Sign in with
Sign up | Sign in
Your question

Wireless security

Last response: in Wireless Networking
Share
Anonymous
a b F Wireless
January 8, 2005 10:33:08 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

I have a wireless broadband connection. I have read about making it
'secure' - some of the measures seem to suggest:

1. Reset admin password

2. Reset default SSID

3. Disable SSID Broadcast

4. Change from default channel

5. Enable WEP with 128 bit key

6. Change Authentication Type to Shared Key

I am still not clear about some things, however. Surely anybody bringing a
laptop with wireless capabilities within range of my house will still be
able to logon to the Internet using my connection, even if I implement the
above suggestions? Which of the above measures would stop them doing so?

More about : wireless security

January 8, 2005 10:33:09 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

Hi
If another Wireless Signal is propagating in your reception area it might
appear in your available Wireless Network. Nothing is wrong with this that
is the way Wireless technology works (the Air around us does not
discriminate signals).
Using the measures of security is the step to insure that others can not use
your signal, and vice versa.
Wireless - Basic Configuration: http://www.ezlan.net/Wireless_Config.html
Wireless - Basic Security: http://www.ezlan.net/Wireless_Security.html
Jack (MVP-Networking).


"C Tate" <colin@nobodyhere.mrcrtate.fsnet.co.uk> wrote in message
news:o y72ljb9EHA.2676@TK2MSFTNGP12.phx.gbl...
> I have a wireless broadband connection. I have read about making it
> 'secure' - some of the measures seem to suggest:
>
> 1. Reset admin password
>
> 2. Reset default SSID
>
> 3. Disable SSID Broadcast
>
> 4. Change from default channel
>
> 5. Enable WEP with 128 bit key
>
> 6. Change Authentication Type to Shared Key
>
> I am still not clear about some things, however. Surely anybody bringing a
> laptop with wireless capabilities within range of my house will still be
> able to logon to the Internet using my connection, even if I implement the
> above suggestions? Which of the above measures would stop them doing so?
>
>
>
>
Anonymous
a b F Wireless
January 8, 2005 10:41:20 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

PS. I still want to be able to connect wirelessly to my broadband connection
with my laptop! The main connection is with my PC but occasionally my
partner will want to share the Internet connection with a laptop. I don't
want to lock the laptop out, as it were.
"C Tate" <colin@nobodyhere.mrcrtate.fsnet.co.uk> wrote in message
news:o y72ljb9EHA.2676@TK2MSFTNGP12.phx.gbl...
>I have a wireless broadband connection. I have read about making it
>'secure' - some of the measures seem to suggest:
>
> 1. Reset admin password
>
> 2. Reset default SSID
>
> 3. Disable SSID Broadcast
>
> 4. Change from default channel
>
> 5. Enable WEP with 128 bit key
>
> 6. Change Authentication Type to Shared Key
>
> I am still not clear about some things, however. Surely anybody bringing a
> laptop with wireless capabilities within range of my house will still be
> able to logon to the Internet using my connection, even if I implement the
> above suggestions? Which of the above measures would stop them doing so?
>
>
>
>
Related resources
January 9, 2005 9:17:01 AM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

Some thoughts....
1. Resetting the password will stop others who do gain access to your
router from changing the settings - essential.
2. Reset the default SSID changes what your wireless router broadcasts
itself as. When used in conjunction with...
3. Disable SSID broadcast - can improve the security of your wireless
connection because it will not be visible so others will not know what to put
into their settings to connect to you - desirable.
4. Change from the default channel - used to reduce electro-magnetic
interference (EMI) effects.
5. Enable WEP 64 or 128 bit - this provides a meduim level of protection
for your network using encryption and is what I think you are actually
looking for. With this enabled, it will prevent most people from accessing
your network. I say 'medium' and 'most people' because there are some
inherent holes in WEP but these require a real expert with specialist
equipment to exploit. If someone with these skills and resources is trying
to hack into your wireless connection then you have much bigger problems than
wireless security!!!!
6. Sgared Key - pretty sure this is a WPA setting. WPA is better than WEP
but there are less devices that support it at the moment.

So in summary -
Reset the password. This will not affect the laptop.
Reset the default SSID and disable broadcast. This will have to be reset
onto the laptop.
Enable either WPA or WEP. If you only have WEP then 64 bit is easier
because there are less hex pairs to enter into the laptop!!

The best Security/protection is a layered defensive system. Changing and
hiding the SSID means that others cannot see your network etc...

There is more at stake here than just protecting your internet connection.
Any network shares on your PC and laptop would be available to anyone who was
able to connect to your network.

Best of luck.



"C Tate" wrote:

> I have a wireless broadband connection. I have read about making it
> 'secure' - some of the measures seem to suggest:
>
> 1. Reset admin password
>
> 2. Reset default SSID
>
> 3. Disable SSID Broadcast
>
> 4. Change from default channel
>
> 5. Enable WEP with 128 bit key
>
> 6. Change Authentication Type to Shared Key
>
> I am still not clear about some things, however. Surely anybody bringing a
> laptop with wireless capabilities within range of my house will still be
> able to logon to the Internet using my connection, even if I implement the
> above suggestions? Which of the above measures would stop them doing so?
>
>
>
>
>
Anonymous
a b F Wireless
January 9, 2005 11:28:49 AM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

Keep in mind tools like Kismet can easily find cloaked SSIDs. There is really no good reason to not
broadcast the SSID...

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...

"Sean" <Sean@discussions.microsoft.com> wrote in message
news:23BF72FF-6755-4D32-B006-0251BD716F7F@microsoft.com...
> Some thoughts....
> 1. Resetting the password will stop others who do gain access to your
> router from changing the settings - essential.
> 2. Reset the default SSID changes what your wireless router broadcasts
> itself as. When used in conjunction with...
> 3. Disable SSID broadcast - can improve the security of your wireless
> connection because it will not be visible so others will not know what to put
> into their settings to connect to you - desirable.
> 4. Change from the default channel - used to reduce electro-magnetic
> interference (EMI) effects.
> 5. Enable WEP 64 or 128 bit - this provides a meduim level of protection
> for your network using encryption and is what I think you are actually
> looking for. With this enabled, it will prevent most people from accessing
> your network. I say 'medium' and 'most people' because there are some
> inherent holes in WEP but these require a real expert with specialist
> equipment to exploit. If someone with these skills and resources is trying
> to hack into your wireless connection then you have much bigger problems than
> wireless security!!!!
> 6. Sgared Key - pretty sure this is a WPA setting. WPA is better than WEP
> but there are less devices that support it at the moment.
>
> So in summary -
> Reset the password. This will not affect the laptop.
> Reset the default SSID and disable broadcast. This will have to be reset
> onto the laptop.
> Enable either WPA or WEP. If you only have WEP then 64 bit is easier
> because there are less hex pairs to enter into the laptop!!
>
> The best Security/protection is a layered defensive system. Changing and
> hiding the SSID means that others cannot see your network etc...
>
> There is more at stake here than just protecting your internet connection.
> Any network shares on your PC and laptop would be available to anyone who was
> able to connect to your network.
>
> Best of luck.
>
>
>
> "C Tate" wrote:
>
>> I have a wireless broadband connection. I have read about making it
>> 'secure' - some of the measures seem to suggest:
>>
>> 1. Reset admin password
>>
>> 2. Reset default SSID
>>
>> 3. Disable SSID Broadcast
>>
>> 4. Change from default channel
>>
>> 5. Enable WEP with 128 bit key
>>
>> 6. Change Authentication Type to Shared Key
>>
>> I am still not clear about some things, however. Surely anybody bringing a
>> laptop with wireless capabilities within range of my house will still be
>> able to logon to the Internet using my connection, even if I implement the
>> above suggestions? Which of the above measures would stop them doing so?
>>
>>
>>
>>
>>
Anonymous
a b F Wireless
January 10, 2005 7:03:27 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

Shared key authentication only applies to WEP secured networks, not WPA.
Shared mode does not offer any additional security if you are already using
an encryption type like WEP or WPA.

--
Jerry Peterson
Windows Network Services - Wireless

This posting is provided "AS IS" with no warranties, and confers no rights.
"Sean" <Sean@discussions.microsoft.com> wrote in message
news:23BF72FF-6755-4D32-B006-0251BD716F7F@microsoft.com...
> Some thoughts....
> 1. Resetting the password will stop others who do gain access to your
> router from changing the settings - essential.
> 2. Reset the default SSID changes what your wireless router broadcasts
> itself as. When used in conjunction with...
> 3. Disable SSID broadcast - can improve the security of your wireless
> connection because it will not be visible so others will not know what to
> put
> into their settings to connect to you - desirable.
> 4. Change from the default channel - used to reduce electro-magnetic
> interference (EMI) effects.
> 5. Enable WEP 64 or 128 bit - this provides a meduim level of protection
> for your network using encryption and is what I think you are actually
> looking for. With this enabled, it will prevent most people from
> accessing
> your network. I say 'medium' and 'most people' because there are some
> inherent holes in WEP but these require a real expert with specialist
> equipment to exploit. If someone with these skills and resources is
> trying
> to hack into your wireless connection then you have much bigger problems
> than
> wireless security!!!!
> 6. Sgared Key - pretty sure this is a WPA setting. WPA is better than WEP
> but there are less devices that support it at the moment.
>
> So in summary -
> Reset the password. This will not affect the laptop.
> Reset the default SSID and disable broadcast. This will have to be reset
> onto the laptop.
> Enable either WPA or WEP. If you only have WEP then 64 bit is easier
> because there are less hex pairs to enter into the laptop!!
>
> The best Security/protection is a layered defensive system. Changing and
> hiding the SSID means that others cannot see your network etc...
>
> There is more at stake here than just protecting your internet connection.
> Any network shares on your PC and laptop would be available to anyone who
> was
> able to connect to your network.
>
> Best of luck.
>
>
>
> "C Tate" wrote:
>
>> I have a wireless broadband connection. I have read about making it
>> 'secure' - some of the measures seem to suggest:
>>
>> 1. Reset admin password
>>
>> 2. Reset default SSID
>>
>> 3. Disable SSID Broadcast
>>
>> 4. Change from default channel
>>
>> 5. Enable WEP with 128 bit key
>>
>> 6. Change Authentication Type to Shared Key
>>
>> I am still not clear about some things, however. Surely anybody bringing
>> a
>> laptop with wireless capabilities within range of my house will still be
>> able to logon to the Internet using my connection, even if I implement
>> the
>> above suggestions? Which of the above measures would stop them doing so?
>>
>>
>>
>>
>>
!