Too cool.....got my PC back up and running, and despite a little trepidation, decided to take a shot at setting up a wireless network in the house. Bought a Microsoft router and it was almost too easy for this cyber challenged gear head. So pleased with myself, I nearly got wood. http://www.georgia-outdoors.com/ubbngto/wink.gif Wife is real pleased she can use her lap top online anywhere now. Ought to be worth a kitchen pass or two. I highly recommend the Microsoft product for this application.

A professional comment on wireless, and I am qualified with over 25 years of network management experience. Wireless is clearly the hot trend these days and I am deploying WAPs as fast as the manufacturer can turn them out. I also have a major project underway implementing wireless security. Wireless offers a lot of advantages, but these are offset by the security risk they pose. Much as crooks now drive around looking for a house where the owners are on vacation, they can now drive around with a wireless connection looking for a good tap. And when they do, they will get your credit card, SSN, and other personal information. And by the way, not just while you are actively transmitting, but by back-dooring into your system and scanning files. They also know the demographics and will focus on neighborhoods with the best targets.

As information becomes more and more of a commodity, I can see a time not too long off when the statistics of individual's and family's are collected, compiled and sold to marketeers, insurance companies, you name it.

So should you toss out the wireless connections? Not necessary as long as you use all the security functions that come with the package, and I also recommend turning the connection off when you are not actually network connected. As with any technology, there is a trade off of risk for convenience. ---JCK---

Good points,JCK. I followed the advice I found in the following artices and have enjoyed my wireless connection with some comfort. http://www.earthlink.net/elink/issue49/tech.html
http://www.practicallynetworked.com/support/wireless_secure.htm

What do you think? I'd be interested in your professional opinion if there is more/less I should be doing to protect my info.

[This message has been edited by MBA (edited 06-28-2004).]

John,
will a firewall (Norton Internet Security) on your PC protect your computer from the roving hackers? When I enabled the encryption on my wireless router the whole thing got messed up. With encryption disabled mine worked just like BK... no problems. Thanks for the free advice...
Tom-O

Don't make the mistake most people make with wireless home routers. Do not use the factory DNS/IP settings. Read the manual and learn how to change the settings. If you use it straight out of the box, anyone with a list of factory defaults and a wireless netowrk card could cruise past your house and get on your network. The 2 articles linked too above are very good. if you are considering going wireless, do the research.

Also, ANYONE with an internet connection should be using ZoneLabs firewall. It is really good and really free. www.zonealarm.com (http://www.zonealarm.com)

There is also some really good tools and articles on www.GRC.com (http://www.GRC.com)

------------------
SlckTrck

I sure hope Heaven has a trout stream.

The Earthlink site had some good tips that should work for home wireless networks. The one other thing I would add is that not only should passwords be a random generation of letters and numbers, but they should be changed frequently and at irregular intervals. As this technology progresses, the security will get better and easier to deploy. Of course those trying to get around the security package will also get better!

The encryptions that come with your wireless packages may be difficult to work with, but I would stick with it and try to use the tools they have provided you. As for firewalls, they can add that extra layer of protection, but then your investment in that home system really begins to ratchet up. The Norton (and similar) Anti-virus packages are useful for finding a bug in your system, but they are really not focused on intrusion protection; Norton is looking for something active while an intruder is often just listening for data they want to siphon off.

And by the way, having a wired connection is not the sure cure either. A wired connection left open can be tunneled into and personal information compromised. Now a hermetically sealed mayonase jar under the back porch ........... : - )

Other than mine, there are 3 WAPs I can see from my house. I've broken into all 3 from my recliner in my living room. A couple of them I took the time to run Ethereal (a popular packet sniffer) on them for an evening to show their owners who all can easily see the porn that goes through the air (and CC numbers and passwords, you name it).

I know not everyone is an uber-geek, but setting up a wireless router is not hard. The manufacturers do a serious injustice to their consumers by making defaults for every single value. The dang things should simply not work until a few values have been manually set by the user.

Here are some rules of thumb about setting up a wireless network at home:

1) Change the router's default SSID. It usually comes pre-programmed with something like "WAP" or "linksys" or something simple. Use something a little more harder to figure out. If someone takes a wild guess and figures out your SSID (even if you're not broadcasting it, that's just how it works), and you're not taking the other precautions listed below, you'll be compromised.

2) Do NOT broadcast your SSID. That means disable that feature. That means do not enable that feature. However your router software words it, make sure it does not broadcast. Do this after you change it (see step 1). After you change the SSID and you disable broadcasting, you're essentially invisible - but that's still not good enough.

3) Change the admin password. Almost every router made has one of two different passwords - either 'admin' or 'password'. Change it before you ever plug anything in it.

4) Use WEP. WEP (wired equivalency protocol) is a crappy encryption mechanism, and has been proven to be broken, but until the new standard (802.11i) comes out hopefully early next year, it's the best we've got. It takes a geek with essentially no life to sit within a couple hundred feet of your house for hours, maybe days or weeks, to break standard WEP encryption, but it can be done.

5) Use wireless MAC address filtering. This will allow only your wireless network cards to use your internet connection (or LAN/WAN). Unless someone knows your card's MAC address, or takes the time to figure it out (which is easier to do than cracking WEP, but still quite a task), they're SOL.

6) Change the IP settings - ie, use a different subnet than what it comes prepackaged with. Most of them come defaulting to 192.168.1.*. Change this to something else - say, 10.100.1.* or 10.101.1.* or 10.102.1.*. There are several private subnets, but those will keep most hackers guessing for a while.

7) Set a limit on DHCP users. Only have one computer that is going to be using the WAP? Limit it to 1 then.

8) Run a simple firewall. The firewall that comes with Windows XP is not a firewall, don't let MS tell you that it is. Get ZoneAlarm (www.zonelabs.com) - it's free and is the most popular one in the business. It's not the best, but it's the best free one.


These are just a few things off the top of my head, but if every home user followed these few simple rules, the wireless world would be a much better place http://www.georgia-outdoors.com/ubbngto/smile.gif

You guys are starting to scare me. http://www.georgia-outdoors.com/ubbngto/smile.gif Im still learning what all my keys do on my keyboard.

I'm with Ghost on this one. All this ISS and DSL and DNS/IP and MYOB don't mean diddly to me. Now if you could figure out how to program my remote control to operate my DVD/VCR player, I'd be grateful. http://www.georgia-outdoors.com/ubbngto/wink.gif

snowpee bring up a lot of good points. Being in the IT world these are things we think of and do on a regular basis. I recommend you follow that advice doing the first 3 items ASAP. I also recommend that you read the manual that came with your WAP and look up the things you don't understand then continue to implement the rest.

I don't profess to be an auto mechanic either. But since I have to drive one every day I make sure I know how to keep it running. I also lock it and wind up the windows. I change my own oil/filter, brakes, air filter, fuel filter, belts, plugs, and most other normal wear and tear parts. No, I probably can't replace my transmission if it ever fails, but I know what and where it is, what it does, and how it works. Ditto with most of the parts that make a car do what it does.

My point is I guess I just don't understand the mentality of people who think computers are this phenomenon that are above them, yet they use them every day.

You have computer. Do you run Quicken on that computer? How about the names, address, and phone numbers of everyone you know? Is your social security number anywhere on your computer? Are you sure? Anything else you wouldn't leave out on your front porch? There are a lot of folks out there who don't wear the same white hats we do - and unbelievably most don't even care about stealing your stuff, they get thrills from screwing up your life for a while.

The only way to protect your stuff is to know how to protect it.

I did many of the things already discussed, never enabled sharing, and we don't do anything we want secure on her laptop. Still, I'll look at the other more sophisticated security measures, too.
Good discussion. Thanks!