Wireless access point security - I'm a little confused

[Bill in SD, CA]

OK, here's my setup.

I have 3 systems hard wired to a Linksys router and a wireless access point for my son's laptop.

2 are W2K, 1 is 98/W2K, and laptop is XP.

After reading the other threads here regarding security I am assuming that someone could hack into my network.

Right?

Or would it be that they would only have internet access?

They would have to know my "workgroup" name to get into the network. Right?

I seem to be missing something here.

And that would be ......................... ?

Bill

WEP can be hacked and mac addresses can be mirrored but its not a walk in a park

but most of the time if someone sees WEP enabled on a wireless network they dont bother unless they really want in

There really isnt alot you can do in windows to break wireless encyption as i seen most tools built for linux/unix. There are some windows tools that are coming out slowly but with the introduction of WPA makes it alittle bit more difficult

things you can set up

things you can set up.

1. WEP encryption. (Most new G products are coming out with WPA. will add more info about)

2. Mac address Filtering. Limits what wireless network cards can access the wireless accesspoint/router

3. Disable SSID (while wep is on only machines with the right WEP key will be able to see your accesspoint/router)

4. Limit the ip addresses your router/accesspoint gives out. if you have 5 machines on your network, allow only the router to give out 5 ip addresses.

as stated in this thread

basically to sum it dont expect some kid to just plug in a wireless card, load up a program and automatically crack your network. It takes time and patience to crack wep over 11 mpbs and knowledge dont forget that to

[Bill in SD, CA]

I must admit that I never gave any thought to this.

Probably a good idea to change the workgroup name to something more nefarious than "workgroup."

I can see the RIAA now.

Bill

atuaclly your network name doesnt really matter. the SSID is what you want to change or disable (but it can only be disabled if you have WEP on) SSID is the name that is broadcasted out to computers

[DVNT1]

Wireless security needs for the home user is about two issues IMO.

1) To prevent someone from using your Internet connection (consumes your bandwidth & may do illegal activities which make you the scapegoat).

2) Protect against unrestricted network access to your LAN computers.


I think #1 is clear as stated. For #2, a breach means that the attacker could access you PC much like it was plugged directly into the Internet. In this case your router will not protect you from incoming attacks and if you use a software firewall that allows the local subnet in, then that becomes useless too.


I think GZ is rating the risk too low for most current wireless home users. I suggest using all WAP security features at minimum. Even VPNs over wireless are at risk of man-in-the-middle attacks which have been proven successfull.

On a related note which indirectly supports GZ's opinion, many people seem to keep disabling default security measures until they get the wireless to work. Then they often don't enable security again in fear of breaking the conenction. Therefore many easy targets are out there which would often be hit first.

[kwebb]

Quote:

SSID is what you want to change or disable (but it can only be disabled if you have WEP on)

Your AP admin software may make you do this but SSID and WEP don't have a whole to do with each other. I'd be suprised and perplexed why a Mfg would make you turn on WEP to disable your SSID but I guess I've seen stranger things. This would be a new "feature" to me. SSID's can be sniffed with or without broadcasting on. All a cracker would have to do is send a command out for clients to dissasociate, tools exist for this, then pick up the SSID when they re-associate. MAC addy's can be spoofed, and WEP can be cracked with enough data moving across the stream. DVNT1 gave you the best advice. Enable any security measure your AP allows.

Oh, and your workgroup isn't even a concern for most people that would be scanning you. Well the ones who are serious about it anyway, as they're running linux, not windows.

my point is kwebb is the people who break into these are not your average computer users.

[kwebb]

Which most of my post backed up. As far as your comments I was only responding to what was quoted, which isn't true, at least not across the board. Maybe for your AP but I would imagine that would be in the minority for a Mfg of an AP to only allow SSID disabling when WEP is enabled. Thats a ridiculous restriction of an AP.

hrm perhaps it just linksys. i will have to research more into it!

thanks for the heads up!

[kwebb]

It may be that more SOHO AP's restrict you this way. I can't imagine why. There's no logic to it. I can tell you that Cisco and Proxim AP's, both enterprise AP's do not restrict in this manner. The only consumer grade AP that I have ever played with is the speedstream I use, which doesn't allow you to disable the SSID regardless. Doesn't really matter. Disabling the SSID, as I mentioned is a very small speed bump. The least of the security measures by my standard.