[thelist] Wireless security

Ken Schaefer Ken at adOpenStatic.com
Wed Sep 21 01:54:46 CDT 2005


> -----Original Message-----
> From: thelist-bounces at lists.evolt.org [mailto:thelist-
> bounces at lists.evolt.org] On Behalf Of john at johnallsopp.co.uk
> Sent: Wednesday, 21 September 2005 4:24 PM
> To: thelist at lists.evolt.org
> Subject: [thelist] Wireless security
> 
> Just a quick question. Is this off topic? Not sure. We'll see.
> 
> If I wanted to set up a Wireless G network at home, is stopping people
> parking outside and connecting to my Internet, and worse, my network,
> as simple as setting a password? Or am I being simplistic?

I second what Robert has to say. Unless there's something particularly
valuable on your network, someone just looking to leach off an internet
connection is going to go after low hanging fruit, so if you make your
network harder to get into, they'll just go somewhere else. 

a) Use WPA if possible. Both your router, and devices connecting to it need
to support WPA (almost anything made in the last year or two will - you may
just need to update some drivers though). There are two types of WPA: TKIP
and PSK. PSK is "pre shared key", which is probably what you are referring to
as a "password". Pre-shared basically means that there is no automatic way of
getting it to all the devices - you enter it manually everywhere. AS long as
the attacker doesn't have it, your probably pretty safe.

b) Use MAC filtering on your router. Just the MAC addresses of each device
that should be allowed to connect.

c) Whilst disabling DHCP might help, I don't think it's worth the extra
hassles it creates. Once someone has managed to get the WPA key, they can
easily snoop traffic to determine what your router's address is (for a
gateway), and what IP addressing you're using

d) Disabling SSID Broadcast can make your network less visible to curious
outsiders, but they'd be deterred by WPA anyway. Any number of tools
(Netstumbler etc) will happily pull SSID out of the air that aren't being
broadcast.

Cheers
Ken


More information about the thelist mailing list