Wireless network question again..

[larryinlc]

Thanks for all the help I've received. I have my dsl up and running and the wireless network works beautifully. I have not enabled security yet. I'm wondering...D-Link says enabling encryption will slow things down. Will 64-bit encryption be faster than 128-bit? Do I need the added security of 128 for my house and neighborhood, or is this more for the hackers on the web? The difference is a 10 digits for 64 bit as opposed to 26 digits for 128-bit. Since this is only a 512kbs package, I don't want to slow things down too much.

Larry

[NGuay]

I would go with the 128-bit. I have cable and really haven't noticed any speed difference with encryption. Encryption is a good idea especially if you order online at all. If someone gets on your network they could capture all of your secure passwords easily with a man in the middle attack or your non-secure passwords with basic sniffing. Another big help is to turn off ssid broadcasting. That way your neighbors won't pick up the name of your wireless network.

[larryinlc]

Thanks. Also, it seems I have the option of using WEP or WPA. From what I've read, WEP is not totally secure.

Larry

[HKGuns]

Quote:

Originally Posted by larryinlc

Thanks for all the help I've received. I have my dsl up and running and the wireless network works beautifully. I have not enabled security yet. I'm wondering...D-Link says enabling encryption will slow things down. Will 64-bit encryption be faster than 128-bit? Do I need the added security of 128 for my house and neighborhood, or is this more for the hackers on the web? The difference is a 10 digits for 64 bit as opposed to 26 digits for 128-bit. Since this is only a 512kbs package, I don't want to slow things down too much.

Larry

You certainly won't notice any difference. Using 64 is like using nothing to someone with evil purposes. If you use 128 you'll be fine. 64 bit wep keys can be cracked in seconds with software readily available on the internet.

Not that it would be a big deal....only sharing your bandwidth. Its not like they would be breaking into your computer or anything. Additionally, you'd probably notice them outside your house after a while. If all you are worried about is your neighbors mistakenly using your bandwidth 64 bit is just peachy.

[NGuay]

You're right, I would use WPA.

[Ron1YY]

Quote:

Originally Posted by larryinlc

Thanks. Also, it seems I have the option of using WEP or WPA. From what I've read, WEP is not totally secure.

Larry

There are cracks on the web that can be downloaded for both WEP and WPA. For the most part, they will keep your average hacker out of your system. But people who deal in security and firewalls can pretty much blow right through them. Kind of like you have to know how to break in to secure your systems.

Ron

[kvm]

Just turn off SSID Broadcast and use WPA and don't worry about it. If you live in a "residential" type area, all you really need to worry about is the neighbors kid trying to break in for fun more than anything else. The fact is if someone wants to get in they will. Look at the number of large companies that get hacked when they are spending big bucks on security. No one is going to spend a lot of effort to break into your network unless they think you have something worth the effort.

[rumballs]

Quote:

Originally Posted by larryinlc

Thanks. Also, it seems I have the option of using WEP or WPA. From what I've read, WEP is not totally secure.

Just use MAC address filtering instead - then the only way someone would be able to get on is if they spoofed one of the handful of MAC addresses you would have configured for your own computers.

[rumballs]

Quote:

Originally Posted by larryinlc

Thanks for all the help I've received. I have my dsl up and running and the wireless network works beautifully. I have not enabled security yet. I'm wondering...D-Link says enabling encryption will slow things down. Will 64-bit encryption be faster than 128-bit? Do I need the added security of 128 for my house and neighborhood, or is this more for the hackers on the web? The difference is a 10 digits for 64 bit as opposed to 26 digits for 128-bit. Since this is only a 512kbs package, I don't want to slow things down too much.

https has it's own encryption, so you don't need to worry about ordering things online over the wireless network.
The only reason you would want encryption is if you don't want people to see other things going over the air to your computer (like standard, non-secure web browsing).

[TypeO-]

Most if not all newer wireless routers have a MAC address filter. It may be called something unique depending on the vendor. If you don't know, the MAC address is the hardware address associated with your network card/device, wired or wireless. You can obtain your network card's MAC address (in Windows) by typing IPCONFIG /ALL. Plug this hexadecimal number into your WLAN router's MAC filter. This will allow your machine and your machine only to access your router's services. If you have additional machines, you'll need to add those too of course. MAC addresses can be spoofed, not to hard for a hacker to do, but not too easy for someone trying to steal your bandwidth like a cheapass neighbor. Use this filter in conjunction with WEP or WPA. If someone wants to crack your encryption AND spoof your MAC, well, let them have it. A smart thing to do would be to change your WEP code periodically.

And keep in mind, WEP or WPA encryption is encrypting the data over the wireless link only. It is not encrypting data passing through your Cable/DSL connection. You'll still need to use common sense when sending sensitive information over the net.

Dammit...Had to edit this post. While typing, two previous posters submitted what I just stated.

[larryinlc]

Thanks all...man, you guys are good!

Larry

[NGuay]

Quote:

Originally Posted by TypeO-

Most if not all newer wireless routers have a MAC address filter. It may be called something unique depending on the vendor. If you don't know, the MAC address is the hardware address associated with your network card/device, wired or wireless. You can obtain your network card's MAC address (in Windows) by typing IPCONFIG /ALL. Plug this hexadecimal number into your WLAN router's MAC filter. This will allow your machine and your machine only to access your router's services. If you have additional machines, you'll need to add those too of course. MAC addresses can be spoofed, not to hard for a hacker to do, but not too easy for someone trying to steal your bandwidth like a cheapass neighbor. Use this filter in conjunction with WEP or WPA. If someone wants to crack your encryption AND spoof your MAC, well, let them have it. A smart thing to do would be to change your WEP code periodically.

And keep in mind, WEP or WPA encryption is encrypting the data over the wireless link only. It is not encrypting data passing through your Cable/DSL connection. You'll still need to use common sense when sending sensitive information over the net.

Dammit...Had to edit this post. While typing, two previous posters submitted what I just stated.

Good post.

Also, https isn't really secure if somebody is on your network, but what is.

[larryinlc]

Thanks to all the help I received here, I now have my dsl network up and running smoothly. I have enabled MAC filtering, enabled WPA encryption with a longish pass phrase, and disabled SSID broadcast. I owe everyone here a cigar!

Larry

[Fat Old Sun]

Quote:

Originally Posted by larryinlc

I have enabled MAC filtering, enabled WPA encryption with a longish pass phrase, and disabled SSID broadcast.

Larry

I have mine setup the same way. My connection is actually faster and more stable now because nobody else is using it.

[Mr. White]

Quote:

Originally Posted by HKGuns

You certainly won't notice any difference. Using 64 is like using nothing to someone with evil purposes. If you use 128 you'll be fine. 64 bit wep keys can be cracked in seconds with software readily available on the internet.

Not that it would be a big deal....only sharing your bandwidth. Its not like they would be breaking into your computer or anything. Additionally, you'd probably notice them outside your house after a while. If all you are worried about is your neighbors mistakenly using your bandwidth 64 bit is just peachy.

Actually they can break into your computer. They can also use your bandwidth for illegal purposes, and ultimately you are the person that will have authorities knocking on your door.

However with the amount of wireless connections floating around unsecured, most crackers won't even bother with a secured connection. Here in orlando a news team just did a little news report and they found 160 wireless connections unsecured on a downtown street corner.

Also Mac filtering is a little added bonus, but none of it is 100% secure. Not something to worry about but definitely something you should know.

And if you have the option, don't use the remote administration function on your new wireless router.