Wireless Network Security

Discussion in 'Computers' started by Al.Anderson, Jan 4, 2006.

  1. Al.Anderson

    Al.Anderson Cinematographer

    Joined:
    Jul 2, 2002
    Messages:
    2,579
    Likes Received:
    78
    Real Name:
    Al
    I'm not very knowledgeable about wireless networking - I can plug the stuff together, that's pretty much it - so I apologise if this is very basic.

    I turned off the wireless part of my router because I'm paranoid. But now I have a PSP and I want to muck around. It seems that the PSP doesn't support WEP. I was thinking of using an open connection but limiting the MAC address to that of my PSP.

    The question is, how secure is that, can MAC addresses be faked? Or is there a better option?

    (I know the question is generated by the PSP; but I thought the issue was general enough to put in the Computers section.)
     
  2. SethH

    SethH Cinematographer

    Joined:
    Dec 17, 2003
    Messages:
    2,867
    Likes Received:
    0
    MAC address filtering is good -- but MAC addresses can be cloned, as you suspected. A quick google search tells me that the PSP can be configured with WEP, but not with WPA which has many people pissed off. If you enable WEP and MAC filtering you should be reasonably safe unless you have extremely sensitive files on your network or unless you know you have a hacker teenager living next door that is going to spend some time trying to get into your network.

    The truth is that WEP can be broken using widely available software in about 30 minutes. The MAC address filtering may add another half hour or so. BUT, there are so many unsecured networks out there that few people will take the time to break in unless they're specifically targeting you.
     
  3. Joseph DeMartino

    Joseph DeMartino Lead Actor

    Joined:
    Jun 30, 1997
    Messages:
    8,311
    Likes Received:
    13
    Location:
    Florida
    Real Name:
    Joseph DeMartino
    Exactly. Don't broadcast your network's ID, use the highest security level supported by the least secure item on your network, use MAC address filtering, encrypt your files or don't make your computer drives sharable at all (if you're just doing this for a game console that shouldn't be a problem) and then hope someone else in your area has a less secure network. Same theory as home security systems. None of them will keep you 100% safe, because there is no such thing as 100% safe. But a good one will discourage thieves by making your house too much of a chore to break into. [​IMG]

    Regards,

    Joe
     
  4. Tekara

    Tekara Supporting Actor

    Joined:
    Jan 8, 2003
    Messages:
    783
    Likes Received:
    0
    What I'd probably do is seperate the PSP from the rest of the network, have it connect through it's own router (have two routers, the wifi router for the psp and the main router for the rest.) and then tighten that router down like a vice, block any and everyport that's not needed even consider bandwidth restrictions (if doable on your router). That way even if someone connects to your wifi router about all they can do is play some psp games [​IMG].

    But honestly, for about a year the only security I kept on a psuedo-public AP was to just turn the ssid off and never had any unauthorized access (logged connects). It's pretty doubtful that a master hacker lives next door to you and even if he did as long as your security is better than your neighbors he'll go to them, kinda like thieves and cars.
     
  5. Scott Merryfield

    Scott Merryfield Executive Producer

    Joined:
    Dec 16, 1998
    Messages:
    12,046
    Likes Received:
    922
    Location:
    Michigan
    As an added security measure, you could also run a software-based firewall on your PC in case someone does break into your wireless LAN. I still run ZoneAlarm on both PC's on our home network despite having an external firewall/router.
     
  6. SethH

    SethH Cinematographer

    Joined:
    Dec 17, 2003
    Messages:
    2,867
    Likes Received:
    0
    The idea of using two routers is actually a pretty good idea. From you current setup you would just purchase an additional wired router. You would run a cable from one port on your current router to the WAN port on your new router and connect your computers to the new router. That would probably give you the most security possible in your situation . . . but it may be overkill for you as well.
     
  7. Scott Merryfield

    Scott Merryfield Executive Producer

    Joined:
    Dec 16, 1998
    Messages:
    12,046
    Likes Received:
    922
    Location:
    Michigan

    This is a pretty common technique in the corporate world -- we run a dual firewall configuration on our network with a DMZ (de-militarized zone) in between where I work. As you said, Seth, it's probably overkill for home networks, but running a free software firewall on your PC accomplishes mostly the same thing and only costs some PC resources. I prefer ZoneAlarm over Windows XP's built-in firewall because it also informs me whenever a new application on my PC attempts outbound access to the Internet. It's another way to catch viruses and spyware.
     
  8. Al.Anderson

    Al.Anderson Cinematographer

    Joined:
    Jul 2, 2002
    Messages:
    2,579
    Likes Received:
    78
    Real Name:
    Al
    A great batch of info - thanks all!

    My big mistake was confusing WEP and WPA. (My only excuse is that the manual for the PSP is about 3/4 of an inch thick, so my eyes were glazing over.)

    The dual router option is very slick, I think I'll do that. I don't really need it, but routers are pretty cheap, so what the heck.
     

Share This Page