Trying to please the phone retailers and keeping customer security is immovable object and irresistible force. Most routers seem to pay more attention to the big money of telcos, than the individual user needs. Is there a router that can and will completely block smart phones? I use MAC address blocking, but it's useless once these guys run their little apps to either spoof the MAC, or get a password...in seconds I might add. Adding to that is he ability of most network setup software to be able to identify a device as a phone, but still no software to block it. My usage with the Netgear 6100 WR has quadrupled since installation, and I don't believe my home setup is fully responsible for that. I doubt I am alone here with this dilemma. . Where are all the hackers for the good guys?
Is an Access point router setup better for controlling intruders
- Thread starter Airwebs
- Start date
A AP tends to be more stupid since its only purpose is to convert wireless to ethernet.
Running hacking tools on a phone is not a trivial thing to do. They have locked a lot of the feature out even if you root the device. You can no longer get full root control on most devices. Even with root you I don't think you can change the mac address. I am not even sure the chipset supports the command since the wireless broadand and the wifi are all the same chip.
Nobody can crack a WPA password with a phone it does not even have close to enough cpu. I doubt it could break the WPS security and there is a huge security exposure there.
You need to turn off WPS if you have not....it is a feature for lazy people who don't even want to look at a manual. This should be disabled by default but vendors still are trying to get sales to people that likely need a 2 day class to learn to use their toaster.
The best security is going to be to run in enterprise mode with certificates. You would need a radius server but the certificates ensure only devices you pre authorize can get on and they still need to know a unique password.
You can identify traffic from a phone pretty easy it will say android or IOS in the headers of most http traffic. You can load third party firmware on a router and run firewall features that do data inspection. It won't get everything but it gets the more common stuff.
Running hacking tools on a phone is not a trivial thing to do. They have locked a lot of the feature out even if you root the device. You can no longer get full root control on most devices. Even with root you I don't think you can change the mac address. I am not even sure the chipset supports the command since the wireless broadand and the wifi are all the same chip.
Nobody can crack a WPA password with a phone it does not even have close to enough cpu. I doubt it could break the WPS security and there is a huge security exposure there.
You need to turn off WPS if you have not....it is a feature for lazy people who don't even want to look at a manual. This should be disabled by default but vendors still are trying to get sales to people that likely need a 2 day class to learn to use their toaster.
The best security is going to be to run in enterprise mode with certificates. You would need a radius server but the certificates ensure only devices you pre authorize can get on and they still need to know a unique password.
You can identify traffic from a phone pretty easy it will say android or IOS in the headers of most http traffic. You can load third party firmware on a router and run firewall features that do data inspection. It won't get everything but it gets the more common stuff.
First thing to address is how are all of these phone's getting on your network?
As bill001g suggested, you need to turn off the WPS feature on your router, anyone can download an app on their phone to crack that garbage.
If you are using WEP that is a very easy protocol to break and you need to switch to WPA2.
Your MAC and IP address are not actually encrypted even on WPA, thus you can find an authenticated MAC address on a network you do not yet have access to. This is why your MAC filtering does nothing.
Now if you are using WPA encryption, then even with a correct spoofed mac they should not be able to get in without knowing your password.
As bill001g suggested, you need to turn off the WPS feature on your router, anyone can download an app on their phone to crack that garbage.
If you are using WEP that is a very easy protocol to break and you need to switch to WPA2.
Your MAC and IP address are not actually encrypted even on WPA, thus you can find an authenticated MAC address on a network you do not yet have access to. This is why your MAC filtering does nothing.
Now if you are using WPA encryption, then even with a correct spoofed mac they should not be able to get in without knowing your password.
TRENDING THREADS
-
-
News Windows 11 will reportedly display a watermark if your PC does not support AI requirements- Started by Admin
- Replies: 4
-
Question Why Beyerdynamic DT 990 PRO is so quiet?- Started by kaizerSoze05
- Replies: 2
-
-
Latest posts
-
-
-
Question r9 390 a good budget option since rx 580s are overpriced?
- Latest: jordanbuilds1
-
-
Question Issues with USB3 hub chained from Thunderbolt dock
- Latest: jauntysquirrel
Facebook
Twitter
Instagram