Discussion:
Securing Wireless Network
dwåcôn
2006-05-16 21:15:48 UTC
Permalink
I have home wifi, mainly for TIVO connectivity but occasionally use it for
my laptop when I want to work around the house without tripping over RJ-45
cables.

I typically change the password monthly and also switch channels. Wondering
if that is overkill, or if I should be doing some other opsec measures?

Any tips appreciated.
Mike Easter
2006-05-16 22:09:44 UTC
Permalink
Post by dwåcôn
I have home wifi, mainly for TIVO connectivity but occasionally use
it for my laptop when I want to work around the house without
tripping over RJ-45 cables.
I typically change the password monthly and also switch channels.
Wondering if that is overkill, or if I should be doing some other
opsec measures?
Driveby wifi rustling is a big sport. WEP security is insufficient, you
need to WPA. The ease of cracking wep was demonstrated back in 2001
which showed that the analysis of 10 minutes of traffic could be enough.
The wiki article about it is a good place to start.
--
Mike Easter
kibitzer, not SC admin
"Joe Gill" @prodigy.net>
2006-05-17 01:56:19 UTC
Permalink
Post by Mike Easter
Post by dwåcôn
I have home wifi, mainly for TIVO connectivity but occasionally use
it for my laptop when I want to work around the house without
tripping over RJ-45 cables.
I typically change the password monthly and also switch channels.
Wondering if that is overkill, or if I should be doing some other
opsec measures?
Driveby wifi rustling is a big sport. WEP security is insufficient, you
need to WPA. The ease of cracking wep was demonstrated back in 2001
which showed that the analysis of 10 minutes of traffic could be enough.
The wiki article about it is a good place to start.
--
Mike Easter
kibitzer, not SC admin
Does restricting wireless access to specific MACADDRs add value too?

Any comments on the WPA algorithms (AES vs TKIP)?

Any comments on "Group key renewal Interval" .. mine defaults to 3600
seconds.....

Also, I have been told it is NOT a good idea to Enable Wireless SSID
broadcast, but I have not been able to get my wireless laptop to 'see' the
router, unless it is enabled? Any ideas here?
dwåcôn
2006-05-17 02:02:58 UTC
Permalink
Another discovery -- TIVO doesn't support WPA. So, I am stuck trying to
secure WEP as best as possible, or get that 200 foot Ethernet cable...
Berny
2006-05-17 02:06:12 UTC
Permalink
Post by dwåcôn
Another discovery -- TIVO doesn't support WPA. So, I am stuck trying to
secure WEP as best as possible, or get that 200 foot Ethernet cable...
So, what's the risk with TIVO?

someone may program the wrong stuff or erase your program? or that you might
become an unwitting P2P sender of copyright materials?

TIVO is the programmable record to hard drive from cable satellite or
airwaves, right? (excuse my ignorance I don't have a TV)
Mike Easter
2006-05-17 02:21:26 UTC
Permalink
Post by dwåcôn
Another discovery -- TIVO doesn't support WPA. So, I am stuck trying
to secure WEP as best as possible, or get that 200 foot Ethernet
cable...
I'm not sure I have the whole equation here, but I don't know how the
tivo and wep would be a problem; OTOH interfacing between a computer
such as a laptop and the WAN via a wireless cable modem on wep would be
a whole 'nuther issue.

Why is your tivo wepping wireless?
--
Mike Easter
kibitzer, not SC admin
dwåcôn
2006-05-17 23:16:26 UTC
Permalink
Post by Mike Easter
Post by dwåcôn
Another discovery -- TIVO doesn't support WPA. So, I am stuck trying
to secure WEP as best as possible, or get that 200 foot Ethernet
cable...
I'm not sure I have the whole equation here, but I don't know how the
tivo and wep would be a problem; OTOH interfacing between a computer
such as a laptop and the WAN via a wireless cable modem on wep would be
a whole 'nuther issue.
I don't have a landline phone -- using my cell only saves $50/month. So I
use my LAN (well, WLAN) to let TIVO do it's nightly synch with the server.

Now, I figure I may also use it with my laptop to escape my home office and
maybe do some work on the sofa... but the primary purpose is TIVO
connectivity.

I did read on About.com not to broadcast the SSID and so I changed to a
different SSID and do not broadcast it.

Also, it said 128 bit encryption was a performance hit without much benefit,
so just use 64 bit.

My main concern is keeping someone from using my high-speed internet,
especially if they want to do something naughty like send spam or whatever.

Interestingly, I pick up at least five other SSIDs... meaning my neighbors
have WiFi and seems their signals are stronger... hmm...
anon
2006-05-17 23:22:06 UTC
Permalink
Post by dwåcôn
Post by Mike Easter
Post by dwåcôn
Another discovery -- TIVO doesn't support WPA. So, I am stuck trying
to secure WEP as best as possible, or get that 200 foot Ethernet
cable...
I'm not sure I have the whole equation here, but I don't know how the
tivo and wep would be a problem; OTOH interfacing between a computer
such as a laptop and the WAN via a wireless cable modem on wep would be
a whole 'nuther issue.
I don't have a landline phone -- using my cell only saves $50/month. So I
use my LAN (well, WLAN) to let TIVO do it's nightly synch with the server.
Now, I figure I may also use it with my laptop to escape my home office
and maybe do some work on the sofa... but the primary purpose is TIVO
connectivity.
I did read on About.com not to broadcast the SSID and so I changed to a
different SSID and do not broadcast it.
Also, it said 128 bit encryption was a performance hit without much
benefit, so just use 64 bit.
My main concern is keeping someone from using my high-speed internet,
especially if they want to do something naughty like send spam or whatever.
Interestingly, I pick up at least five other SSIDs... meaning my neighbors
have WiFi and seems their signals are stronger... hmm...
When you pick up the neighbor's signals, don't some of them say they are
'secure' - there must be some way to keep others out of your wifi.
--
A SpamCop user and forum reader,
Not Admin
dwåcôn
2006-05-17 23:33:41 UTC
Permalink
Post by anon
When you pick up the neighbor's signals, don't some of them say they are
'secure' - there must be some way to keep others out of your wifi.
I haven't tried connecting using their signals... particularly the one named
"default"
--
dwacon
anon
2006-05-17 23:36:05 UTC
Permalink
Post by dwåcôn
Post by anon
When you pick up the neighbor's signals, don't some of them say they are
'secure' - there must be some way to keep others out of your wifi.
I haven't tried connecting using their signals... particularly the one
named "default"
On my screen, there is a list of wifi signals that the computer has heard.

Some say secure some do not and THOSE can be connected to.

I did not have to try connecting to find out that they were secure.
--
A SpamCop user and forum reader,
Not Admin
Post by dwåcôn
--
dwacon
Continue reading on narkive:
Loading...