To add comments or start new threads please go to the full version of: Protecting your home network
PhysOrgForum Science, Physics and Technology Discussion Forums > PhysOrg WebLog > PhysOrg WebLog

readnji
1st November 2005 - 09:51 AM
The wireless revolution has brought wireless networks everywhere. Within the last two years, this technology has out paced old-fashioned, tethering wired networks as the method of choice for connecting computers at home. Jupiter Research, an American consultancy says there"s now over 12 million wireless home networks floating around America. Protecting these networks has become consumers concern and interest.

Despite all the publicity surrounding wireless insecurity, experts still believe many home wireless networks are left casually insecure like this, with people unknowingly sending their data up and down the block all day long. There’s now much you can do to severely decrease the odds that you’ll be snooped. Here is how to protect your home network from hackers:

Each wireless device has a name, called a Service Set Identifier, or SSID. Any device that tries to hop onto the wireless party line must know this name. Turn off the broadcast SSID function and you’ve won 25 percent of the battle. It means a hacker will have to guess your network’s name to get in.

Change your name. Now, make guessing that name much harder — change it. Wireless network vendors ship their products with SSID names set to obvious defaults. Take another moment to change the default, and you’re halfway there. If you change your SSID every few months, you’re more than half way home.

Scramble your data. All new devices have an option to scramble the data using an encryption tool called WPA, or the newest standard WPA2. Scrambling prevents hackers from interrupting on your network to use your bandwidth for some casual Web surfing. If you’re telecommuting to an office, you need know about Virtual Private Networks, or VPN. A VPN creates a digital “tunnel” between your backyard laptop and your office. It’s essentially a special piece of software that’s used to log on to the office network.
Matty
1st November 2005 - 12:53 PM
Great tips! I'll have to put them to use sometime. I've been getting the feeling someone is using my home's wireless network.
GeneSplicer
1st November 2005 - 02:58 PM
Turning off your SSID may not be advisable depending on what wireless card you have. After SP2, some manufacturers rely on MS wireless manger which does not recognize non-broadcasting SSID access points.

The best way to limit who gains access to your wireless is to enable MAC filtering. Simply put for those not in the know, every network card has a unique MAC address and you can find out what it is by using the command “ipconfig /all” (for Windows systems). It will be listed as physical address and look like “00-00-00-fd-56-66-75”. Take that number, go into your administration of your wireless router, enable MAC filtering and enter the MAC addresses of those cards you wish to have access.

Just keep in mind, no network is absolutely secure.
Guest_David
4th November 2005 - 08:29 AM
MAC filtering on the surface appears to be a good way to limit access. However, anyone who wants to access the network and uses a sniffer, can read and spoof the MAC address.

A better way to limit access is the new technology Intel is developing. It will detect response time for replies to determine how far away the attached system is. Once (if) this is implemented, just tune your AP, and unless you're going from the basement to the top of the third floor, it should keep anyone on the street from accessing your network, although perhaps not your neighbor in the adjoining townhouse or condo.
PhineasFreak
5th November 2005 - 02:31 AM
I also vote for MAC filtering like GeneSplicer said.

MAC filtering is used in the latest Cisco wireless gear in conjunction with their rogue blocking system which can shut off APs on Wirless cards which are not on the MAC list (when using MAC filtering).

If you have MAC filtering is enough to protect you from 99.9999% of intrusion attacks.
SPW
5th November 2005 - 08:40 PM
Personally, I think the best bet to secure a wireless network is to enable pass phrase authentication of some sort. Use a very long string random of characters. Something like a 30 (or more) character string with upper and lower case letters and numbers and a few of the characters repeating would be almost impossible to guess; therefore, no one could break into your network. This gets around the problem of sniffing the MAC address. Also, using 128-bit encryption is a very good idea, too. The two of these combined, especially the "very long string of random characters," will make the WAP almost impossible to crack. By almost impossible, I mean that it would potentially take either years of standard computer time or a supercomputer to guess the string. Make sure, though, that you accurately record that string somewhere or you may not be able to access your own network.
kumar
22nd November 2005 - 08:59 PM
I would like to find out (from a developer perspective) how to detect a specific non-Broadcasting SSID and then to automatically connect to it. When an AP sends out a 'signal' within it, is the SSID. How does a sniffer tool like say Netstumbler detect a non-Broadcasting SSID?

Thanks in advance to anyone who can help.

Kumar
PhysOrg scientific forums are totally dedicated to science, physics, and technology. Besides topical forums such as nanotechnology, quantum physics, silicon and III-V technology, applied physics, materials, space and others, you can also join our news and publications discussions. We also provide an off-topic forum category. If you need specific help on a scientific problem or have a question related to physics or technology, visit the PhysOrg Forums. Here you’ll find experts from various fields online every day.
To quit out of "lo-fi" mode and return to the regular forums, please click here.
©PhysOrg.com - physics and technology news - Version for PDAs