Secure Your Wifi [Archive] - Glock Talk

PDA

View Full Version : Secure Your Wifi


Bobjones2335
08-19-2005, 13:53
I was sitting in a shopping center yesterday and thought what the hey, i'll look for a network. So I wip my laptop out and low and behold 3 networks, 2 unsecure and 1 locked up. One of the unsecure is called "Linksys" so I log onto it, open up an IE window and enter 192.168.1.1 (the routers default console address) up pops a log in screen, for the user name I use Admin and for the password I use the same. Soon as I hit enter I was consoled up to their router, could have done all kinds of fun stuff! Please people, I am begging you, secure your networks!

funbob
08-19-2005, 19:05
The amount of unsecured networks out there is astounding. I sometimes just like to take out my PDA or PSP and see how many open networks are nearby that I can connect to. Thankfully I'm not a malicious person...

Alpha752
08-19-2005, 19:12
When I moved into my new apartment, I had to wait a day for my Cable hook up, so I figured id see what I could find on the wireless. There are only 12 apartments in my building, and there were 2 unsecure networks. They were the same, names linksys. I could have logged in and surfed, but I decided to just wait the day for my own hook up.

Then I promptly checked my own security to make sure I was locked.

Alpha752
08-19-2005, 19:14
Originally posted by funbob
The amount of unsecured networks out there is astounding. I sometimes just like to take out my PDA or PSP and see how many open networks are nearby that I can connect to. Thankfully I'm not a malicious person...

The PSP has wireless??? I didnt know that. So, you could either use your home network, or go to a free hotspot and connect to the net with it? Can you surf the web, or is it only a gaming connection?

Sorry for the hijack.

funbob
08-19-2005, 19:50
Originally posted by Alpha752
The PSP has wireless??? I didnt know that. So, you could either use your home network, or go to a free hotspot and connect to the net with it? Can you surf the web, or is it only a gaming connection?

Sorry for the hijack.

Yep, regular old 802.11b. Its primary use is for gaming in ad-hoc mode but supports infrastructure mode for downloading system updates and upcoming games that will support online play. It was previously only possible to web surf on the PSP by using the web browser built into the game Wipeout Pure. It was only intended for accessing content and downloads for the game but with a bit of DNS trickery, could be used for general web browing. That's all moot now because Sony has recently issued a major update for the system software that adds a pretty nice web browser. More details (and a neat pic of GT on a PSP) are in this thread (http://www.glocktalk.com/showthread.php?s=&threadid=413122)

lomfs24
08-21-2005, 01:55
I have been saying for a long time that people need to secure their wireless routers. My first thought was that two of the places offered free wireless access. But then I decided that if they were savvy enough to think they wanted to give away free access you would think they would be savvy enough to at least change the password.

What really makes me mad are people who don't know how to run their equipment, both network owners and wireless device owners, who are lobbying for laws on criminal activity when they don't know how to run their own equipment.

gwalchmai
08-21-2005, 11:29
What harm does it do me if some bidness in the mall leaves his WiFi open?

lomfs24
08-21-2005, 23:22
Originally posted by gwalchmai
What harm does it do me if some bidness in the mall leaves his WiFi open? Does you no harm at all. When it harms you is when he leaves it open, you use it thinking it's meant to be open and then he tries to press criminal charges on you.

SkyStorm82
08-22-2005, 00:22
So how do you make sure it's secure? I'm on one right now.

gwalchmai
08-22-2005, 04:38
Originally posted by lomfs24
Does you no harm at all. When it harms you is when he leaves it open, you use it thinking it's meant to be open and then he tries to press criminal charges on you. OK, I'm sitting in a mall, with thousands of people in it, and perhaps dozens of laptops. This guy, who doesn't have the smarts and doesn't take the trouble to secure his wireless, IS going to have the smarts and go to the trouble to track me down for using it.

Uh-huh. ;Q

Bobjones2335
08-22-2005, 07:17
Originally posted by lomfs24
Does you no harm at all. When it harms you is when he leaves it open, you use it thinking it's meant to be open and then he tries to press criminal charges on you.

The harm is when someone uses one of these idiots connection's to apply for a credit card in YOUR name, then start buying things or hacking.

gwalchmai
08-22-2005, 07:24
Originally posted by Bobjones2335
The harm is when someone uses one of these idiots connection's to apply for a credit card in YOUR name, then start buying things or hacking. If someone applies for a credit card in MY name (actually my SSN), I'll be notified, regardless of what avenue he uses for the application. This is not a reason for me to worry about the unsecured WiFi. I agree that if someone uses the open WiFi for illegal purposes the owner of the connection has reason to worry. But ME? Nope.

lomfs24
08-22-2005, 08:58
Originally posted by Bobjones2335
The harm is when someone uses one of these idiots connection's to apply for a credit card in YOUR name, then start buying things or hacking. I don't see a problem here. The reason being is that someone would have to have my SS# before doing this and if he has my SS# then he can use one of a million difficult to track yet legal internetconnections. Connections at coffee shops, airports, libraries, etc...


No, the real harm here is people who are too ignorant, too lazy or just too incompetent to learn how to properly use their router but yet get excited and call the cops because someone is using it.


gwalchmai, you are right. The chances of being caught in a mall is slim. But as a gun owner, I suppose you are a gun owner, you know that living on "chances" is not a good insurance policy. At what point is it legal? Or illegal? Inside the mall? Outside the mall? How far outside the mall? One block? two blocks? In the driveway? In who's driveway? At your house?

This is where grey area starts to happen. And courts thrive on grey areas. Then what bothers me most is that these people who don't know how to run their routers are the same people who are screaming the loudest that laws should be made to protect their network. When in reality, they want laws because they are too lazy to learn for themselves.

gwalchmai
08-22-2005, 09:12
Originally posted by lomfs24
gwalchmai, you are right. The chances of being caught in a mall is slim. But as a gun owner, I suppose you are a gun owner, you know that living on "chances" is not a good insurance policy. At what point is it legal? Or illegal? Inside the mall? Outside the mall? How far outside the mall? One block? two blocks? In the driveway? In who's driveway? At your house? No, I wasn't addressing either the "legality" or the morality of bandwidth leeching. I was addressing the contention that "When it harms you is when he leaves it open, you use it thinking it's meant to be open and then he tries to press criminal charges on you." My point is that this really won't happen. OTOH, if you disagree you shouldn't take the risk.

This is where grey area starts to happen. And courts thrive on grey areas. Then what bothers me most is that these people who don't know how to run their routers are the same people who are screaming the loudest that laws should be made to protect their network. When in reality, they want laws because they are too lazy to learn for themselves. As I have said before, this is an area that the lawyers will have to figure out, but my bet is it will turn out to be an unenforceable law, and be ignored. However, I think any reasonable person can see that it is much more cost effective for a business to pay a couple of hundred bucks for a consultant to secure their WiFi than to have bandwidth leechers tracked down and prosecuted. Not to mention the bad press said business would receive when their lack of security is made public by said prosecution.

Or is common sense that rare a commodity in today's society?

Egyas
08-22-2005, 10:39
The harm is really only if you leave your own connection open. You neighbor logs in, and starts using p2p software to download kiddie-porn. He happens onto one of the FBI "Bait-n-stings", and they track it back to your router's WAN IP.

I do not, in any way, shape, or form, want to have to try to convince the FBI that my neighbor did it. He must have leached my network! Yea, that's it!


Or they commit acts of fraud, CC violation, commits threats or other cyber-crimes. No thanks.

My wireless is as locked-down as humanly possible.

Egyas
08-22-2005, 10:40
Another useful item is to enable the logging featrure available on most routers. It's the last line of defense to try and convince authorities that the PC that connected to your network is not yours.

lomfs24
08-22-2005, 11:38
Originally posted by gwalchmai
Or is common sense that rare a commodity in today's society? You have read enough posts across this community to not really need to ask that question. ;f

hapuna
08-22-2005, 12:34
OK guys I think there is more than 1 person here that asked for details.
I have a router that is password protected but my wireless network is unsecured. What are the basic step I should take to get some form of security on my network? Is there a link to someplace that can give me the basics? How will security affect how I operate on my network? There are 3 different computers and a phone that use it?
Any suggestions?

gwalchmai
08-22-2005, 12:41
Originally posted by hapuna
OK guys I think there is more than 1 person here that asked for details.
I have a router that is password protected but my wireless network is unsecured. What are the basic step I should take to get some form of security on my network? Is there a link to someplace that can give me the basics? How will security affect how I operate on my network? There are 3 different computers and a phone that use it?
Any suggestions? What kind of router do you have? If it supports WPA encryption use it. If it doesn't, buy one that does. Use a 60 character random key (get one HERE (http://www.winguides.com/security/password.php) ). That's all you need.

lomfs24
08-22-2005, 13:22
Originally posted by hapuna
OK guys I think there is more than 1 person here that asked for details.
I have a router that is password protected but my wireless network is unsecured. What are the basic step I should take to get some form of security on my network? Is there a link to someplace that can give me the basics? How will security affect how I operate on my network? There are 3 different computers and a phone that use it?
Any suggestions? I typed "how to secure my wireless" into google and it returned 8.13 million results. This one is the first one on the list. http://www.comcast.net/help/faq/index.jsp?faq=Security118072

You may have to go to the website of your particular router brand to get step by step instructions on how to use WPA or WEP. Basically you enter a random string on your router and the same string on your computer and if the strings don't match.... no worky!!!

gwalchmai
08-22-2005, 13:29
Yeah, OK. You should change the router's default password, I guess, because after they break that 60 char WPA key they'd get stumped figuring out my cat's name that I used for the PW...

;f

Sorry if I seem a little cynical, but I've read too many accounts of WEP keys getting broken in "minutes" to have much faith in 'em. Before y'all keelhaul me, I agree anything's better than nothing.

David_G17
08-22-2005, 20:00
Originally posted by gwalchmai
Yeah, OK. You should change the router's default password, I guess, because after they break that 60 char WPA key they'd get stumped figuring out my cat's name that I used for the PW...

;f

Sorry if I seem a little cynical, but I've read too many accounts of WEP keys getting broken in "minutes" to have much faith in 'em. Before y'all keelhaul me, I agree anything's better than nothing.

the trick is being the only secure network amongst many unsecured ;)

kinda like running from a bear. you don't have to be faster than the bear, just faster than the other guys running from it.

Poppa Bear
08-22-2005, 20:18
the trick is being the only secure network amongst many unsecured

I have 2 networks I can log onto that are locked down. The password is the same as the SSID. If you are going to change the SSID and the password then DO NOT make them the same. That is easier than remembering the default password for all of the different router manufacturers.

hapuna
08-23-2005, 11:51
Originally posted by gwalchmai
What kind of router do you have? If it supports WPA encryption use it. If it doesn't, buy one that does. Use a 60 character random key (get one HERE (http://www.winguides.com/security/password.php) ). That's all you need.

I'm sure it does and it has VPN but how does the voip phone interact. I have an extension off a system in the UK that I need to keep up and running so don't want to mess with it too much and have it get kicked off the network.

gwalchmai
08-23-2005, 13:03
Originally posted by hapuna
I'm sure it does and it has VPN but how does the voip phone interact. I have an extension off a system in the UK that I need to keep up and running so don't want to mess with it too much and have it get kicked off the network. I don't know enough about VOIP to be dangerous, but I'm assuming that it's going over an ethernet cable to your phone system (?), so it shouldn't be affected by these wireless settings. VPN won't be affected, either. WPA just deals with wireless connections between your router and wireless cards.

lomfs24
08-23-2005, 13:24
Originally posted by hapuna
I'm sure it does and it has VPN but how does the voip phone interact. I have an extension off a system in the UK that I need to keep up and running so don't want to mess with it too much and have it get kicked off the network. I believe gwalchmai is right. The VPN and VOIP settings should be handled by your firewall. All WEP or WPA does is control what wireless hardware connects. Basically it is a security for the radio part of the wireless. It does not stop things going accross your network.

Does that make sense? I thought of this off the top of my head so don't beat me with it. Think of it as a bridge. A security guy is on one end saying only this truck and this truck can use the bridge but they can haul whatever they want. So your voip and VPN should not be affected so long as your wireless adapter can connect.

hapuna
08-23-2005, 13:29
Originally posted by lomfs24
I believe gwalchmai is right. The VPN and VOIP settings should be handled by your firewall. All WEP or WPA does is control what wireless hardware connects. Basically it is a security for the radio part of the wireless. It does not stop things going accross your network.

Does that make sense? I thought of this off the top of my head so don't beat me with it. Think of it as a bridge. A security guy is on one end saying only this truck and this truck can use the bridge but they can haul whatever they want. So your voip and VPN should not be affected so long as your wireless adapter can connect.

Well OK maybe but my voip phone is connected via a wireless access point in my office so it is on my wireless network. From the wap there is a cable that plugs into the phone.

gwalchmai
08-23-2005, 13:33
Originally posted by hapuna
Well OK maybe but my voip phone is connected via a wireless access point in my office so it is on my wireless network. From the wap there is a cable that plugs into the phone. That's an integrated ethernet switch, and I'm pretty sure it's independent of the wireless (all I've seen are). Do you know the make and model of the router?