I got wireless connection at home and every friend tell me it opens up my computer for attacks and they should never use it
so I read up on security and hardware is capable of send/receive it encrypted 64/128/256bit and a builtin firewall etc
it also default using channel 6, so I switched to use another channel and put on encryption
so whats enough?, do I need 256bit or is it overkill, or is it enough with 64bit?
should I start vpn tunneling as well?(it supports vpn tunneling also)
I think it should be cool to surf while sitting on the lawn in front, when its sunny or a block away in the car
Magnus,
Its probably fine in most instances if you use the firewall and encryption but I would not handle national secrets with that technology. If the higher level of encryption is fast enough I would use it as it makes the other end have to work harder if they ever bothered.
I agree. Having worked for a national ISP, I've heard a few horror stories about script kiddies driving around town with their laptops and wireless receivers in their car, looking for LANs to break into. (And in one case, actually succeeding - followed by a slew of legal ramifications from the FCC, among other things.) That victim had no idea that their router could be "hacked" and thus never enabled encryption...
Also I think recently someone said that a 128-bit cypher had been defeated - maybe in China. But still, it took a supercomputer and a very long time. 64-bit would be significantly shorter, do-able on an average PC but it will still take a long time. If someone's going to spend years of their life hacking into my router, and actually succeed, kudos to them ID10Ts. :bg
You don't need a supercomputer to crack a WEP password, i managed to do it in ~20 minutes (64b).
You need kismet, wepcrack, a sniffer, and a ARP poisoning app to force the target to generate some traffic, so you don't have to wait too long.
The idea is that you need to sniff a couple hundred MBs of encrypted trafic, so you have enough initialization vectors. Then you just feed the dump file to wepcrack.
WEP just gives you a false feeling of security, trust me.
Hi daydreamer
Allmost all the wireless routers I know of had a Firewall to protect you From the Net, but the main danger you have is conection from the wireless side, details vary, but all the routers had a seting that let conect only certain net adapters, the go/no go is based in the adapter MAC address, so on esence only designated PC could conect to the wireless lan.
Unless you plan to setup a comunity Hot Spot in your House area (not a sensible ting to do), activate this feature, giving the router the MAC of the machines you want to conect to the net.
Good luck
Carlos
Kind of like the front door lock. You keep it locked until you expect company ( other users ).
Like the front door, it keeps the curious and casual people out. It does not stop a professional.
Keep anything important in your house? What's in your wallet? :bg
Regards, P1 :8)
thanks, so I should go 256bit, constantly changing keycode faster than you can hack it, if I want to keep it really safe
should I also shut it down, to minimum usage when not using internet also
no I cant find MAC adress thing
daydreamer,
Don't let your nice dreams become horror films about being hacked.
If you are really concerned, setup an IDS with a spare computer and watch for activity. If you get some then go for it.
Regards, P1 :8)
Oh, forgot to say, you can also spoof your MAC address, so MAC filtering only would delay the attacker :toothy
Anyway, unless someone knows you have something very important on your system, nobody would waste time cracking your WEP key/spoofing the MAC to get in, they will just move on tho the next AP...
Quote from: Mark Jones on June 12, 2005, 10:29:34 PM
I agree. Having worked for a national ISP, I've heard a few horror stories about script kiddies driving around town with their laptops and wireless receivers in their car, looking for LANs to break into. (And in one case, actually succeeding - followed by a slew of legal ramifications from the FCC, among other things.) That victim had no idea that their router could be "hacked" and thus never enabled encryption...
Also I think recently someone said that a 128-bit cypher had been defeated - maybe in China. But still, it took a supercomputer and a very long time. 64-bit would be significantly shorter, do-able on an average PC but it will still take a long time. If someone's going to spend years of their life hacking into my router, and actually succeed, kudos to them ID10Ts. :bg
It is hard to stop this sort of hacker because it can now be done from a reasonable distance provided you have the right equipment. In any case, you won't have too much to worry about if your router is locked down, because you can guarantee that you have 10 neighbours who haven't locked theirs down, and they will get "hacked" first :lol
its good to be cautious, because I dont want anyone to spoof me in a eshop, after snapping up my codes
There is another approach, live stream Kylie continuously across your wireless network and only pass data where you require it. Someone would soon get tired of listening. :bg
Quote from: hutch-- on June 19, 2005, 01:11:10 AM
There is another approach, live stream Kylie continuously across your wireless network and only pass data where you require it. Someone would soon get tired of listening. :bg
LOL should probably work, you mean Hutchence ex
first thought when I entered this forum, I was wondering if you was somewhat related to him
Use WPA not WEP and use 256bit AES encryption
Sorry to resurrect an old topic, but does encryption slow down a wireless link much?
We've just got adsl2+, which comes with a wireless router with 4 ethernet ports.
The modem internet connect speed is 10684 kbps, I'm assuming this is about 10 megabits/sec max - about 1 megabyte/sec.
Downloading a file from microsoft through the wireless (802.11g, 54 megabits/sec) is around 60-70 kbytes/sec.
Downloading the same file from microsoft (after disabling the wireless and rebooting) through the cat5 (100 megabits/sec) is around 300-350 kbytes/sec.
Why is the wireless so much slower? It connects to my box at 54Mbps, the cat5 connects at 100Mbps, but the cable is 5x faster!
Sinsi, perhaps even though the "link speed" is one rate, the data is only buffered up to the physical TX/RX layer at that rate, and the actual physical link bandwidth is much less? Or perhaps the signal quality is not good enough for maximum bandwidth, and the hardware is reducing the link speed? Or perhaps there is a conflicting signal present (from a neighbor) which is forcing a slower bandwidth?
It is for reasons such as these that I dislike wireless links - they introduce a ton of ambiguity. With something like one of these (http://www.harborfreight.com/cpi/ctaf/displayitem.taf?Itemnumber=38156) and one of these (https://www.wirecare.com/land_ls61.asp), it is actually quite easy to drill holes through the walls and run some quality CAT-5 or fiber. :lol
Quote from: Mark Jones on August 01, 2008, 03:10:46 PM
It is for reasons such as these that I dislike wireless links
Yeah, me too, but I'm as good at drilling holes as I am at brain surgery...
Quote from: hutch-- on June 19, 2005, 01:11:10 AM
There is another approach, live stream Kylie continuously across your wireless network and only pass data where you require it. Someone would soon get tired of listening. :bg
:lol
A simple idea that would be a very effective deterrent
I have as a footrest on my programming table a 300 metre roll of cat6 network cable which is just a bit fussier about attaching the plugs at either end but the speed is fine, I have 3 computes networked through a couple of gigabit hubs and regularly do backups across this LAN of entire partitions and its no slouch. I would not touch a radio link with a bargepole, either they leak like sieves with outside radio reception or the get slow with enough encryption to try and secure them.
Yeah, I'm going to get an electrician friend of mine to wire up some access points I reckon.
No point in having the blistering speed of ADSL2+ and not using it, is there :bdg
Quote from: hutch-- on August 03, 2008, 04:20:05 AM300 metre roll of cat6 network cable
Isn't the maximum length 100 metres?
> Isn't the maximum length 100 metres?
Probably but the only box of cable I could buy was 305 metres so I guess I can wire up networks for long enough to wait for higher speed optical to come in.
Quote from: Mark Jones on August 01, 2008, 03:10:46 PM
Sinsi, perhaps even though the "link speed" is one rate, the data is only buffered up to the physical TX/RX layer at that rate, and the actual physical link bandwidth is much less? Or perhaps the signal quality is not good enough for maximum bandwidth, and the hardware is reducing the link speed? Or perhaps there is a conflicting signal present (from a neighbor) which is forcing a slower bandwidth?
I was thinking of laziness will have the whole neighbourhood on default channel for router, could be reason for low speed, we should try to download something and optimize which channel is best download speed ,if you dont do this hang your head in great shame being the asm programmer that is NOT optimizing his computer :naughty:
Sinsi,
I have had adsl+2 here in Sydney for a couple of years and the main problem is speed from the server. I once needed some media files from the big german download site so I joined for a week but found the bandwidth was limited per connection to about 150k/sec so I multiple downloaded the required files running about 6 connections and ended up with a big increase in total download speed.
By spec cat5e is supposed to handle 1 gigbit but as there was no real price difference I bought the box of cat6 as its faster than my connection, a bit harder to put the connectors on but no big deal. If you are something like useful and don't mind climbing around in the roof or under the house, buy yourself a stripping/crimping tool for the normal male plugs which only cost peanuts and also get some wall mounts if you want it to look tidy as well. HPM ones were about $5.00 each so its no big deal.
Quote from: daydreamer on August 06, 2008, 06:45:02 PM
if you dont do this hang your head in great shame being the asm programmer that is NOT optimizing his computer :naughty:
Ouch! you are correct though.
The fastest download has been java at around 400kbytes/sec, which I was happy about. It seems to go in bursts though - up to 450, down to 32. Must be the weather...
hutch, yeah that's what I'll do, except for the in-the-roof thing (hey, that's what nephews are for) and my brother is the handyman (he's got 3 drills ffs). So with me as project manager we'll do ok.
Quote from: sinsi on August 07, 2008, 06:23:18 AM
Quote from: daydreamer on August 06, 2008, 06:45:02 PM
if you dont do this hang your head in great shame being the asm programmer that is NOT optimizing his computer :naughty:
Ouch! you are correct though.
The fastest download has been java at around 400kbytes/sec, which I was happy about. It seems to go in bursts though - up to 450, down to 32. Must be the weather...
hutch, yeah that's what I'll do, except for the in-the-roof thing (hey, that's what nephews are for) and my brother is the handyman (he's got 3 drills ffs). So with me as project manager we'll do ok.
channel 6 seem to be the default channel on D-link and you could guess everyone in neighbourhood have routers/recievers will be too lazy to meddle with change advanced settings
so my guess is find out howto change of channel=very high probability you have a different channel with different radio freqency all alone which means full wlan bandwidth, while staying at channel 6, your router etc must play nice with your neiighbours routers on that radio channel
Netgear, channel 5. A friend of mine has the same, I've asked him what his is set to.
I have 1 to 13 to choose from, maybe I'll play with them.
Tried a 'bandwidth tester' which came close to the router's connect speed (9 vs 10 mbit), must be the wireless link (just got 900 kbytes/sec via cat5).
The reason why I am assuming it is something on the physical TX/RX layer is that unlike traditional switches and routers, there is no way to prevent a collision on an RF link. (E.g., no way to control traffic flow.) Please let us know how well "changing the channel" works. :U
Also, I've seen problems caused by the router being both too close to an exterior wall (the aluminum siding or mylar insulation in the wall prevents proper signal strength/quality) and also by too close proximity to other sources of RF interference (electric motors, light dimmers, junk PC power supplies, etc.)
For example, in older homes, wiring in the walls is often "tube and knob (http://www.flickr.com/photos/85775754@N00/2556543395/)" type where each wire is (supposed to be) run separately about a foot apart with little insulation. If one of these wires has a lot of current flowing through it (say it is feeding an upstairs air-conditioner or something), then it becomes essentially a one-turn electromagnet. I've seen this effect strong enough to distort a television image before, and that surely could wreak havoc on a router if it were too close. :lol
These issues would be rare to stumble across in practice, but not impossible -- just covering all the bases. :bg
Mark has a good point here, I am used to this stuff as my older brother is a radio/tv man whose brain I can pick any old time. So far I have found the cat6 reasonably insensitive to normal radio spectrum noise, I have it routed through the floor in parallel with the power main running through the house that runs everything downstairs and it has not bothered it at all.
Well, changing the channel from 6 to 10 and trying a quick test (downloading a driver from nvidia) gave maybe 50 kbytes/sec more, but still nowhere
near the cat5 speed - 350 vs 600. Still, it's faster for my usual internetting and if I need to download a big file I'll just hook the cat5 up.
It is sort of bugging me though, so I'm going to do some more 'channel surfing' and more download speed tests.
Talking of cables, my old cat5 cable was pretty bad - people walking on it, doors closed on it etc. For about 5 metres of its 20 metre length it was just
untwisted pairs of wires, but worked fine... :8)
daydreamer, your comment still stings.
Sinsi,
I doubt that a radio link will get the speed of a direct cable connection, too many losses in comparison. I would still get the young fellas to route you a set of cables and wall plugs as it is both faster and far more secure. I would be inclined to use the radio link for surfing from your front lawn or beside the swimming pool and leave the serious stuff to a direct cable connection.
hutch, as always the voice of reason :bdg
A question from left-field - does the wireless link run full duplex? or Does that apply to a wireless link?
So much to learn, so little memory...
OK, old topic but same problem with speed.
Still get slow=wireless, fast=cat5 but I know that.
The weird thing is...installed vmware, installed 2000pro. Went to download ie6sp1 (latest for 2000) from the host (xp home) thinking that it would be quicker
than going through a virtual nic. Got 50-60K/sec, wasn't doing anything else, tried it in the guest (2000) and got 400+K/sec.
Is this some sort of problem with timing things in the guest?
To drag this topic a leeeeetle further
I've been busy with some homegrown video hardware designs, using DSPs and got sidetracked into encryption (this is a major topic of DSPs).
What I've worked out is that no encryption scheme nowdays is safe(hmmm -- Internet Banking comes to mind :green2 ), and only the deterrent is the imagination of the encrypter.
What i worked out is a scalable modular DSP pcb, and with the correct scalable firmware, you're well on your way to crack anything...
Maybe what it requires is something simple :bg
if you're using standard wep+rc4 then it's a cakewake gaining access to your router, you should use a strong protection most routers offer with aes.
Update - just installed the win7 beta and get 300-400 Kbytes/sec via wireless, must be my XP configuration.
I guess there are latest wireless network security news, analysis and research from Network World and featured products and services from trusted WLAN Security vendors.. Just searching some site for more information.
_________________
Security Systems (http://www.protectyourhome.com)
If you have to route ethernet cable through noisy places, use CAT6, 4 twisted pairs with a hard nylon former to accurately space them and it has a far greater level of noise rejection than earlier CAT5 and 5e.
As far as radio links go, if you can get at both ends of it, roll your own encryption with something fast. On the rare occasion I need to encrypt something I use a random pad at both ends with a crude but fast XOR algo. If you maintain unique pads it cannot be broken and even if you reuse the same pad over time they would have massive problems getting a big enough sample to break it. Its worth using a simple fast encryption before and after a pad to cover up the odd character that is XORRED against a zero or itself.