Question regarding MAC filtering and wireless security

[LuckyTaxi]

Nevermind ... I switched to WPA-PSK ... now for my wireless NIC (intel onboard wireless for my laptop) is has two option under "Data Encryption" WEP or TKIP

Which should I choose? I already have WAP-PSK for "Network Authentication." My AP is set to WPA-PSK with a paraphrase. Should I generate a HEX code and use that instead of a paraphrase?

 

[bigjoe1975]

Choose TKIP. Then put in your passphrase. WPA is much simpler than WEP with hexadecimal IMO.

 

[ktwebb]

Just make your passphrase/password at least 20 characters, alphanumeric, and throw in a few caps.

 

[thirdlegstump]

Macs are secure from the get go.

 

[JackMDS]

May be this can Help. Wireless Security for the Home User.

WPA-PSK is currently the preferred encryption method.

:sun:

 

[Ender510]

i've heard that using any public wireless access like airport, tmobile, hotel, etc. is VERY unsecure meaning anyone with a basic packet sniffer can get all your information that you type in.

is this true??? i travel quite often and am in hotels and airports and use public wireless access points.. is it true that someone can easily sniff all the passwords/usernames, etc. that i type in?

thanks - please advise.

 

[cruzer]

Originally posted by: Ender510
i've heard that using any public wireless access like airport, tmobile, hotel, etc. is VERY unsecure meaning anyone with a basic packet sniffer can get all your information that you type in.

is this true??? i travel quite often and am in hotels and airports and use public wireless access points.. is it true that someone can easily sniff all the passwords/usernames, etc. that i type in?

thanks - please advise.

Technically true, however if you go to let's say your bank's website and login, you will notice the little padlock symbol on the lower right of your browser window, that means your personal data is being encrypted at your computer before it even reaches the public router so don't worry too much about it.
Basically your OK if the website begins with https.

 

[nweaver]

check out wildpacket aeropeek. Make sure you are using secure protocols when doing things on a public AP. Also make sure your computer is locked down tight. I normally only do casual websurfing on public AP's, and even on private AP's I go wired to do really important stuff, like online banking. (I'm paranoid)

 

[Ender510]

what is wildpacket aeorpeek? thanks for the tips guys..

 

[mboy]

It is a packet sniffer specifically designed to catpure, analyze and decode wireless data traffic.

Bottom line is open wifi is VERY VERY insecure. Anytime you do anything other then go to a site that uses SSL (https), ANYONE can EASILY see what you are doing, capture passwords, read email etc.

When I go out and use wifi, I will immediately connect to a VPN, then browse/surf using my desktop PC via RDP (only thru 256bit EAS or 3dES encryption.

 

[Rottie]

What is VPN and how does VPN works? I am curious.