Some wireless connection questions

[rubix]

I am fixing/formatting someone's laptop at my apartment and I noticed it can connect to the Internet wirelessly from 2 different public wireless networks... for free! Also there are like 5 or so more ones that require a password.

So what are these wireless networks? Are they from other people in my apartment area running them? How safe is it to use a public wireless network? What can and can't people see me do/send on them?

Also, is there any point in me paying $50 a month for a cable (broadband) connection if I can just get it for free?

Finally, what is the bare minimum of Client/Service/Protocals in Network Properties that need to be installed in order for a wireless connection to function properly. I want to make sure this laptop is semi-secure and has nothing unnessary for it to be installed. I am talking about File & Printer Sharing, QoS Packet Scheduler, Client For MS Networks etc and all that junk I never touched before.

If you can't tell, I know nothing about wireless stuff and have avoided it.

 

[Changlinn]

Ok realistically, these are more than likely personal peoples networks who live in the apartment around you, legaly you cannot just use them for free, and unless they run monitoring tools and know how to do a site survey to triangulate your position it is not likely they can find you/see what you are doing, but that doesn't make it right, it is still illegal, and you are taking advantage of their gullibility, maybe you should find them, work out where the signal is strongest and tell them to secure it, or show them how in exchange for some money, shared access, hey you can cut down there bill and pay half what you would have to.
If you have file and printer sharing enabled and folders/files/printers shared, it is possible for one of these open networks to connect to you if you are on their network and access your files/printer(s).

 

[rubix]

Alright, I see. I really have no desire to use someone else's connection illegally, I was just surprised to see a free+fast connection when I turned the laptop on.

I don't know how to find who has their network open, but maybe I can send them a message through Messenger or whatever services MS leaves running for no reason.

This is exactly why wireless connections scare me and I stay away from it. It seems harder to secure.

 

[b4u]

May I throw in some questions?

Well, regarding wireless, about a month ago, I went to a client's office building to install/configure a new laptop.

Once I connect it, wireless was on by default, and BAM! Just got a list of 5 different networks, obviously from other offices around the building! Only one of them had a password ...

That leads me to question ... I know I can setup a password to help protect my wireless network. But what about the wireless signal broadcast?

I believe I read somewhere that we could just turn off the "signal broadcast" of the network. Is it possible? Then people wouldn't easily find my network ... but then again, how could I find it anyway?

 

[spherrod]

Originally posted by: b4u
May I throw in some questions?

Well, regarding wireless, about a month ago, I went to a client's office building to install/configure a new laptop.

Once I connect it, wireless was on by default, and BAM! Just got a list of 5 different networks, obviously from other offices around the building! Only one of them had a password ...

That leads me to question ... I know I can setup a password to help protect my wireless network. But what about the wireless signal broadcast?

I believe I read somewhere that we could just turn off the "signal broadcast" of the network. Is it possible? Then people wouldn't easily find my network ... but then again, how could I find it anyway?

You can disable the broadcast of your SSID which means any client will need to know the SSID and have it manually entered into their Wireless connection settings to be able to connect. There should be an option in your Router to 'Disable SSID Broadcast' or something similar.

I'd recommend you read this page, courtesy of JackMDS

http://www.ezlan.net/Wireless_Security.html

 

[are34]

You should also turn on the encription provided by the router. Example ,(WEP ,passphase)
Also use mac address filtering , so that only selected computer can log onto your
network.

 

[ktwebb]

"Also, is there any point in me paying $50 a month for a cable (broadband"

Ethics perhaps? Some sort of moral inner voice saying don't be a punk? I don't know. just throwing some ideas out there.

"You can disable the broadcast of your SSID which means any client will need to know the SSID and have it manually entered into their Wireless connection settings to be able to connect"

Not really. Disabling SSID broadcasts just removes it from the beacon frame. Apps like kismet can still see the SSID whenever a client associates to the AP. And there are ways to force clients to disassociate which would make then re-associate, and the SSID would be made known. Disabling SSID broadcasting is a good practice but like MAC filtering, someone who knows what to do and how to do it with the right software can step on that security measure virtually immediately.

 

[spherrod]

Originally posted by: ktwebb
"Also, is there any point in me paying $50 a month for a cable (broadband"

Ethics perhaps? Some sort of moral inner voice saying don't be a punk? I don't know. just throwing some ideas out there.

"You can disable the broadcast of your SSID which means any client will need to know the SSID and have it manually entered into their Wireless connection settings to be able to connect"

Not really. Disabling SSID broadcasts just removes it from the beacon frame. Apps like kismet can still see the SSID whenever a client associates to the AP. And there are ways to force clients to disassociate which would make then re-associate, and the SSID would be made known. Disabling SSID broadcasting is a good practice but like MAC filtering, someone who knows what to do and how to do it with the right software can step on that security measure virtually immediately.

True - someone who knows what they are doing will get around it and it should be done as 1 of many security measures where wireless is concerned.

 

[Changlinn]

Yeah about 90% of wardrivers I know won't bother with a network that even has wep64 activated, maybe if mac address filtering is activated and the ssid looks interesting they will have a look, but most that have tried to get into my network have given up (according to the logs anyway) once they have seen wep128, most, a couple have gotten through that and the mac filtering, to be conrfronted with my "Hello Hacker" page, and needing a 2048bit key to get access to my wireless vpn
Bear in mind I am on a main road, and have had about 60 scans, of those two have actually got past wep, one then gave up the other got passed the mac filtering(why'd the other one give up) and then he got to the page, tried some simple ip scans and ports scans then disconnected... I gotta put a message baord on that page

 

[b4u]

Any free software out there that can sniff the air to check for wireless?

Some software that can help find "hidden" wireless, and can even help me with my own wireless security.

 

[Changlinn]

Kismet is really good, Linux only last time I actually went to their site to download it
Netstumbler is not bad, windows and pocket pc.

 

[nweaver]

netstumbler isn't bad. Most wireless clients can scan and show the null SSID beacon's from those networks too.