Ov3rKiLL

hey im new to wireless and when i get comcast next week im going to get w wireless connection. my first question is when i buy the wireless router and card for my pc. will i just need to buy another card for my dad? or will i have to buy another router and card just for his comp? and the second questions is how do i secure my wireless connection so nobody can see what me and my dad are sharing.

Peetster

I'll answer your second question first. You can't.

The wireless algorithms are based on WEP. The manufacturer will tell you it is "128 bit secure", however that is a public key based on a public algorithm that has been exploited to death. Programs like WEPSnort are designed to sample enough data to masquerade as any authorized device on your network. Yes, that means read your mail, access your resources, pretend to be you, etc.

Having said that, if you have a wireless hub or router, you can just get a card for your Dad. It's pretty easy to set up. It's just as easy to exploit.

One caviat; The effective radius of transmition is pretty small, so if you live on a larger property where folks can't physically get to your radio signal, you're in better shape.

Ov3rKiLL

if i get wireless will i still be able to get good high speeds when im downloading from net? will i get the same speeds as if i was wired connection?

gariig

You really shouldn't notice a difference for downloading. If you transfer large files across your network that is when the difference will show.

Also, don't have the Access Point broadcast it's name..that will help on people trying to access it. Also, mine has an option to only allow certain MAC addresses(that's the name of your network card) to use the AP. That means they need to figure out your MAC address on top of AP name.

Don't think your network is Fort Knox, you kind of locked the front door and put barbed wire aroung your house. If someone wanted in they will, but more then likely your average script kiddie will not bother to break in.

Gariig

R_one

Thanks for bringing this up. I'm about to do the same thing with mine and my girls computer. One thing I've heard though is if you use a 2.4gHz cordless phone, it could interupt the connection of your network. I'd be chatting with a buddy of mine on messenger and suddenly he'd always log off = his phone was ringing.

oberon

Yes, using a 2.4GHz phone will mess with 802.11b or 802.11g wireless networks. Use good old 900MHz cordless phones instead, if you have to use cordless phones...

__________________
"There are finer fish in the sea than have ever been caught." -- Irish proverb

Dilbert1234567

ok you need one wireless router and as many wireless cards as you have compiuters. and yes you can secure your net work.

i know next to nothing about wireless but here is what i do know.

you can set the router to only accept connections from specific cards cards, ie it reads the MAC address of teh card and only allows comunicatiosn from that card. this will stop people from joining your network. but not from snoping. all the trafic is across the air so any one cna pic it up and 'watch what you are doing' they can reconstruct the webpages you are looking at, the files you transfer...

only when you encrpyt the data across the network are you secure.

__________________
Donate Blood!

"Love is not finding the perfect person, but learning to see an imperfect person perfectly." -Sam Keen

Peetster

Right up until I read your MAC address, in plain unencrypted binary, on the header of each broadcast packet. No doubt the easiest scenario of all to exploit.

Ov3rKiLL

well guys its been good to get help from you peeps. thats what ill do ill assing man adresses. is that easy by the way? and i have a 2.4ghz so what ill do is that ill just disconnect that piece of crap and connect the one that is a free hands phone that has an earpiece. well this is the wireless router and card im planning on getting can soembody rate this.
http://www.bestbuy.com/site/olspage....7&type=product <--- router
http://www.bestbuy.com/site/olspage....oryId=cat01031 <--- card
do you guys think this is good? and if this is not in the store can you guys find me a substitute in best buy please cause my dad doesnt like ordering from the net.thanx again my freinds

charliex

Get a combo that supports WPA, though WPA has been compromised, its currently a lot tougher than hacking a WEP ( which takes about a day or two generally )

A lot of recent devices can get WPA with a firmware upgrade

muckluck

I have never had troubles with my 802.11b connection and my 2.4 ghz phone, maybe i was lucky. Also, with previous experiences (hope i spelt that right) its not that big of a speed differences, just if your transferring big files from one pc in the lan to another I'd go wired temporarily. One other thing, I had great experiences with D-link.

__________________

charliex

you were lucky in that some phones don't frequency hop constantly looking for a better channel, this is usually what does the most damage.

yotta

WPA is fine, but you need to use a long password.

The WPA exploit involves capturing some data as it passes in the air, then running a password cracker against it offline. A 20 character passphrase isn't feasable to crack.

__________________
I am Jack's signature.

Mephisto2

That's simply not true.

It is entirely possible to secure a WLAN so it's impossible to crack by using a VPN overlay.

Having said that, most "home users" would not have the experience (or in fact the need) to do this.

To secure your WLAN for home use, follow these simple steps.


1) Buy an Access Point that supports WPA
This introduces key management system and TKIP (Temporal Key Integrity Protocol), which effectively "rehashes" each packet. Without getting too technical, this makes it much more difficult to carry out the normal "Airsnort" or Flueher style attacks. Make sure to use a decent length key-phrase though.
Check this link for WPA certified Access Points: http://www.wifialliance.org/OpenSect...ucts.asp?TID=2


2) Change the default SSID
The SSID is like a network name. It's very important that you change it from the default, as otherwise hackers could "guess" what it is. This is critical. All APs will come with a standard "out of the box" SSID (typhoon for Cisco, Linksys for Linksys boxes etc). Change this to something that is personal to you; your nickname, favourit band... whatever. Just make sure you change it.

3) Turn off SSID Broadcast
Most Access Points "broadcast" their SSID to make associating with the AP easier. This is fine if you want visitors to use your WLAN or are running a public hotspot, but not a great idea if you only want a personal home WLAN. You will know what your SSID is anyway, and can configure your laptops and PCs accordingly. Therefore, turn SSID broadcast off.

4) Turn down your transmit power
Many people erroneously think the stronger the signal, the better. Think about it for a second. You don't want to go transmitting your WLAN across the street, or around the neighbourhood, do you? Turn it down as much as possible, whilst obviously maintaining coverage in the room(s) you need.

5 Enable MAC filtering
This is a feature (in many APs) that allow you to restrict what computers associate (ie "link") with your Access Point. It may be a slight pain in the ass, but it's worth it. You will obviously need to ascertain the MAC addresses of your computers, but this should be easy enough. If the AP supports this feature then you can enter these MAC addresses and configure the Access Point to [i]only[/] allow these to associate. After all, as I said above, you only want your computers using your WLAN, right?


Following these five simple steps will secure your WLAN against all but the most obsessive hackers. Home WLANs generally attract what are called "opportunistic hacking attempts"; no one is going to sit outside your window for hours on end, trying to capture packets for an offline WEP attack and then come back to spy on your Doom3 games.

Even a minimum level of security will mitigate the vast majority of attacks. If you follow all the 5 steps above, you will address even more professional or dedicated hackers. I strongly doubt your security will be compromised.

Buying a WPA certified AP is the recommended minimum. If you can't stretch for that extra cash, make sure you at least enable a 128bit WEP key (preferably longer, but this is not standard) and change it regularly. I would buy a WPA access point myself though...

Finally, feel free to check out the Wireless Networking 101 thread I posted a couple of months back. You can find that here: http://www.tfproject.org/tfp/showthr...threadid=20727


If you have any more questions on WLAN networking, feel free to ping me. I work in this area and shall most likely be able to assist.

Mr Mephisto

f00sion

great info mephisto! thanks.

__________________
Tell me what we’re fighting for— I don’t remember anymore, only temporary reprieve.
And the world might cease if we fail to tame the beast;
from the faith that you release comes an atheist peace.