How safe us my wireless network

Hello,

I have recently set up a home wireless network using a adsl2+router which
was supplied by my isp. Which I have set up with a long wep key, not sure
how great it is but just followed the manual.

Having read a lot of reports of wireless networks being "hacked" into I
started thinking how safe is my computer.

Can anyone offer any information in helping keep my wireless network safe.

All quite interesting stuff. I thought the best way of thinking about
security is think what would the would be hacker do with that mindset I
guess you could help protect yourself. Its a shame I understand very little
about the subject :). How does this swarm of wirelss hackers do what they do
?

Thanks

Re: How safe us my wireless network

Subscribe to: alt.internet.wireless for expert opinions :)

"Petesmad" wrote in message
news:HpWdnVvuh7pOiNvbnZ2dnUVZ8v2vnZ2d@bt.com...
> Hello,
>
> I have recently set up a home wireless network using a adsl2+router which
> was supplied by my isp. Which I have set up with a long wep key, not sure
> how great it is but just followed the manual.
>
> Having read a lot of reports of wireless networks being "hacked" into I
> started thinking how safe is my computer.
>
> Can anyone offer any information in helping keep my wireless network safe.
>
> All quite interesting stuff. I thought the best way of thinking about
> security is think what would the would be hacker do with that mindset I
> guess you could help protect yourself. Its a shame I understand very
> little about the subject :). How does this swarm of wirelss hackers do
> what they do ?
>
> Thanks
>
>

Re: How safe us my wireless network

" MaHaBone" wrote in message
news:f260cc$cqu$1@aioe.org...
> Subscribe to: alt.internet.wireless for expert opinions :)
>
> "Petesmad" wrote in message
> news:HpWdnVvuh7pOiNvbnZ2dnUVZ8v2vnZ2d@bt.com...
>> Hello,
>>
>> I have recently set up a home wireless network using a adsl2+router which
>> was supplied by my isp. Which I have set up with a long wep key, not sure
>> how great it is but just followed the manual.
>>
>> Having read a lot of reports of wireless networks being "hacked" into I
>> started thinking how safe is my computer.
>>
>> Can anyone offer any information in helping keep my wireless network
>> safe.
>>
>> All quite interesting stuff. I thought the best way of thinking about
>> security is think what would the would be hacker do with that mindset I
>> guess you could help protect yourself. Its a shame I understand very
>> little about the subject :). How does this swarm of wirelss hackers do
>> what they do ?
>>
>> Thanks
>>
>>
>

Hehe fair enough :)

Re: How safe us my wireless network

On May 13, 11:49 pm, "Petesmad" wrote:
> " MaHaBone" wrote in message
>
> news:f260cc$cqu$1@aioe.org...
>
>
>
> > Subscribe to: alt.internet.wireless for expert opinions :)
>
> > "Petesmad" wrote in message
> >news:HpWdnVvuh7pOiNvbnZ2dnUVZ8v2vnZ2d@bt.com...
> >> Hello,
>
> >> I have recently set up a home wireless network using a adsl2+router which
> >> was supplied by my isp. Which I have set up with a long wep key, not sure
> >> how great it is but just followed the manual.
>
> >> Having read a lot of reports of wireless networks being "hacked" into I
> >> started thinking how safe is my computer.
>
> >> Can anyone offer any information in helping keep my wireless network
> >> safe.
>
> >> All quite interesting stuff. I thought the best way of thinking about
> >> security is think what would the would be hacker do with that mindset I
> >> guess you could help protect yourself. Its a shame I understand very
> >> little about the subject :). How does this swarm of wirelss hackers do
> >> what they do ?
>
> >> Thanks
>
> Hehe fair enough :)

wep can be cracked, if your device supports it, use wpa with a long
20+ character string. Also disable the advertisement (actual setting
varies). But basically you can stop it from being visible as an
available wireless network so only people who know its their can
connect to it.

Flamer.

Re: How safe us my wireless network

On May 12, 3:30 pm, "Petesmad" wrote:
> Hello,
>
> I have recently set up a home wireless network using a adsl2+router which
> was supplied by my isp. Which I have set up with a long wep key, not sure
> how great it is but just followed the manual.
>
> Having read a lot of reports of wireless networks being "hacked" into I
> started thinking how safe is my computer.
>
> Can anyone offer any information in helping keep my wireless network safe.
>
> All quite interesting stuff. I thought the best way of thinking about
> security is think what would the would be hacker do with that mindset I
> guess you could help protect yourself. Its a shame I understand very little
> about the subject :). How does this swarm of wirelss hackers do what they do
> ?
>
> Thanks

I've cracked WEP keys before... takes about 2 minutes after you find a
good packet to inject... it's like asking for something and them
handing it right over...

WPA/WPA2 just take a while longer, like days.... anyone who is
persistent enough and with the right tools will break into anything...

use alphanumeric and special characters, and if your WAP(Wireless
Access Point) does it, use spaces too....

RedForeman

Re: How safe us my wireless network

Am Mon, 14 May 2007 05:30:18 -0700 schrieb RedForeman:

> On May 12, 3:30 pm, "Petesmad" wrote:
>> Hello,

>>
>> Having read a lot of reports of wireless networks being "hacked" into I
>> started thinking how safe is my computer.
>>
>> Can anyone offer any information in helping keep my wireless network safe.

Secure it via IPSec, thats defently the most secure WLAN.

Re: How safe us my wireless network

On May 15, 5:07 am, Burkhard Ott wrote:
> Am Mon, 14 May 2007 05:30:18 -0700 schrieb RedForeman:
>
> > On May 12, 3:30 pm, "Petesmad" wrote:
> >> Hello,
>
> >> Having read a lot of reports of wireless networks being "hacked" into I
> >> started thinking how safe is my computer.
>
> >> Can anyone offer any information in helping keep my wireless network safe.
>
> Secure it via IPSec, thats defently the most secure WLAN.

IPSec is good, but like a VPN, it carries a higher overhead, and would
surely slow things down noticably... It's widely known that using WPA2
is the way to go, using a passphrase with spaces and punctuation...
"This is my secure password for wireless networks." <--- is one of my
wireless passwords, takes days to crack it.... like 4 days at best...

A good checklist I found
-) WPA-PSK - though after reading this blog have changed it random
chars.
-) I've set an obscure SSID and disabled broadcasting it.
-) Enabled MAC Filtering - though won't stop the more persistent
hacker it'll deter the average opurtunist!
-) I've set an obscure password for the router.
-) I've disabled DHCP and changed the default LAN IP setup.
-) and finally, on the days that I don't use my PC, I switch off my
router!

This is probably the best(sorta) advice I've heard...

RedForeman

Re: How safe us my wireless network

Am Tue, 15 May 2007 05:35:43 -0700 schrieb RedForeman:

> IPSec is good, but like a VPN, it carries a higher overhead, and would
> surely slow things down noticably... It's widely known that using WPA2

It is VPN, the overhead are 20 Bytes (IP Header) so you don't feel a
difference.

> is the way to go, using a passphrase with spaces and punctuation...
> "This is my secure password for wireless networks." <--- is one of my
> wireless passwords, takes days to crack it.... like 4 days at best...
>
> A good checklist I found
> -) WPA-PSK - though after reading this blog have changed it random
> chars.
> -) I've set an obscure SSID and disabled broadcasting it.
> -) Enabled MAC Filtering - though won't stop the more persistent
> hacker it'll deter the average opurtunist!
> -) I've set an obscure password for the router.
> -) I've disabled DHCP and changed the default LAN IP setup.
> -) and finally, on the days that I don't use my PC, I switch off my
> router!

The list isn't bad at all but it's pretty easy to detect the frequency and
2,4 GHz is mostly WLAN, now recording traffic and analyze it.
The goal is reached if you can get only parts of the traffic, especially
the payload is interesting watching for credit card numbers from banking
sessions etc.
The other side is if somebody got the key he sniffs all of your traffic
because the payload isn't encrypted anymore.
IPSec works on Layer IP your tcp packet is encrypted and if you use AH
your data is still secure if somebody find out your key.
You have with IPSec more ecryptions and hash algorythms, IKE/ISAKMP rekeys
alone etc.
It's only an option you could use if you want, I use it since 2 years with
certifcate based authentification and I had never problems.
I rebuild the antenna and built an amplifier so I can reach my brother in
law on a stable connection (his app. is over the street round about 100m).
cya

Re: How safe us my wireless network

On May 16, 9:36 am, Burkhard Ott wrote:
> The list isn't bad at all but it's pretty easy to detect the frequency and
> 2,4 GHz is mostly WLAN, now recording traffic and analyze it.

NetStumbler...Ethereal....or Airodump.... AirCrack.... Aireplay

> The goal is reached if you can get only parts of the traffic, especially
> the payload is interesting watching for credit card numbers from banking
> sessions etc.

TCPDump

> The other side is if somebody got the key he sniffs all of your traffic
> because the payload isn't encrypted anymore.
> IPSec works on Layer IP your tcp packet is encrypted and if you use AH
> your data is still secure if somebody find out your key.
> You have with IPSec more ecryptions and hash algorythms, IKE/ISAKMP rekeys
> alone etc.

this to me lends itself to user error, headaches, and problems...
keys, keys, keys....

> It's only an option you could use if you want, I use it since 2 years with
> certifcate based authentification and I had never problems.
> I rebuild the antenna and built an amplifier so I can reach my brother in
> law on a stable connection (his app. is over the street round about 100m).
> cya

Ok, good clarification... but IMO, too many variables... I think....



You've got 2 schools of thought....IMO.... (i say that alot....)

1. Easy to manage - less secure - WPA2-TKIP or even WPA is enough to
keep out 'most' kiddies...
2. Harder to manage - more secure - IPSec over a VPN on a wireless
connection...

~90% of people will fall into the first category, and that most people
aren't saavy enough to know how to implement IPSec over a VPN...
~5% of the remainder want to be especially secured - paranoid users,
scared to do banking online, purchase over the internet, etc...
~3% know it's ok, just be smart about surfing, email, etc....
~2% are the exception, IMO... who know more than your average bear,
implement the most stoutest of security measures, and believe that
they are secured...

you my friend, are without a doubt, the 2% of ppl... and I'm not...
I'm in the 3% group, that is smart, but lazy about implementing....

RedForeman

Re: How safe us my wireless network

RedForeman wrote:
> A good checklist I found
> -) WPA-PSK - though after reading this blog have changed it random
> chars.
> -) I've set an obscure SSID and disabled broadcasting it.
> -) Enabled MAC Filtering - though won't stop the more persistent
> hacker it'll deter the average opurtunist!
> -) I've set an obscure password for the router.
> -) I've disabled DHCP and changed the default LAN IP setup.
> -) and finally, on the days that I don't use my PC, I switch off my
> router!

That is probably for the paranoid. You have forgot to use a public IP
network inside your LAN. Pick one which you know you will never try to
access (e.g. the Communicy College of Timbuktu) and use their IP address
range. If someone hacks into the LAN he will usually first scan for the
private address ranges... Also remember to setup strict LAN filtering on
all computers connected to accept only traffic from IP addresses of your
computers. Also you should actually add you honeypot DHCP server in the
LAN. A DHCP server which hands out an IP address to any one who wants
one and rings the alarm immediately if someone does because all your
computers are static IP...

The problem with this checklist is that is is only really useful for
people who know what they are doing. The average person may be able to
set it up initially. But then, a year later they want to add a new
laptop and then the trouble stars. They have to remember exactly what
they have to do to get it in: they have to manually enter the SSID, the
encryption key, to assign a static IP address, get access to the router
configuration, remember the router password, find the mac filtering
function again, add the mac address...

For the average user, all he needs is a good preshared key with WPA or
WPA2. Anyone, you has the power or knowledge to break WPA or WPA2 at the
moment won't be kept off by the rest of the list...

Gerald

Re: How safe us my wireless network

RedForeman wrote:
> On May 12, 3:30 pm, "Petesmad" wrote:
>> I have recently set up a home wireless network using a adsl2+router
>> which was supplied by my isp. Which I have set up with a long wep
>> key, not sure how great it is but just followed the manual.
>>
>> Having read a lot of reports of wireless networks being "hacked" into
>> I started thinking how safe is my computer.
>>
>> Can anyone offer any information in helping keep my wireless network
>> safe.
>>
>> All quite interesting stuff. I thought the best way of thinking about
>> security is think what would the would be hacker do with that mindset
>> I guess you could help protect yourself. Its a shame I understand
>> very little about the subject :). How does this swarm of wirelss
>> hackers do what they do ?
>
> I've cracked WEP keys before... takes about 2 minutes after you find a
> good packet to inject... it's like asking for something and them
> handing it right over...
>
> WPA/WPA2 just take a while longer, like days....

You mistyped "millennia"¹.

cu
59cobalt

¹ provided we're talking about WPA with a good (strong) passphrase.
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich

Re: How safe us my wireless network

RedForeman wrote:
> IPSec is good, but like a VPN, it carries a higher overhead, and would
> surely slow things down noticably...

Can't confirm that.

> It's widely known that using WPA2 is the way to go, using a passphrase
> with spaces and punctuation... "This is my secure password for
> wireless networks." <--- is one of my wireless passwords, takes days
> to crack it.... like 4 days at best...

Actually that's a bad passphrase, because it's prone to dictionary-based
attacks that compose passphrases of words rather than characters.

> A good checklist I found

Actually the list isn't that good.

> -) WPA-PSK - though after reading this blog have changed it random
> chars.

WPA is a good security measure against intruders as long as you're using
a strong passphrase (50+ characters, mixed case, digits, special
characters).

> -) I've set an obscure SSID and disabled broadcasting it.

Pointless.

> -) Enabled MAC Filtering - though won't stop the more persistent
> hacker it'll deter the average opurtunist!

Pointless, plus increases your administrative overhead.

> -) I've set an obscure password for the router.

If by "obscure" you mean "strong" then yes.

> -) I've disabled DHCP and changed the default LAN IP setup.

Pointless.

> -) and finally, on the days that I don't use my PC, I switch off my
> router!

Nothing wrong with that. Helps saving the environment, too.

cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich