Lets talk Wireless security (1 Viewer)

[Sam Posten]

I currently have a Linksys WRT54G and the first thing i did was log in to it and disable all wireless cause I didnt need it and I needed freeloaders and haxors like I needed a hole in the head.

Today I have a PSP with built in wireless and no wired option.

So I'd like to (safely) enable wireless. I know not to bother with WEP as it can be broken easily and my plan was to lock the wireless to a single MAC address but now I read that that is totally useless too.

So, that leaves WPA, which I know almost zero about. Any pointers or info as I decide how to configure this would be surely appreciated. I guess the thing that worries me most is trying to put a monster long key in to the PSP with no keyboard.

 

[Greg*go]

The PSP doesn't support WPA.

WEP is better then nothing. Although it can be hacked, it is A LOT easier for a hacker to just use your next door neighbor's unsecure connection.

I was in my car a couple of months ago with a laptop, and I found 32 wireless networks within the 2 miles I drove, 23 of them were unsecure.

 

[Mike_J_Potter]

Agreed also turn off broadcast on the wireless also. The causual wardriver or hacker won't be able to pick it up even. Judging from most areas they will go for one of your neighbors unconfigured and unsecure waps before yours. (I have wide open linksys routers that I can get standing in my parking lot) Though with a sniffing program such as kismet or airsnort will quickly pick it up. Even wpa isn't too secure since it can be cracked by brute force but still better then wep, which in a recent demo by the fbi wep was broken in under 5 minutes using free easily located tools and a laptop. Though it takes allot of packets even then.

 

[Ted Lee]

this is a good starting point.

http://www.linksys.com/edu/page10.asp

 

[Sam Posten]

Thanks guys. I found out about the no WPA almost immediately and fired up WEP with an dictionary proof key and turned off SSID broadcast.

Sam

 

[Andrew_A_Paul]

I would think that WEP and MAC filtering would be fine. Obviously change the loggin password, disable the SSID, set it so only one IP address is being handed out (for a single device), allow only trusted MAC address (just the one you need). The other bit security point that you have in your favor is that no one will care enough to bother with messing with it.

Also, just because WEP and MAC are not all that hard to break does not mean that someone will go to the trouble of doing it.

 

[Mike_J_Potter]

I agree, I have tried wpa out and for some reason it drops connection on large transfers, like copying a 600+ meg file from my server to the laptop. I am not too worried I changed it back to wep now. Just to get the wireless sniffer and wep cracker working even off a bootable cd distro of linux is a bit tricky so the average joe probably won't even have the capability to attempt it. Or like anyone else walk 50ft from my house and access the 4 wide open linksys waps in my area.

 

[Chad_]

Their are threads out there on other sites about the WRT54G having issues transferring large files (dropping the connection and needing to be re-set). Apparantly Linksys is aware of the issue and is trying to resolve it. There are a LOT of unhappy Linksys customers out there because of it, so if you have a WRT54G that is capable to transferring large files between machines without issue - enjoy it

I just bought one late last week but haven't set it up yet - but when I found those threads on the large file transfer issue... I'm just praying mine works fine!

 

[SethH]

I agree with this, but it's also getting easier. Airsnort is actually available for Windows now, although the author admits it has tons of bugs. It's also not extremely easy to install, but the Windows availability opens things up to many more people.