1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Wireless networking security question

Discussion in 'Networking' started by tomdkat, Jul 13, 2006.

Thread Status:
Not open for further replies.
Advertisement
  1. tomdkat

    tomdkat Retired Trusted Advisor Thread Starter

    Joined:
    May 6, 2006
    Messages:
    7,148
    Ok, let's say I've got a wireless router providing Internet access for Windows computers via wired and wireless connections. They can all access the Internet just fine. The wireless network is protected via WPA security. Cool.

    Now, the computers are networked together using Windows networking and all the machines have software firewalls running (either ZoneAlarm free edition or the Windowd firewall). All the machines can access each other as desired.

    Ok, if a hacker were to somehow compromise the WPA security and gain access to the wireless network, what measures can be taken to prevent them from accessing the Windows machines which are part of the Windows network?

    Peace...
     
  2. TerryNet

    TerryNet Moderator

    Joined:
    Mar 23, 2005
    Messages:
    79,560
    First Name:
    Terry
    Best to concentrate on the WPA security 'cause once they are in the door, they are in the door! :)

    WPA using dictionary words for a passphrase can be broken. WPA with a passphrase of at least 20 characters mixing letters and numbers and maybe some special characters has not yet been broken. Using a strong passphrase such as this is your best, and almost only, wireless security against knowledgeable and determined hackers.
     
  3. tomdkat

    tomdkat Retired Trusted Advisor Thread Starter

    Joined:
    May 6, 2006
    Messages:
    7,148
    Thanks for the tip! :)

    Peace...
     
  4. etaf

    etaf Moderator

    Joined:
    Oct 2, 2003
    Messages:
    65,355
    First Name:
    Wayne
    i think terrynet suggestion is the way to go - I would add also use upper and lower case letters, numbers and special characters
     
  5. JohnWill

    JohnWill Retired Moderator

    Joined:
    Oct 19, 2002
    Messages:
    106,418
    There are no known exploits of WPA with a long an random key, it's most certainly your best option. That's not to say you shouldn't have some security within the network too, and MOST IMPORTANT, have current and regular backups!
     
  6. llsee

    llsee

    Joined:
    Aug 5, 2004
    Messages:
    111
    First Name:
    Larry
    You can also use MAC address filtering for an extra layer of protection. That way only specified MAC addresses are able to access your network. Since every network adaptor has a unique MAC address that increases the security.

    Of course MAC address filtering does nothing to prevent someone from intercepting wireless traffic, but it is one more layer of security that is available.
     
  7. TerryNet

    TerryNet Moderator

    Joined:
    Mar 23, 2005
    Messages:
    79,560
    First Name:
    Terry
    MAC address filtering adds no security to an encrypted network. It adds difficulty to your use of your own network.
     
  8. JohnWill

    JohnWill Retired Moderator

    Joined:
    Oct 19, 2002
    Messages:
    106,418
  9. llsee

    llsee

    Joined:
    Aug 5, 2004
    Messages:
    111
    First Name:
    Larry
    Your sarcastic response to my post is the perfect example of why I seldom visit TSG anymore, and why I removed the link from my personal web page. At one time I thought that TsG was a web space where an individual could get sound "Un-Biased" support and answers to questions. Instead it is really the province of a small clique of snotty users who have turned it into their personal messaging system.

    To tomdkat, I strongly suggest that you visit Steve Gibson's web site http://www.grc.com/default.htm for solid security advice. His "Security-Now" podcast is also an excellent resource. Unlike the users here, Mr Gibson does engage in reasonable discussion and does provide sound reasons behind his opinions, while listening respectfully to yours.

    Forty years in corporate IT management, including the installation of the first wireless network on a regional stock exchange floor does give me the right to express an opinion. MAC address filtering does add a layer of network management, security AND complexity to a network.

    This site should change its name from Tech Support Guy, to Opinionated Insider Club!
     
  10. JohnWill

    JohnWill Retired Moderator

    Joined:
    Oct 19, 2002
    Messages:
    106,418
    You're free to have an opinion on the topic, I'm curious why I'm not allowed the same freedom in your eyes. :confused: If expressing my opinion is being "snotty", then I guess that's me. :rolleyes:
     
  11. llsee

    llsee

    Joined:
    Aug 5, 2004
    Messages:
    111
    First Name:
    Larry
    Lets take this off-line. I sent you a private message.
     
  12. tomdkat

    tomdkat Retired Trusted Advisor Thread Starter

    Joined:
    May 6, 2006
    Messages:
    7,148
    Thanks for the additional tips. Unfortunately, WEP security is the best I can have on one wireless network I setup since the drivers for one particular wireless adapter don't support WPA. I'll look at replacing this adapter and checking again for a driver update.

    I'll also visit the sites referenced above and will look into MAC filtering. I understand the basic idea but never actually configured it. I mainly wanted to make sure there weren't other things I could do to "lock down" a Windows network that contains a mixture of wired and wireless machines, all sharing the same cable modem Internet connection.

    You've all been a great help! :)

    Peace...
     
  13. rolandk10

    rolandk10

    Joined:
    Oct 17, 2005
    Messages:
    121
    I am running vista on my laptop and the other day tried to get on my girlfriends old wireless router that only has WEP. Vista (or the driver for the built in wireless) could see the network in the list but said it was an unsupported secure network.

    Looks like WEP may get phased out soon.
     
  14. tomdkat

    tomdkat Retired Trusted Advisor Thread Starter

    Joined:
    May 6, 2006
    Messages:
    7,148
    Good to know. Thanks for the heads up!

    Peace...
     
  15. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/482920

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice