I'm a WiFi Newbie.... Please help! - Page 2 - Calgarypuck Forums - The Unofficial Calgary Flames Fan Community

Bobblehead · 08-24-2006, 07:58 PM

Quote:

Originally Posted by flame^thrower

I also use the mac filter so even if someone is using a network finder and can see it they wont be able to get an ip address.

Lots of ways you can change/clone your MAC address. All these things are kind of like those little suitcase locks - yeah, they lock, but it is so simple to break it isn't even really worth it.

As Shazam said, use WPA if it is available. (WEP isn't that bad either, as long as you make the key as long as possible and random. But it is far easier to break than WPA)

flame^thrower · 08-24-2006, 08:25 PM

Quote:

Originally Posted by Bobblehead

Lots of ways you can change/clone your MAC address. All these things are kind of like those little suitcase locks - yeah, they lock, but it is so simple to break it isn't even really worth it.

As Shazam said, use WPA if it is available. (WEP isn't that bad either, as long as you make the key as long as possible and random. But it is far easier to break than WPA)

Interesting .. I am not sure how they would clone the mac addresses of my pc's and laptops, especially since you need an ip to login to even get to the point to see them! It only hands an ip address to the mac addresses I specify. It also discards any pings from the outside world. I also use https to login to it and can't login to it from the external ip. Seems ok to me so far! That may be going a bit far and I have definitely considered trying the WAP thing as I am pretty sure my router supports it. Have been to lazy to reconfigure it tho

.

Shazam · 08-24-2006, 09:04 PM

Quote:

Originally Posted by flame^thrower

Interesting .. I am not sure how they would clone the mac addresses of my pc's and laptops, especially since you need an ip to login to even get to the point to see them! It only hands an ip address to the mac addresses I specify. It also discards any pings from the outside world. I also use https to login to it and can't login to it from the external ip. Seems ok to me so far! That may be going a bit far and I have definitely considered trying the WAP thing as I am pretty sure my router supports it. Have been to lazy to reconfigure it tho

.

Cloning a MAC address takes about one second. They just sniff your traffic, crack your WEP password (takes about 10 seconds), and then look at the network traffic for a MAC address. Done.

There shouldn't be anything you have to do to change to WPA. Just change the encryption type to WPA

flame^thrower · 08-24-2006, 09:09 PM

Quote:

Originally Posted by Shazam

Cloning a MAC address takes about one second. They just sniff your traffic, crack your WEP password (takes about 10 seconds), and then look at the network traffic for a MAC address. Done.

There shouldn't be anything you have to do to change to WPA. Just change the encryption type to WPA

Thanks for the heads up .. I work in techsupport too .. maybe thats what being supervisor has done

. LOL I have never had any issues at least but dont really live in an area that is full of geniuses.

Shazam · 08-24-2006, 09:11 PM

When I'm bored, sometimes I'll log into the unsecured networks around me, and turn off their wireless connection. Har har.

Buff · 08-24-2006, 09:20 PM

Quote:

Originally Posted by HockeyPuck

Thanks Tron!

Would having a firewall prevent someone from hacking into my computer if I was on their network?

Yes, it will protect you from the majority of people. There are people who can find a way into your computer, but they probably don't have a reason to do so, unless you've given them one.

Get a router. It will act as your firewall and you don't need to buy or d/l a software firewall solution. If you have xp you can keep the firewall turned on, it won't hurt you much, but having a software solution that you install can help to slow down your computer. Most people will just install stuff and not realize what is starting up when their computers starts up. Many people will have their virus scanner, a firewall, their camera and printer software, quicktime, maybe even real player, adobe and office "quickstarts", and what ever other software came packaged with their computer. It can really slow a computer down... but now I'm taking on a different tangent here.

Basically, get a router, and make sure your computer is setup "behind" it. Just use windows firewall, and even that isn't really needed, it is just a helpful precaution to protect your computer from yourself (assuming you don't allow everything to get out to the internet).

flame^thrower · 08-24-2006, 09:58 PM

I use my router as a firewall and I also use Zone Alarm Pro for wireless. I have never had a problem and almost never get viruses. Unless of course I download them, but have always been able to get them cleaned before they do any damage.

flame^thrower · 08-24-2006, 10:00 PM

A friend of mine here in Vancouver used a wireless pc card with an antenna on it in the downtown area and found 119 unsecure wireless networks. This card gave a range of about 5000 feet I beleive but goes to show how many there are in a small area. Also worthy of note on that is the fact that many are public hotspots that would require you go through a portal page and sign up.

Shazam · 08-24-2006, 11:28 PM

I was downtown one day and decided to do a scan for wireless networks (7th Ave and 8th St SW, in the Jean-Michele parking lot). One of the networks was called "Duh, what's security?"

ken0042 · 08-25-2006, 07:07 AM

Quote:

Originally Posted by Shazam

One of the networks was called "Duh, what's security?"

I had to come into work on a Sunday and wanted access to my football pool so I brought in my laptop. One of the wireless networks was called "U been hacked."

But Shazam, while I do agree that WPA is the way to go; for most people adding at least some sort of security would be better than none at all. If for no reason other than keeping a lot of people from using your network. I know at my buddy's house there's about 8 networks within range; and I just don't even bother with any with even the smallest amount of security as there's still an easier one out there.

nfotiu · 08-25-2006, 08:50 AM

I've left mine wide open for a couple years now with no issues. I've set the password on my router and that is it. I don't mind the occasional person using it, if they need to. It makes it easier for the guests, or my wife, or my wife's loaner computer, or whatever. I watch my logs, to see if anyone is logging in, and haven't seen much activity.

If you are worried about your traffic being unencrypted wirelessly, you sure as hell shouldn't be sending it to the internet uncencrypted. I don't see the point of encrypting data, unless you are transferring between local computers. Our computers are secure and most of them are usually vpn'd anyway.

I appreciate others who leave their's open, and I'll leave mine that way too until it causes problems.

Robbob · 08-25-2006, 10:29 AM

How do you check your logs to see if anybody is piggy backing?

Shazam · 08-25-2006, 10:51 AM

Quote:

Originally Posted by Robbob

How do you check your logs to see if anybody is piggy backing?

Look at your router logs. See how many clients were given IP addresses. If there's more clients than you have computers, someone else has been using your network

Quote:

Originally Posted by ken0042

But Shazam, while I do agree that WPA is the way to go; for most people adding at least some sort of security would be better than none at all.

Oh yes. Thing is, it's no more effort to set up WPA than WEP. And setting up WPA is better and easier that all that other rigamarole. So might as well use WPA.

Coelah · 08-25-2006, 01:50 PM

Quote:

Originally Posted by Bobblehead

Sure it will. Turn on your windows firewall and they won't get into your machine unless you've opened ports to your machine.

Yeah. My mistake. I was thinking about 2 comps networked together.

gottabekd · 08-25-2006, 07:38 PM

Quote:

Originally Posted by nfotiu

If you are worried about your traffic being unencrypted wirelessly, you sure as hell shouldn't be sending it to the internet uncencrypted. I don't see the point of encrypting data, unless you are transferring between local computers. Our computers are secure and most of them are usually vpn'd anyway.

While it is true that anything sent out on the Internet can possibly be tapped into by others (which is why we have TLS/SSL), I think there is a substantial risk with unencrypted wireless traffic because they don't need physical access to the line. Also, IF someone was really interested in your network activity, it might be a neighbour. Some guy sniffing out your packets at some random hop in the Internet might not have as much interest in YOUR packets.

Of course, it is maybe being a little paranoid. How many people have neighbours who really want to sniff your packets? Very few. If you live in Suburbia, I wouldn't worry too much. If you live in high density residential, I'd worry. Also, any office/commercial networks I wouldn't trust WEP. You just never know who may be downstairs and interested in your business.

nfotiu · 08-25-2006, 08:22 PM

Quote:

Originally Posted by gottabekd

While it is true that anything sent out on the Internet can possibly be tapped into by others (which is why we have TLS/SSL), I think there is a substantial risk with unencrypted wireless traffic because they don't need physical access to the line. Also, IF someone was really interested in your network activity, it might be a neighbour. Some guy sniffing out your packets at some random hop in the Internet might not have as much interest in YOUR packets.

It your internet is through cable, I believe all your packets pass through your neighbours cable as well. I believe it is quite easy to sniff your neighbour's traffic.