Wireless networking security question

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

tomdkat

Thread Starter
Retired Trusted Advisor
Joined
May 6, 2006
Messages
7,148
Ok, let's say I've got a wireless router providing Internet access for Windows computers via wired and wireless connections. They can all access the Internet just fine. The wireless network is protected via WPA security. Cool.

Now, the computers are networked together using Windows networking and all the machines have software firewalls running (either ZoneAlarm free edition or the Windowd firewall). All the machines can access each other as desired.

Ok, if a hacker were to somehow compromise the WPA security and gain access to the wireless network, what measures can be taken to prevent them from accessing the Windows machines which are part of the Windows network?

Peace...
 

TerryNet

Terry
Moderator
Joined
Mar 23, 2005
Messages
81,340
Best to concentrate on the WPA security 'cause once they are in the door, they are in the door! :)

WPA using dictionary words for a passphrase can be broken. WPA with a passphrase of at least 20 characters mixing letters and numbers and maybe some special characters has not yet been broken. Using a strong passphrase such as this is your best, and almost only, wireless security against knowledgeable and determined hackers.
 

etaf

Wayne
Moderator
Joined
Oct 2, 2003
Messages
65,471
i think terrynet suggestion is the way to go - I would add also use upper and lower case letters, numbers and special characters
 

JohnWill

Retired Moderator
Joined
Oct 19, 2002
Messages
106,429
There are no known exploits of WPA with a long an random key, it's most certainly your best option. That's not to say you shouldn't have some security within the network too, and MOST IMPORTANT, have current and regular backups!
 

llsee

Larry
Joined
Aug 5, 2004
Messages
116
You can also use MAC address filtering for an extra layer of protection. That way only specified MAC addresses are able to access your network. Since every network adaptor has a unique MAC address that increases the security.

Of course MAC address filtering does nothing to prevent someone from intercepting wireless traffic, but it is one more layer of security that is available.
 

TerryNet

Terry
Moderator
Joined
Mar 23, 2005
Messages
81,340
MAC address filtering adds no security to an encrypted network. It adds difficulty to your use of your own network.
 

llsee

Larry
Joined
Aug 5, 2004
Messages
116
Your sarcastic response to my post is the perfect example of why I seldom visit TSG anymore, and why I removed the link from my personal web page. At one time I thought that TsG was a web space where an individual could get sound "Un-Biased" support and answers to questions. Instead it is really the province of a small clique of snotty users who have turned it into their personal messaging system.

To tomdkat, I strongly suggest that you visit Steve Gibson's web site http://www.grc.com/default.htm for solid security advice. His "Security-Now" podcast is also an excellent resource. Unlike the users here, Mr Gibson does engage in reasonable discussion and does provide sound reasons behind his opinions, while listening respectfully to yours.

Forty years in corporate IT management, including the installation of the first wireless network on a regional stock exchange floor does give me the right to express an opinion. MAC address filtering does add a layer of network management, security AND complexity to a network.

This site should change its name from Tech Support Guy, to Opinionated Insider Club!
 

JohnWill

Retired Moderator
Joined
Oct 19, 2002
Messages
106,429
You're free to have an opinion on the topic, I'm curious why I'm not allowed the same freedom in your eyes. :confused: If expressing my opinion is being "snotty", then I guess that's me. :rolleyes:
 

tomdkat

Thread Starter
Retired Trusted Advisor
Joined
May 6, 2006
Messages
7,148
Thanks for the additional tips. Unfortunately, WEP security is the best I can have on one wireless network I setup since the drivers for one particular wireless adapter don't support WPA. I'll look at replacing this adapter and checking again for a driver update.

I'll also visit the sites referenced above and will look into MAC filtering. I understand the basic idea but never actually configured it. I mainly wanted to make sure there weren't other things I could do to "lock down" a Windows network that contains a mixture of wired and wireless machines, all sharing the same cable modem Internet connection.

You've all been a great help! :)

Peace...
 
Joined
Oct 17, 2005
Messages
121
tomdkat said:
Thanks for the additional tips. Unfortunately, WEP security is the best I can have on one wireless network I setup since the drivers for one particular wireless adapter don't support WPA.
I am running vista on my laptop and the other day tried to get on my girlfriends old wireless router that only has WEP. Vista (or the driver for the built in wireless) could see the network in the list but said it was an unsupported secure network.

Looks like WEP may get phased out soon.
 

tomdkat

Thread Starter
Retired Trusted Advisor
Joined
May 6, 2006
Messages
7,148
rolandk10 said:
I am running vista on my laptop and the other day tried to get on my girlfriends old wireless router that only has WEP. Vista (or the driver for the built in wireless) could see the network in the list but said it was an unsupported secure network.

Looks like WEP may get phased out soon.
Good to know. Thanks for the heads up!

Peace...
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top