Originally posted by crack_ho
View Post
-
I'm sure you're right, and that's the ironic bit. So what should I do to keep my broadband mine? -
There's those that argue why bother? Evidential weight is on your side if anything nefarious happens over your broadband connection and you have an open wifi net at the end of it.Originally posted by expat View Post
I would personally ensure all your endpoints are secure instead of worrying about someone jumping on your internet connection. But hey - that's just me!!Older and ...well, just older!!Comment
-
unless you haven't got unlimited broadband and they exceed your download limit and cost you moneyOriginally posted by ratewhore View Post
Confusion is a natural state of beingComment
-
A multi-purpose personal computer that can access internet radio sites, while strictly speaking able to perform the required technical function, is not within the remit of the user's requirements.Originally posted by Clippy View PostComment
-
Yeah, I seem to recall it might have been added in a firmware update?Originally posted by expat View PostWhere are we going? And what’s with this hand basket?Comment
-
- Use WPA,
- Turn off SSID broadcast,
- Turn of ICMP Ping response,
- Use fixed IP addressges not DHCP,
- Use MAC filtering.
No one of those will solve the problem on their own but do them all and you will be tough enough to crack to discourage your average wardriver, especially if he can see an easier target nearby.
You can't get 100% secure but you can be secure enough that the cost benefit ratio is in your favour."Being nice costs nothing and sometimes gets you extra bacon" - Pondlife.Comment
-
Wep is useless. If you're surfing the net at the time, someone can crack it in about 2 minutes using an arp replay attack. If you're not on the net, then it'll take them about 2 to 3 hours to generate enough IV's to crack your key.
Mac filtering is pointless, all the attacker will do is scan your network until someone fires up an authorised computer and spoof that Mac.
The only failsafe method apart from Cat 6 is WPA. Make sure you use a password that is not in the dictionary and contains all three character sets, i.e. letters, numbers and special characters. WPA can be cracked by brute force by running a captured packet through a checker. Something like
fr6%%asvjtyi^&*frrwsk09)+ isn't going be in that list.
A note to those using Sky/BT/Orange/BeBox with WPA, always change the default key. These are generated using a unique identifier to your router and all it takes is someone to crack the algorithm and publish it for your WPA to effectively be rendered useless.
Linky
And then it becomes open season on your router. Here's an example of a site that allows you to resolve a Sky default WPA key from the router mac address."I hope Celtic realise that, if their team is good enough, they will win. If they're not good enough, they'll not win - and they can't look at anybody else, whether it is referees or any other influence." - Walter Smith
On them! On them! They fail!Comment
-
Thanks. I do most of those. Fixed IP only for the printer so far (else router reboot ==> new IP, PCs can't find it any more), will do it for all. Haven't thought to disable ping.Originally posted by DaveB View Post
BTW the Wifi radio, only device in the house that can't (or couldn't) use WPA, is also the only device that can't be wired. Maybe I should buy a new Wifi radio and wire the house. Or how about putting the wireless transmitter next to the radio and removing the aerial to restrict range? (I guess that's a really dumb idea?).
I sometimes wonder if it ever seems strange to anyone to regard this stuff as ready to sell to all and sundry, when even technically-aware people can have a bit of a discussion about how to keep it safe, or even whather it can be made safe.Comment
-
Depending on your router you *may* be able to set up a second SSID on a seperate vlan to run WEP and allow the radio access. You'd have to ensure that the WEP vlan was secured to prevent access to the WPA vlan but otherwise it shuold work, if your router supports it.Originally posted by expat View Post"Being nice costs nothing and sometimes gets you extra bacon" - Pondlife.Comment
Comment