WiFi Security help.

[ameerat42]

Hi Folks.
I have a Netbook and a desktop computer, and a wireless router that at present has the WiFi function disabled and only has cables connected. I sometimes network them all by cable only, thinking that there will be no wireless tranmissions.

1) However, I am starting to think that this might not be such a good idea anyway, because the Netbook has Wifi built in and I think it might even be transmitting if still connected by cable as I haven't switched that part off.

2) In addition, I was wanting to link the Netbook to the router wirelessly.

So, what is the strongest means of attaining WiFi security? I have understood from this Wiki article, that WEP is not the best after all, That is the first option in the router security menu.

Thanks, Am.

[soulman]

WPA seems pretty good. I use that on my network with a maximum length randomly generated password. Wireless security is a bit like home security though - you can't stop determined people from breaking in, only deter the casual crook. If you're in an area where people could conceivably be able to steal your bandwidth, such as a block of flats for example, any reasonable security should do because there are bound to be unprotected networks around anyway. People who are just wanting to leach will use the unprotected networks, whereas people who are targeting you, which of course is highly unlikely, will probably find ways to get whatever they're looking for no matter what. Any lock will keep out honest people, which is usually all you have to concern yourself with.

[ricktas]

I use WPA and change my password regularly (about once a month). My wireless router also has the benefit of telling me how many devices are connected to it wirelessly, so if I was to notice an extra one, I could take action fairly quickly. Having said that I have not seen a single incident of an unauthorised use of my network.

My wireless network gets a lot of use. Laptop, iPhone, iPad, TV, BluRay player and Wii are all connected.

[fastr1red]

You should also enable MAC address access only. This means adding the MAC address of each device you want connected to the router as well as WPA or any other security method. Using wireless MAC address access is the only way to ensure no unauthorised equipment uses your router. The option is in the security tab of the router.

[fess67]

As above. But also, chill out. If you are a suburban home using a home network employing WPA the chances of you being compromised are tiny...tiny..tiny.... so relax, use WPA and enjoy the web. For somone to get into your system they would need to sit outside for some time and that would attract attention on a suburban street. And what would they get?? not much really so they will not be driving down your street anytime soon.

[bdparker]

On all my network (and those that I have setup elsewhere) I use WPA2-PSK 32 character HEX code and then hide the SSID (also use a inconspicuous name, unrelated to the place/company/person). All my WIFI network have been intrusion free (some have been running for over 8year's on the same codes)

The other benifet is that WPA dose not slow down a hungry WIFI network whereas WEP can. I have also had trouble with more that 10 laptop on a WEP shared Encryption network, haven't had the same issues with WPA2-PSK (not that they rung me to complain lately).

[ameerat42]

To everyone: Thanks for all the practical advice and hints. I will have another good look at the Wiki page and read all the help that comes with the router.
Am.

[abitfishy]

One thing no one ever suggests or thinks of is change the default router username and password. Usually they are admin and admin or admin and password. No amount of security is of any use if any Tom, Richard or Harry can log into your router and change your settings. I've even accidentally logged into a customers nearby neighbours wireless router not realising, reconfiguring it, then seeing at the top it said Dlink when the customers router was a Netgear. Shame I didn't know who's router I stuffed up, I could have got more business while I was in the neighbourhood!

[ameerat42]

Thanks, abitfishy. I suppose that's because it goes w/o saying. At present I have not, but that will be the 1st thing before I start using the wifi feature. At present Wifi is OFF.
Thanks, Am.

[Patagonia]

One thing no one ever suggests or thinks of is change the default router username and password. Usually they are admin and admin or admin and password. No amount of security is of any use if any Tom, Richard or Harry can log into your router and change your settings. I've even accidentally logged into a customers nearby neighbours wireless router not realising, reconfiguring it, then seeing at the top it said Dlink when the customers router was a Netgear. Shame I didn't know who's router I stuffed up, I could have got more business while I was in the neighbourhood!

Top security would be WPA+Mac address AND changing the Router password and IP...as said above many people put good wifi passwords but forget the router that is easily accessible. I think you can also set the router configuration to be only accessible by wired connections, If possible that´s very safe.
Last you can put a software that tells you which computers are connected at each time.

all that said, think a WPA password and router password changed regularly will do the trick.

regards

[OzzieTraveller]

G'day all

As many of you are aware - I travel the eastern states and am on the road for 6 - 7 - 8 months a year
It's amazing how often we stop for lunch or overnight somewhere and as I fire up the laptop, up comes someone's residential & totally unsecured site

We have on occasions tested things by logging in to our Optus site ... and it works a treat !!!
We also log off again before too much traffic has gone to & fro as I don't agree with using someone else's account

Regards, Phil

[ameerat42]

Of course I won't either, but thanks. Am.