Ziptar
Platinum Member
- Jul 7, 2001
- 2,077
- 0
- 86
You'll never keep 100% of everyone out, if someone wants to hack you bad enough, they will.
If you just want to keep your neighboors and strangers from horking your bandwidth your can at least make it difficult to keep the novice, average, non geek user out. It's enough that even if they are somewhat WiFi hack savy there are enough hoops they have to jump through that even a L337 hack would probably give up and move onto something eaiser. Current WiFi security will never keep 100% of the people out, might never, the whole point of WiFi is to give access to a broad area.
You should:
1) Change the SID to something not easily guessed.
2) Turn off SID Broadcast.
3) Turn On Wireless MAC Address Control, and only allow connections for your specific MACs
4) Set your DHCP IP range to give out no more IP's than the you have devices for. (example: If you have 2 laptops and a wireless printer, your IP range should be 192.168.0.2 - 192.168.0.4)
5) Reserve all IPs addresses in your range for the specific MACs on you network.
6) Turn on the best encryption your equipment will support WPA-PSK TKIP, My neatgear does not support AES. in my case.
7) Make the encryption key an alpha numeric key 20 characters. Better yet use a Use a key generator to generate a strong key.
8) Make sure the Admin password in Win XP is something other than blank or the generic one that comes from Dell, Compaq, etc.
Not listed as a step because it's so friggen basic. CHANGE THE PASSWORD FOR ADMIN ON THE ROUTER
Just about every wireless router that I leach off of out in the world is broadcasting the SID of linksys or netgear and, virtually all of them have a blank password or the default password.
Back in January, my wife opened a real estate office strip mall, the business next door had his wireless wide open, I could admin the router and access network resources. I told the guy about it, even told him I got into two work stations, and accessed his shared drives (Administrator with no password). He didn't beleive me, said his computer guy was pretty savy and he kept things tight. So I went back to my wife's office and printed his quickbooks check register on my laptop, walked it next door and showed it to him. He was totally shocked.
Saw him three days later, he told me fired his computer guy and had a new guy come in and lock things down. I told him it would never be perfect but, it would keep the average user out of his quickbooks. I haven't been able to get into his network since but, I haven't really hammered on it either.
If you just want to keep your neighboors and strangers from horking your bandwidth your can at least make it difficult to keep the novice, average, non geek user out. It's enough that even if they are somewhat WiFi hack savy there are enough hoops they have to jump through that even a L337 hack would probably give up and move onto something eaiser. Current WiFi security will never keep 100% of the people out, might never, the whole point of WiFi is to give access to a broad area.
You should:
1) Change the SID to something not easily guessed.
2) Turn off SID Broadcast.
3) Turn On Wireless MAC Address Control, and only allow connections for your specific MACs
4) Set your DHCP IP range to give out no more IP's than the you have devices for. (example: If you have 2 laptops and a wireless printer, your IP range should be 192.168.0.2 - 192.168.0.4)
5) Reserve all IPs addresses in your range for the specific MACs on you network.
6) Turn on the best encryption your equipment will support WPA-PSK TKIP, My neatgear does not support AES. in my case.
7) Make the encryption key an alpha numeric key 20 characters. Better yet use a Use a key generator to generate a strong key.
8) Make sure the Admin password in Win XP is something other than blank or the generic one that comes from Dell, Compaq, etc.
Not listed as a step because it's so friggen basic. CHANGE THE PASSWORD FOR ADMIN ON THE ROUTER
Just about every wireless router that I leach off of out in the world is broadcasting the SID of linksys or netgear and, virtually all of them have a blank password or the default password.
Back in January, my wife opened a real estate office strip mall, the business next door had his wireless wide open, I could admin the router and access network resources. I told the guy about it, even told him I got into two work stations, and accessed his shared drives (Administrator with no password). He didn't beleive me, said his computer guy was pretty savy and he kept things tight. So I went back to my wife's office and printed his quickbooks check register on my laptop, walked it next door and showed it to him. He was totally shocked.
Saw him three days later, he told me fired his computer guy and had a new guy come in and lock things down. I told him it would never be perfect but, it would keep the average user out of his quickbooks. I haven't been able to get into his network since but, I haven't really hammered on it either.
Facebook
Twitter