using wireless internet without security

Discussion in 'Computer Security' started by Erik, Dec 8, 2006.

  1. Erik

    Erik Guest

    Some families in my neighbourhood are using wireless internet without any
    security.



    I know that using security (password or Mac-address filtering) is often
    advisable, but I would like to know better what risks are involved by having
    an open wireless network:

    1) Can virus spread across a wireless network between computers which are
    only sharing the internet connection?



    2) Is it possible for users sharing an internet connection to gain access to
    files on other computers sharing the connection?



    Thank you

    Erik
     
    Erik, Dec 8, 2006
    #1
    1. Advertisements

  2. MAC address filtering is no security. It's pure illusion.
    Well, yes, if there's a way to remote execute code.
    Well, yes, if you allow such access.

    And you don't even care about abuse of the internet connection?
     
    Sebastian Gottschalk, Dec 8, 2006
    #2
    1. Advertisements

  3. Erik

    Todd H. Guest

    MAC filtering is very easily bypassed by anyone other than casual
    snoopers. The same can be said of WEP encryption which can be
    broken in minutes using freely available tools.
    Absolutely, but that's an issue orthogonal to the whole wireless
    equation, and more a risk of putting a group of computer on the same
    network.

    However, if you lack a hardware firewall or home office router today,
    you'll be adding no additional risk of network based piece of malware
    spreading to you from the internet right now. If you have a "software
    firewall" or are using windows firewall on your machine already, and
    if you configure it not to trust computers on your local area network,
    you'll be in as good a shape as you are against internet based attacks
    today.
    Absolutely. With similar caveats above though. The difference
    between an internet based threat and one of a local area network is
    often in how the packet filter software ("software firewall") is
    configured. Many of these programs trust the computers on your LAN
    implicitly, which if file sharing is being used, would leave them open
    to a neighbor jumping on the open access point.

    Other more worrisome things, however, would be johnny neighbor jumping
    on the open access point, running script kiddie attacks against
    goverment networks, then men in black start knocking on the front door
    inquiring about the illegal hacking activity originating from that
    internet connection.

    If you want to frighten the neighbors into action, that's the threat
    that's most compelling. And add that with directional antennas, the
    attacker could be up to a mile away.

    WPA security with a strong, random, long passphrase is what they
    should implement. Don't bother with WEP or MAC based filtering, and
    SSID hiding tends to cause the legitimate owner more headache in
    getting legit computers configured than it provides in any obscurity.

    Best Regards,
     
    Todd H., Dec 8, 2006
    #3
  4. Erik

    Jim Watt Guest

    Its a bad idea, turn on the security features preferably
    WPA
     
    Jim Watt, Dec 8, 2006
    #4
  5. Erik

    John Hyde Guest

    Unless your hardware does not support WPA, then use what you have. Even
    though it is easily broken, you should be using something until you
    replace the hardware. And you *should* replace the hardware if it does
    not support WPA
     
    John Hyde, Dec 11, 2006
    #5
  6. What a nonsense.
    Because it's easily, it's not "something" at all.
    Or something where a VPN client (OpenVPN, IPsec) runs.
     
    Sebastian Gottschalk, Dec 11, 2006
    #6
  7. Erik

    John Hyde Guest

    You know the story about the bear? WEP is like the red sneakers. It
    won't stop an even moderately deterined attacker, but it will keep the
    neighbor kid who does not know about cracking tools out of it. Even an
    attacker will likely go after the easy targets first. Besides, I did
    say replace it, right?
     
    John Hyde, Dec 12, 2006
    #7
  8. Well, except that the neighbor kid knows such cracking tools. Google told
    him.
    It is an easy target.
    And I'd recommend switching it off until then.
     
    Sebastian Gottschalk, Dec 12, 2006
    #8
  9. What's all this other stuff in addition to "WPA"? I set my router to:
    WPA-PSK [TKIP] + WPA2-PSK [AES] Does all that additional stuff add to
    security?

    Thanks
    RH
     
    Roger Hammonds, Dec 12, 2006
    #9
  10. Erik

    Todd H. Guest

    Not appreciably, no.

    Biggest determining factor in your security using WPA with a
    pre-shared key (PSK) is how long, random and complex the passphrase is
    that you select for the pre-shared key.
     
    Todd H., Dec 13, 2006
    #10
  11. Erik

    Jim Watt Guest

    You may find that not all the devices you need to connect
    support all functions that the router does so its a case
    of finding the best compromise.
     
    Jim Watt, Dec 13, 2006
    #11
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.