be "spoofed" !
http://www.klcconsulting.net/Change_MAC_w2k.htm
Speaking for myself, of course I do. Please read earlier posts again - one word - Likelihood.
I also know how easily IP addreses can be spoofed - a lot easier than trying to find out if a wireless connection first of all exists and then can be hacked.
This is getting to be boring. If you wish to persist in your stance please provide the real evidence to back it up that you were asked to provide in questions you were asked previously.
Graham
-
I hope you both know how easily MAC addresses can be "spoofed" !
http://www.klcconsulting.net/Change_MAC_w2k.htm
Speaking for myself, of course I do. Please read earlier posts again - one word - Likelihood.
I also know how easily IP addreses can be spoofed - a lot easier than trying to find out if a wireless connection first of all exists and then can be hacked.
This is getting to be boring. If you wish to persist in your stance please provide the real evidence to back it up that you were asked to provide in questions you were asked previously.
Graham
If you find this boring, then kindly be advised that replies are not mandatory.
I take computer security as seriously as the security of my house. I live in a low crime area, but I do not work on the assumption that because I do, then it's quite OK to secure my doors and windows with sellotape and string, which is the equivalent to MAC filtering and WEP in the computer world.
You are free to choose what you want, but it is both irresponsible and foolhardy to hand out this sort of advice to those who are not as "knowledgeable" as you claim to be.
I will always provide advice which will provide the best protection available, and I make no apologies for that. And the proof you desire is quite easily obtained by the simple use of Google - I don't have the time or the inclination to do this for you.
-
I will always provide advice which will provide the best protection available, and I make no apologies for that. And the proof you desire is quite easily obtained by the simple use of Google - I don't have the time or the inclination to do this for you.
The best protection is not to use a wireless network at all but if someone wishes to use wireless then they have to work within the parameters of the device they have. With a device which cannot be upgraded to use WPA the only options are to use the security which it offers or to replace it - and the latter may not be an option for people with restricted budgets.
In our case the signal from our wireless hub can be picked up within a limited range due to its positioning in the building. That area (I've walked round outside to test it) is restricted to nine other buildings and the roadway. I've known the occupants of the buildings for several years and know that they are trustworthy. Some don't even own computers.
That leaves the roadway where someone might conceivably drive up and park for the purposes of finding a wireless network to hack into. Given the nature of the area the likelihood of that happening is very low. Consequently, the risk can be managed by use of WEP/MAC Access Control.
That's why I said last Saturday:Like everything else it all depends on the risk of somebody trying to break in. If the risk where you live is high then of course you need the highest level of security - but if the risk is low then extra security doesn't have to be number one on the to do list.
Protection, whether doors & windows, wireless networks or whatever, needs to be adequate for the assessed risk - which isn't necessarily top of the range in all circumstances. That is not irresponsible or foolhardy, it is practical.
Graham
-
The way I see it:
If my wireless network is completely open it's like leaving the back door of your house open. Anyone on my street could just walk in and use it. For me - a big no-no.
Any security, be it trivial, easy or hard to crack, is better than none.
Whatever security you choose, a proficient hacker who needs to get into your network will get in.
The balance you must find for yourself.
WEP - Can be hacked easily.
WPA - More difficult.
MAC Address - Can be spoofed ... but how would they find out what MAC address to spoof?
Disable wireless - Secure but, for me, a little ott.
Each has its merits but I would certainly recommend at least one of these and, in a commercial environment, as many as possible.
Paul
-
MAC Address - Can be spoofed ... but how would they find out what MAC address to spoof?
The same way that they hack WEP - use a "packet sniffer".
I agree with what you say, but I think you've understated the difference between WEP and WPA security.
-
I agree with what you say, but I think you've understated the difference between WEP and WPA security.
I am sure you are right Nick. I am no expert. There seems to be quite a sliding scale with WEP at the very bottom, WPA better, WPA2 better still and, for the future, 802.11i and then there's AES etc.
I think my point stands, anything is much better than nothing even WEP.
Paul
-
I agree with what you say, but I think you've understated the difference between WEP and WPA security.
I am sure you are right Nick. I am no expert. There seems to be quite a sliding scale with WEP at the very bottom, WPA better, WPA2 better still and, for the future, 802.11i and then there's AES etc.
I think my point stands, anything is much better than nothing even WEP.
Paul
Yes Paul, just as sellotaping your front door to the frame is much better than leaving it wide open, but not quite as good as fitting a lock :)
-
Gosh I seem to have started something here ;D
Just to let you know, our wireless router has been turned off as it is connected by cable and everything is fine.
Thanks again everyone for your help.
Kind regards
Sue