Wireless security- have I done enough?

I've set up my wireless router so that it knows the Mac address of the
computers it can speak to.

Is this enough security or what other security should I set up?

Wallace

"Wallace" <> schreef in bericht
news:m8vBk.65399$2...
> I've set up my wireless router so that it knows the Mac address of the
> computers it can speak to.
>
> Is this enough security or what other security should I set up?


No. Implement WPA psk encoding and IP filters.



--
regards,

|\ /|
| \/ |@rk
\../
\/os

Linea Recta

Wallace wrote:
> I've set up my wireless router so that it knows the Mac address of the
> computers it can speak to.
>
> Is this enough security or what other security should I set up?
>
>
At least setup WPA-PSK encryption. WEP if you can't get WPA in your
hardware, at least WEP keeps the honest man honest.

Big_Al

Hi
When there is No encryption Wireless basic info is transmitted in clear
text.
People who want to get to your system and know a little about Wireless can
sniff the traffic and find the allowed Mac and log to your Network in a
matter of minutes.
From the weakest to the strongest, Wireless security capacity is.
No Security
MAC______(Band Aid if nothing else is available).
WEP64____(Easy, to "Break" by knowledgeable people).
WEP128___(A little Harder, but "Hackable" too).
WPA-PSK__(Very Hard to Break).
WPA-AES__(Not functionally Breakable)
WPA2____ (Not functionally Breakable).
Note 1: WPA-AES the the current entry level rendition of WPA2.
Note 2: If you use WinXP and did not updated it you would have to download
the WPA2 patch from Microsoft. http://support.microsoft.com/kb/893357
The documentation of your Wireless devices (Wireless Router, and Wireless
Computer's Card) should state the type of security that is available with
your Wireless hardware.
All devices MUST be set to the same security level using the same pass
phrase.
Therefore the security must be set according what ever is the best possible
of one of the Wireless devices.
I.e. even if most of your system might be capable to be configured to the
max. with WPA2, but one device is only capable to be configured to max . of
WEP, to whole system must be configured to WEP.
If you need more good security and one device (like a Wireless card that can
do WEP only) is holding better security for the whole Network, replace the
device with a better one.
Setting Wireless Security - http://www.ezlan.net/Wireless_Security.html
The Core differences between WEP, WPA, and WPA2 -
http://www.ezlan.net/wpa_wep.html
Jack (MVP-Networking).

"Wallace" <> wrote in message
news:m8vBk.65399$2...
> I've set up my wireless router so that it knows the Mac address of the
> computers it can speak to.
>
> Is this enough security or what other security should I set up?
>

Jack \(MVP-Networking\).

Jack--are you saying if that if we have sp3 installed it would not be
necessary to download this patch?
Confusing stuff here-sorry!


"Jack (MVP-Networking)." <> wrote in message
news:...
> Hi
> When there is No encryption Wireless basic info is transmitted in clear
> text.
> People who want to get to your system and know a little about Wireless can
> sniff the traffic and find the allowed Mac and log to your Network in a
> matter of minutes.
> From the weakest to the strongest, Wireless security capacity is.
> No Security
> MAC______(Band Aid if nothing else is available).
> WEP64____(Easy, to "Break" by knowledgeable people).
> WEP128___(A little Harder, but "Hackable" too).
> WPA-PSK__(Very Hard to Break).
> WPA-AES__(Not functionally Breakable)
> WPA2____ (Not functionally Breakable).
> Note 1: WPA-AES the the current entry level rendition of WPA2.
> Note 2: If you use WinXP and did not updated it you would have to download
> the WPA2 patch from Microsoft. http://support.microsoft.com/kb/893357
> The documentation of your Wireless devices (Wireless Router, and Wireless
> Computer's Card) should state the type of security that is available with
> your Wireless hardware.
> All devices MUST be set to the same security level using the same pass
> phrase.
> Therefore the security must be set according what ever is the best
> possible of one of the Wireless devices.
> I.e. even if most of your system might be capable to be configured to the
> max. with WPA2, but one device is only capable to be configured to max .
> of WEP, to whole system must be configured to WEP.
> If you need more good security and one device (like a Wireless card that
> can do WEP only) is holding better security for the whole Network, replace
> the device with a better one.
> Setting Wireless Security - http://www.ezlan.net/Wireless_Security.html
> The Core differences between WEP, WPA, and WPA2 -
> http://www.ezlan.net/wpa_wep.html
> Jack (MVP-Networking).
>
> "Wallace" <> wrote in message
> news:m8vBk.65399$2...
>> I've set up my wireless router so that it knows the Mac address of the
>> computers it can speak to.
>>
>> Is this enough security or what other security should I set up?
>>
>

mrhangster

You keep these responses in a notepad or something don't you!!!
I've seen this over and over, mostly because it comes up over and over.

Big_Al

On Sep 21, 7:58*pm, "mrhangster" <hangst...@charter.net> wrote:
> Jack--are you saying if that if we have sp3 installed it would not be
> necessary to download this patch?
> Confusing stuff here-sorry!
>
> "Jack (MVP-Networking)." <j...@discussiongroup.com> wrote in message
>
> news:...
>
>
>
> > Hi
> > When there is No encryption Wireless basic info is transmitted in clear
> > text.
> > People who want to get to your system and know a little about Wireless can
> > sniff the traffic and find the allowed Mac and log to your Network in a
> > matter of minutes.
> > From the weakest to the strongest, Wireless security capacity is.
> > No Security
> > MAC______(Band Aid if nothing else is available).
> > WEP64____(Easy, to "Break" by knowledgeable people).
> > WEP128___(A little Harder, but "Hackable" too).
> > WPA-PSK__(Very Hard to Break).
> > WPA-AES__(Not functionally Breakable)
> > WPA2____ (Not functionally Breakable).
> > Note 1: WPA-AES the the current entry level rendition of WPA2.
> > Note 2: If you use WinXP and did not updated it you would have to download
> > the WPA2 patch from Microsoft.http://support.microsoft.com/kb/893357
> > The documentation of your Wireless devices (Wireless Router, and Wireless
> > Computer's Card) should state the type of security that is available with
> > your Wireless hardware.
> > All devices MUST be set to the same security level using the same pass
> > phrase.
> > Therefore the security must be set according what ever is the best
> > possible of one of the Wireless devices.
> > I.e. even if most of your system might be capable to be configured to the
> > max. with WPA2, but one device is only capable to be configured to max ..
> > of WEP, to whole system must be configured to WEP.
> > If you need more good security and one device (like a Wireless card that
> > can do WEP only) is holding better security for the whole Network, replace
> > the device with a better one.
> > Setting Wireless Security -http://www.ezlan.net/Wireless_Security.html
> > The Core differences between WEP, WPA, and WPA2 -
> >http://www.ezlan.net/wpa_wep.html
> > Jack (MVP-Networking).
>
> > "Wallace" <nos...@nospam.com> wrote in message
> >news:m8vBk.65399$2...
> >> I've set up my wireless router so that it knows the Mac address of the
> >> computers it can speak to.
>
> >> Is this enough security or what other security should I set up?- Hide quoted text -
>
> - Show quoted text -

The WPA2 patch is post SP2 only. You will need it only for when you
do not want / plan to install SP3.

smlunatick

"smlunatick" <> wrote in message
news:1f8d9d68-229c-47a3-95e4-...
> On Sep 21, 7:58 pm, "mrhangster" <hangst...@charter.net> wrote:
>> Jack--are you saying if that if we have sp3 installed it would not be
>> necessary to download this patch?
>> Confusing stuff here-sorry!
>>
>> "Jack (MVP-Networking)." <j...@discussiongroup.com> wrote in message
>>
>> news:...
>>
>>
>>
>> > Hi
>> > When there is No encryption Wireless basic info is transmitted in clear
>> > text.
>> > People who want to get to your system and know a little about Wireless
>> > can
>> > sniff the traffic and find the allowed Mac and log to your Network in a
>> > matter of minutes.
>> > From the weakest to the strongest, Wireless security capacity is.
>> > No Security
>> > MAC______(Band Aid if nothing else is available).
>> > WEP64____(Easy, to "Break" by knowledgeable people).
>> > WEP128___(A little Harder, but "Hackable" too).
>> > WPA-PSK__(Very Hard to Break).
>> > WPA-AES__(Not functionally Breakable)
>> > WPA2____ (Not functionally Breakable).
>> > Note 1: WPA-AES the the current entry level rendition of WPA2.
>> > Note 2: If you use WinXP and did not updated it you would have to
>> > download
>> > the WPA2 patch from Microsoft.http://support.microsoft.com/kb/893357
>> > The documentation of your Wireless devices (Wireless Router, and
>> > Wireless
>> > Computer's Card) should state the type of security that is available
>> > with
>> > your Wireless hardware.
>> > All devices MUST be set to the same security level using the same pass
>> > phrase.
>> > Therefore the security must be set according what ever is the best
>> > possible of one of the Wireless devices.
>> > I.e. even if most of your system might be capable to be configured to
>> > the
>> > max. with WPA2, but one device is only capable to be configured to max
>> > .
>> > of WEP, to whole system must be configured to WEP.
>> > If you need more good security and one device (like a Wireless card
>> > that
>> > can do WEP only) is holding better security for the whole Network,
>> > replace
>> > the device with a better one.
>> > Setting Wireless Security -http://www.ezlan.net/Wireless_Security.html
>> > The Core differences between WEP, WPA, and WPA2 -
>> >http://www.ezlan.net/wpa_wep.html
>> > Jack (MVP-Networking).
>>
>> > "Wallace" <nos...@nospam.com> wrote in message
>> >news:m8vBk.65399$2...
>> >> I've set up my wireless router so that it knows the Mac address of the
>> >> computers it can speak to.
>>
>> >> Is this enough security or what other security should I set up?- Hide
>> >> quoted text -
>>
>> - Show quoted text -
>
> The WPA2 patch is post SP2 only. You will need it only for when you
> do not want / plan to install SP3.

thankyou smlunatick- I thought that was what was being said.

mrhangster

[MarkSatterfield]

Hi,

It seems that most of these responses have concentrated on the wireless link, specifically protecting the data transmitted on the wireless, and protecting against someone squatting on the wireless connection.

In my opinion:

* It would be beneficial to harden your computer with a firewall (Zone Alarm is free for personal use). This prevents breaking into your computer and pilfering data. The stuff transmitted over the airwaves is being injected into the public Internet anyway, so someone could theoretically pick the data up -- i.e., don't transmit critical information unless you are protected end-to-end, possibly with https.
* It would be beneficial to assign an administration password to the actual router, to reduce the opportunity of someone logging into your router as the administrator. For example, this would prevent someone from changing the firmware on the router.

Also, purely my opinion, unless this is an absolutely positively critical path system, turn off WPA, et al, so your neighbors can share your $15/month wireless connection from their pool.

--Mark

http://www.marksatterfield.com

MarkSatterfield