Sign in with
Sign up | Sign in
Your question

Wireless security linksys home system

Last response: in Wireless Networking
Share
Anonymous
a b F Wireless
August 15, 2005 9:23:38 PM

Archived from groups: alt.internet.wireless (More info?)

I have one laptop computer and am using a new linksys wrt54g router. Have
been researching and made changes to the router config to "make it safer"

I run ZA as my firewall and run anti virus and spyware programs as well.

The real question for me is, If you are doing the right things is wireless
as safe as hardwired?
Anonymous
a b F Wireless
August 15, 2005 10:33:04 PM

Archived from groups: alt.internet.wireless (More info?)

On Mon, 15 Aug 2005 17:23:38 -0500, "jcgc50" <jcgc50@cox.net> wrote:

>I have one laptop computer and am using a new linksys wrt54g router. Have
>been researching and made changes to the router config to "make it safer"

What changes?

>I run ZA as my firewall and run anti virus and spyware programs as well.

Good enough. However, none of these will protect you against someone
sniffing your traffic and capturing your passwords, credit card
numbers, email, porno photos, letters to your mistress, etc.

>The real question for me is, If you are doing the right things is wireless
>as safe as hardwired?

Actually, I think wireless is safer than hard wired. A wired LAN can
be tapped. There's no encryption so everything is available for
capture. Wireless, properly setup, is encrypted. You can sniff, but
all you get is garbage.

However, wireless has gotten a bad name because of crummy default
security practices and defective encryption. If you're using WEP, it
can be easily cracked and decoded. WEP is better than no encryption,
but not good enough. The right answer is WPA encryption, which fixes
the problems in WEP. WPA2 has an even better encryption protocol
(AES instead of RC4).

If you're running WPA with a decent pass phrase, methinks you're quite
safe.



--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
AE6KS 831-336-2558
Anonymous
a b F Wireless
August 16, 2005 3:09:47 AM

Archived from groups: alt.internet.wireless (More info?)

jcgc50 wrote:

> I have one laptop computer and am using a new linksys wrt54g router. Have
> been researching and made changes to the router config to "make it safer"
>
> I run ZA as my firewall and run anti virus and spyware programs as well.

ZA is not a FW it doesn't separate two networks. ZA only protects the O/S,
its services and Internet applications when the machine has a direct
connection to the Internet.

You have a FW device in the 54G router that can stop inbound and outbound
traffic.

You may want to use Wallwatcher to watch the inbound and outbound traffic
to/from the router to possible dubious remote IP(s), which the 54G router
can stop that traffic from a remote IP or from a LAN IP/machine behind the
router that has been compromised by malware until such time that it can be
located and removed.

http://www.sonic.net/wallwatcher/#routers

It may require that you use the firmware that allows Wallwatcher to work
with the 54G.

>
> The real question for me is, If you are doing the right things is wireless
> as safe as hardwired?

Wireless can never be as safe as wire IMHO.

Duane :) 
Related resources
Anonymous
a b F Wireless
August 16, 2005 11:57:55 AM

Archived from groups: alt.internet.wireless (More info?)

"Jeff Liebermann" <jeffl@comix.santa-cruz.ca.us> wrote in message

> What changes?


Thanks for the response. The changes are what I have found at linksys site
and others. Changing the SSID, disabling broadcast of the id, enabling MAC
filtering etc. Generally, I have found they recommend 5 to 10 changes.

The router defaulted to WPA - PSK for Pre-Shared Key. While I see WPA2 in
the list I am not sure if my computer works with that or not.

Considering the importance of security in a wireless network it is
surprising how difficult it was to find out what to do and then when you do
find it how poorly it is explained. For example everyone said change the
SSID. What no one mentioned is that you are immediately kicked off your
router since the ID is no longer the same nor how to go about getting back.
Nor do they mention that when you do get in to check everything else. Since
this also turned off the MAC filtering. I have probably missed something
else but who knows.

It would be nice to get a detailed primer on this.

Thanks again.

Jim
Anonymous
a b F Wireless
August 17, 2005 12:52:21 AM

Archived from groups: alt.internet.wireless (More info?)

On Tue, 16 Aug 2005 07:57:55 -0500, "jcgc50" <jcgc50@cox.net> wrote:

>Thanks for the response. The changes are what I have found at linksys site
>and others. Changing the SSID, disabling broadcast of the id, enabling MAC
>filtering etc. Generally, I have found they recommend 5 to 10 changes.

Everyone has their own formula for what's considered safe enough. To
corporate America, nothing less than WPA2-AES-TKIP with an IPSec VPN
running, is good enough. For most home users, WPA-PSK is good enough.
There is some debate about the merits of MAC filtering and disabling
SSID broadcasting.

>The router defaulted to WPA - PSK for Pre-Shared Key. While I see WPA2 in
>the list I am not sure if my computer works with that or not.

XP does WPA2:
> http://www.microsoft.com/downloads/details.aspx?familyi...

>Considering the importance of security in a wireless network it is
>surprising how difficult it was to find out what to do and then when you do
>find it how poorly it is explained.

Oh, it's not that difficult if you know the right buzzwords to feed
into Google.

>For example everyone said change the
>SSID. What no one mentioned is that you are immediately kicked off your
>router since the ID is no longer the same nor how to go about getting back.

Chuckle. I do *ALL* my configuration using a wired connection. Yes,
you'll get disconnected if you make changes while connected via
wireless. Changing the SSID, MAC filtering, and encryption method
will all pull the plug on you if you're trying to configure things via
wireless. However, do it via wireless anyway. It's good practice to
see how to disconnect, search for a new access point, and reconnect.

>Nor do they mention that when you do get in to check everything else. Since
>this also turned off the MAC filtering. I have probably missed something
>else but who knows.
>
>It would be nice to get a detailed primer on this.

Ask and ye shall receive...
http://www.practicallynetworked.com/support/wireless_se...
http://www.extremetech.com/article2/0,1697,1152933,00.a...
http://www.pcmag.com/article2/0,4149,844020,00.asp
http://insight.zdnet.co.uk/communications/wireless/0,39...
http://www.microsoft.com/windowsxp/using/networking/lea...
http://netsecurity.about.com/cs/wireless/a/aa112203_2.h...
http://www.lanarchitect.net/Articles/Wireless/SecurityR...

A dozen more articles on wireless security.
http://netsecurity.about.com/od/secureyourwifinetwork/

About half the above debunked:
http://blogs.zdnet.com/Ou/index.php?p=43
Incidentally, I agree with all his points.

Overwhelmed yet? Good. That's because I consider much of the above
to be worthless. You can change the SSID, password, encryption, and
such, and still have an insecure system. Devious and evil people
(like me) always seem to find holes in the firewall, or sloppy
implimentations. For example, give me 10 seconds with your laptop and
my autorun USB dongle will copy your wireless settings, including your
allegedly secret WPA pass phrase. Another 10 seconds and I can
autorun a script to setup an admin account for me on your computah.
(No, I won't publish my scripts and tools).

In my never humble opinion, the real basis of security is monitoring.
It's like locking the door, but never checking to see if anyone is
trying to pick the lock. Yeah, it's a bore looking at log files and
intrusion reports, but that's about the only way to detect if I'm on
your system. Do the basics as mentioned above. Never mind the
creative nonsense such as SSID hiding, MAC filtering, disable DHCP,
using NETBEUI, etc, and get some monitoring tools:
http://www.sonic.net/wallwatcher/
http://home.comcast.net/~jay.deboer/airsnare/

Also, run some firewall security check tools:
http://www.pcflank.com/exploits.htm
http://www.pcflank.com/test.htm
Lots of other online security testers. However, be careful with their
recommendations. Many of them are trying to sell you their security
software, which may not be necessary or useful.


--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
AE6KS 831-336-2558
!