• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

do u encrypt ur wifi network?

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
Definitely lock it down! Paranoia...

Like Madwand1, I used to have WEP 128-bit with MAC filtering. Then I listened to Steve Gibson's Security Now! podcasts -- check out episodes 11 and 13 where he goes step by step about how WEP and MAC filtering are simply not secure. And there are articles around (saw one on Tomshardware) which details exactly how to defeat WEP).

Now using WPA/TKIP because I got it working quickly with a new Linksys router. Will move to WPA2/AES when I get around to it (assuming the router and adapter firmwares support it)
 
I would love to switch mine over to WPA TKIP but it somply will not work with my notebook for some reason. Drops the connection after about 1 hour and the machine needs REBOOTED to reconnect.
 
any advantage of using encryption over limiting the mac addresses?

i dont use encryption and just limit the allowed mac addresses to the 2/3 computers that use the wifi ... this amount won't ever increase or decrease... am i missing something?
 
WPA2-PSK and mac filtering for home. Definitley better than my neighbors who are wide open with no security and all defualt settings. :disgust:
 
PEAP . search for wrt54g firmware tinypeap where you can get the WPA cracking software.

lol.

seriously is your shared key that secure? do you leave the antenna's on? Are you logging? if not i could be brute forcing my way into your key. hell i could probably social engineer it out of you with enough time and conversation 😉

 
Originally posted by: Emulex
PEAP . search for wrt54g firmware tinypeap where you can get the WPA cracking software.

lol.

seriously is your shared key that secure? do you leave the antenna's on? Are you logging? if not i could be brute forcing my way into your key. hell i could probably social engineer it out of you with enough time and conversation 😉
Click to expand...

except I use a random generator for my PSK, and who is going to brute force my home WPA/WPA2 solution, when there are neigbors right down the street with open/none or simple wep?


Peap is a good solution, if you have the $$ to shell out for a decent program to do the backend auth, like RSA, or Safeword

 
Most non-techie people aren't even aware of how wireless works... I mean, people think they buy a wireless router, and then they have an internet connection that only cost them the price of the router... they do not understand that they still need an ISP.

On that note, it is easy to understand that a lot of people don't understand how to even access the router... people are too lazy to read the manual, and they don't understand what encryption is... I may take a flaming for this, but people are dumb
 
Running WEP 64 bit at the moment, I have run WPA but choose not to run it at the moment. Encryption deters kiddies that are bored, however if the person is smart chances are they are going to get in anyhow.
That being said I'm curious to see what encryption businesses use to secure wireless networks.
I'm guessing it's probably along the lines of don't store/allow access to anything on that portion of the network that you aren't comfortable having anyone look at, at least that's the way I look at it.
 
Enterprise level Wireless in a nutshell (spidey will correct me later 😉)
1. Encryption-TKIP (WPA) or AES (WPA2) is what SHOULD be used, although alot run WEP with Authentication/Key management
2. Authentication- 802.1X auth. Leap is old, and crackable. PEAP (One time passwords is what I associate with PEAP) is good. Can also have Eap-Fast (GTC, MSChap) EAP-TLS (certificates, person based and/or machine based). This is also where MAC filtiering would be applied. This all requires an AP that supports it, a radius server, and an authentication database (Windows AD is the most commen). These pieces CAN all reside on the AP (if it's supported) although that isn't the best idea.
3. Key Management (CCKM or WPA)
4. Management- Something like CIsco's WLSE (wireless lan solution engine) to autmaticlly manage AP settings like channel, power levels, etc. Also good for site survey stuff, rogue AP/Client reporting, etc. This is also the piece that ties into Cisco's Network Admissions Control. You can have a posture agent that will kick valid users to different networks based on client health, i.e. healthy, unknown, infected, etc.
 
Originally posted by: nweaver
Enterprise level Wireless in a nutshell (spidey will correct me later 😉)
1. Encryption-TKIP (WPA) or AES (WPA2) is what SHOULD be used, although alot run WEP with Authentication/Key management
2. Authentication- 802.1X auth. Leap is old, and crackable. PEAP (One time passwords is what I associate with PEAP) is good. Can also have Eap-Fast (GTC, MSChap) EAP-TLS (certificates, person based and/or machine based). This is also where MAC filtiering would be applied. This all requires an AP that supports it, a radius server, and an authentication database (Windows AD is the most commen). These pieces CAN all reside on the AP (if it's supported) although that isn't the best idea.
3. Key Management (CCKM or WPA)
4. Management- Something like CIsco's WLSE (wireless lan solution engine) to autmaticlly manage AP settings like channel, power levels, etc. Also good for site survey stuff, rogue AP/Client reporting, etc. This is also the piece that ties into Cisco's Network Admissions Control. You can have a posture agent that will kick valid users to different networks based on client health, i.e. healthy, unknown, infected, etc.
Click to expand...


Interested to hear Spidey's take on this as well.
I'm not comfortable with any wireless solution for transferring confidential data are my concerns mis-placed?
 
Originally posted by: Archman
Most non-techie people aren't even aware of how wireless works... I mean, people think they buy a wireless router, and then they have an internet connection that only cost them the price of the router... they do not understand that they still need an ISP.

On that note, it is easy to understand that a lot of people don't understand how to even access the router... people are too lazy to read the manual, and they don't understand what encryption is... I may take a flaming for this, but people are dumb
Click to expand...


lmao... that is the funniest thing ever...
 
I use WPA-PSK encryption as well as MAC-filtering and DHCP pool restrictions. It would take some dedication to get in, although I don't doubt it could be done, eventually.

Of course, there's no real reason to do all that where I live, but it makes me feel better nonetheless.
 
my wireless security:

1. Disable SSID broadcast, set SSID to random string
2. Enable WPA security on WAP, using RADIUS authentication against freeRadius on debian in DMZ
3. strong WPA secret
4. wireless network is on a separate subnet from my wired network and physically separate using m0n0wall
5. no DHCP in wireless zone
6. MAC address filtering on Wireless
7. PPTP VPN to the wired network should I ever need access to filesharing
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top