how to secure my wireless network?

Toggle sidebar Toggle sidebar
I

IHAVEAQUESTION

Golden Member
Nov 30, 2005
1,061
3
81
My neighbors have been using my wireless for some times now, I didn't want to set up a password to block the access simply because I am a nice guy. But lately, things have gotten a bit out of hand, too many heavy downloads and whatnots...so anyway, long story short, I want to take back the control now, but how?

I went to the setup page and I saw two security options: WEP and WPA-PSK. I have only heard of WEP so that's what I went for...64bit encryption strength, Netgear automatically generates four codes and I get to choose which code to use. However, these codes are impossible to remember...so I want to know what's the easiest way to do this? I want to be able to setup my own password instead of computer-generated code...I don't need something too robust, I just need to deter access from those 14 years old in my neighbors...

Thanks.
 
X

xSauronx

Lifer
Jul 14, 2000
19,582
4
81
dont use WEP, its very low security and can be broken without too much trouble

you want at least WPA-AES, preferably WPA2. these allow for codes that are up to 63 characters in length with better encryption.

either create a passphrase that will use most, or all, of those characters, or use a random key generator to generate a strong random passkey

password generator

if its a phrase, you can remember it easily enough. if its randomly generated....well i keep mine on a flash drive and plug in to wireless clients at home and copy/paste from there.
 
JackMDS

JackMDS

Elite Member
Super Moderator
Oct 25, 1999
29,545
422
126
You do not need to use the password on a daily basis Windows remembers and stores the password.

Write it on a sticker and stick it onto the base of the Router just in case you need to reuse it.
 
RebateMonger

RebateMonger

Elite Member
Dec 24, 2005
11,586
0
0
Don't forget that, without encryption, your neighbor (or anybody else in the neighborhood with a decent antenna) can monitor all transmissions back and forth between your PC and your WiFi access point. The only exception is encrypted data (SSL web pages, for instance). There's no way of knowing if someone is monitoring everything you do on the Internet.
 
bruceb

bruceb

Diamond Member
Aug 20, 2004
8,874
111
106
All good points. And if you want to be sure your neighbor keeps out then:

1): Give your network a Name and then instruct the Router NOT to Broadcast the SSID

2): Change your wireless channel number .. most are set to default at ch#6 and most
people have no idea of how to change it. Needs to be done at router and computers.

3): Turn ON and use MAC Address Filtering .. only wireless computer with a MAC entered
into the Router Access Table will work, even if someone knows your network SSID & Password.
You will need the MAC Address (you can get it thru IPCONFIG) from your laptops or other
computer that will use wireless access
 
X

xSauronx

Lifer
Jul 14, 2000
19,582
4
81
Originally posted by: bruceb
All good points. And if you want to be sure your neighbor keeps out then:

1): Give your network a Name and then instruct the Router NOT to Broadcast the SSID

2): Change your wireless channel number .. most are set to default at ch#6 and most
people have no idea of how to change it. Needs to be done at router and computers.

3): Turn ON and use MAC Address Filtering .. only wireless computer with a MAC entered
into the Router Access Table will work, even if someone knows your network SSID & Password.
You will need the MAC Address (you can get it thru IPCONFIG) from your laptops or other
computer that will use wireless access
Click to expand...

#1 is not needed if you have good security. if youre locked down, you can broadcoast to hell and back and nobody will get on.

#2 is good advice, 1, 6 and 11 are the best channels to use, as they do not interfere with one another at all.

#3 is also not necessary if youre well secured, and it can be a hassle.
 
bruceb

bruceb

Diamond Member
Aug 20, 2004
8,874
111
106
Yes, it is overkill. But it will be sure to anyone who doesn't belong, out.
 
N

NickOlsen8390

Senior member
Jun 19, 2007
387
0
0
Originally posted by: bruceb
2): Change your wireless channel number .. most are set to default at ch#6 and most
people have no idea of how to change it. Needs to be done at router and computers.
Click to expand...

I have never changed the channel on the client side, and it has always worked. I have connected to a wireless network on every channel.
 
L

LuDaCriS66

Platinum Member
Nov 21, 2001
2,057
0
0
Originally posted by: bruceb
Yes, it is overkill. But it will be sure to anyone who doesn't belong, out.
Click to expand...

It's not just overkill. #1 and #3 aren't even secure and are even easier to break through than WEP.

WPA or WPA2 with a strong passphrase is more than enough
 
S

spidey07

No Lifer
Aug 4, 2000
65,469
5
76
Originally posted by: bruceb
What I meant was to use all 3 ... not just pick one of them
Click to expand...

The problem is none of those are security methods and not broadcasting the SSID can cause potential very difficult to troubleshoot problems. Also you don't change the channel on the client, you can't - that's controlled by the access point.

1. broadcast ssid
2. Use WPA2-AES with a preshared key of 12 characters or more
3. easy and done

As secure as you're going to get in a SOHO environment.
 
JackMDS

JackMDS

Elite Member
Super Moderator
Oct 25, 1999
29,545
422
126
Originally posted by: spidey07
Originally posted by: bruceb
What I meant was to use all 3 ... not just pick one of them
Click to expand...

The problem is none of those are security methods and not broadcasting the SSID can cause potential very difficult to troubleshoot problems. Also you don't change the channel on the client, you can't - that's controlled by the access point.

1. broadcast ssid
2. Use WPA2-AES with a preshared key of 12 characters or more
3. easy and done

As secure as you're going to get in a SOHO environment.
Click to expand...

:thumbsup:

And the rational is very simple, if there is someone that can Brake WPA, his level of knowledge is so that SSID Off, MAC filter, etc. would take him 30 second to overcome.

So why create an unstable Quirky Wireless when it does Nothing for you.
 
K

kevnich2

Platinum Member
Apr 10, 2004
2,465
8
76
Originally posted by: bruceb
All good points. And if you want to be sure your neighbor keeps out then:

1): Give your network a Name and then instruct the Router NOT to Broadcast the SSID

2): Change your wireless channel number .. most are set to default at ch#6 and most
people have no idea of how to change it. Needs to be done at router and computers.

3): Turn ON and use MAC Address Filtering .. only wireless computer with a MAC entered
into the Router Access Table will work, even if someone knows your network SSID & Password.
You will need the MAC Address (you can get it thru IPCONFIG) from your laptops or other
computer that will use wireless access
Click to expand...

None of these will do anythign for security. Not broadcasting SSID will cause more problems than it solves, as is #3. #2 I would do but you don't change this on the client side as spidey mentioned. Do what spidey said, use WPA-AES or WPA2 AES and that's really all you have to do. As long as the key is more than just a few characters, by the time someone was able to crack the key, the key would have already changed.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom