Router Wireless Security

I have a standard wireless router. The wireless part is used for a device
connected to the TV. I made the password moderately strong because the
neighborhood is middle class, meaning everyone has internet access if they
want it. However, someone did crack the password and did 'who knows what'
with my bandwidth.

.... and that is the problem with wireless routers. Someone can run a
password cracking program 24 hours a day without issue. With my bank
website, for example, you get three tries to log in and then the your IP is
permanently banned.

So, with a 20 character password, it may take a million years to crack it,
but is there anything else one can do to protect a wireless network?

"geoff" wrote in message
m...
I have a standard wireless router. The wireless part is used for a device
connected to the TV. I made the password moderately strong because the
neighborhood is middle class, meaning everyone has internet access if they
want it. However, someone did crack the password and did 'who knows what'
with my bandwidth.

... and that is the problem with wireless routers. Someone can run a
password cracking program 24 hours a day without issue. With my bank
website, for example, you get three tries to log in and then the your IP
is permanently banned.

So, with a 20 character password, it may take a million years to crack it,
but is there anything else one can do to protect a wireless network?


Here are a few tips, and links to some other good reading:
http://compnetworking.about.com/od/wirelesssecurity/tp/wifisecurity.htm

This is a good subject, and can involve hours of study, and you still won't
prevent someone who *REALLY* wants in from doing so. There are a number of
(more expensive) routers that have increased security, more so than the
average run-of-the-mill Best Buy or Staples ones. But I would start with the
link I provided before forking out the big bucks :-)
--
SC Tom

On 10 Feb 2013, "geoff" wrote in
alt.comp.hardware.pc-homebuilt:

I have a standard wireless router. The wireless part is used for
a device connected to the TV. I made the password moderately
strong because the neighborhood is middle class, meaning everyone
has internet access if they want it. However, someone did crack
the password and did 'who knows what' with my bandwidth.

Is that the only device that uses the wireless? If so, tell the router
to only accept connections from that one MAC address.

"geoff" wrote in message
m...
I have a standard wireless router. The wireless part is used for a device
connected to the TV. I made the password moderately strong because the
neighborhood is middle class, meaning everyone has internet access if they
want it. However, someone did crack the password and did 'who knows what'
with my bandwidth.

... and that is the problem with wireless routers. Someone can run a
password cracking program 24 hours a day without issue. With my bank
website, for example, you get three tries to log in and then the your IP
is permanently banned.

So, with a 20 character password, it may take a million years to crack it,
but is there anything else one can do to protect a wireless network?


use a cable connection - a Home Plug thing.

On 2/10/2013 10:32 PM, Nil wrote:
On 10 Feb 2013, "geoff" wrote in
alt.comp.hardware.pc-homebuilt:

I have a standard wireless router. The wireless part is used for
a device connected to the TV. I made the password moderately
strong because the neighborhood is middle class, meaning everyone
has internet access if they want it. However, someone did crack
the password and did 'who knows what' with my bandwidth.

Is that the only device that uses the wireless? If so, tell the router
to only accept connections from that one MAC address.


Good advice, I filter MAC addresses on the whole network and nobody can
plugin and gain access even on the hard wired network. If the OP would
post the model and manufacturer of his router, me or any other person
with networking experience could tell him how to lock it down. ^_^

TDD

On Feb 10, 11:32*pm, Nil wrote:
Is that the only device that uses the wireless? If so, tell the router
to only accept connections from that one MAC address.

I hope you realize how bad MAC address filtering is.

The MAC address is broadcasted in the clear. I want to repeat that for
emphasis: the MAC address is broadcasted in the clear, in completely
readable, unencrypted, plain text. Because that is *required* for the
most basic, lowest level of ethernet communication, which all wireless
protocols sit on top of.

Thus, breaking MAC address filtering is as simple as sniffing the
wireless communications for a few seconds, copying the MAC address,
and assigning it to your wireless card. Did you know that the majority
of wireless cards can change their MAC address?

On Feb 10, 9:35 pm, "geoff" wrote:
However, someone did crack the password and did 'who knows what'
with my bandwidth.

However, to respond to the original question, only WEP security is
easily crackable. If you were using WPA2 for your wifi security
protocol, I serious doubt that anyone cracked that (note that WPA2 has
been available since 2004).

If your bandwidth really being used up, as confirmed by your ISP, your
hard wired lines would also suffer from bandwidth problems, not just
your wifi devices.

What most likely is happening is that only your wifi links have slowed
down. And the culprit is your neighbors using their own wifi routers,
causing radio interference with your wifi router, because wifi is just
a radio, under the covers.

In about 3 years, I went from having 1 neighbor with a wifi router to
10 neighbors with wifi routers, with my bandwidth going down in the
process. I'm sure the same thing happened to you. The smartphone and
tablet revolution was the tipping point in my neighborhood.

The best way to restore your original wifi bandwidth is to get newer
routers, that use newer protocols, which are designed to fight radio
interference problems of the older protocols. For example, when
802.11b became popular, you had to upgrade to 802.11g in order to get
your bandwidth back. Once 802.11g got cheap, and everyone migrated to
it, you had to upgrade to 802.11n. Currently, it means you have to
upgrade to 802.11ac.

I find that I have to run 2 wifi networks in my house, one with the
older protocol, one with the newer protocol, slowly migrating devices
from one to the other, as it's too expensive to do it all at once (and
mixing protocols causes your newer router to slow down).
--
// T.Hsu

On 2/11/2013 12:05 PM, Ting Hsu wrote:
On Feb 10, 11:32 pm, Nil wrote:
Is that the only device that uses the wireless? If so, tell the router
to only accept connections from that one MAC address.

I hope you realize how bad MAC address filtering is.

The MAC address is broadcasted in the clear. I want to repeat that for
emphasis: the MAC address is broadcasted in the clear, in completely
readable, unencrypted, plain text. Because that is *required* for the
most basic, lowest level of ethernet communication, which all wireless
protocols sit on top of.

Thus, breaking MAC address filtering is as simple as sniffing the
wireless communications for a few seconds, copying the MAC address,
and assigning it to your wireless card. Did you know that the majority
of wireless cards can change their MAC address?

On Feb 10, 9:35 pm, "geoff" wrote:
However, someone did crack the password and did 'who knows what'
with my bandwidth.

However, to respond to the original question, only WEP security is
easily crackable. If you were using WPA2 for your wifi security
protocol, I serious doubt that anyone cracked that (note that WPA2 has
been available since 2004).

If your bandwidth really being used up, as confirmed by your ISP, your
hard wired lines would also suffer from bandwidth problems, not just
your wifi devices.

What most likely is happening is that only your wifi links have slowed
down. And the culprit is your neighbors using their own wifi routers,
causing radio interference with your wifi router, because wifi is just
a radio, under the covers.

In about 3 years, I went from having 1 neighbor with a wifi router to
10 neighbors with wifi routers, with my bandwidth going down in the
process. I'm sure the same thing happened to you. The smartphone and
tablet revolution was the tipping point in my neighborhood.

The best way to restore your original wifi bandwidth is to get newer
routers, that use newer protocols, which are designed to fight radio
interference problems of the older protocols. For example, when
802.11b became popular, you had to upgrade to 802.11g in order to get
your bandwidth back. Once 802.11g got cheap, and everyone migrated to
it, you had to upgrade to 802.11n. Currently, it means you have to
upgrade to 802.11ac.

I find that I have to run 2 wifi networks in my house, one with the
older protocol, one with the newer protocol, slowly migrating devices
from one to the other, as it's too expensive to do it all at once (and
mixing protocols causes your newer router to slow down).
--
// T.Hsu


So anyone could perform MAC address cloning and gain access to your
network? O_o

TDD

Here is the router I'm using:
http://www.monoprice.com/products/pr...seq=1&format=2

.... others have said it is similar to a WinStar router. The wireless
configuration page does have MAC address filtering, but that may not help
since other routers I've owned do have a 'clone MAC address' function.

'... only WEP security is easily crackable. If you were using WPA2 ...'
Your speaking of data confidentiality, I'm talking about someone cracking my
wireless password. The reason I know someone was using my router is because
it has a 'Wireless status page', and on that page is an item 'Associated
Clients'. The number of associated clients has always been '1', the device
on my TV. I checked this status page after noticing a slowdown, and the
associated clients was '2'.

On 2/11/2013 12:32 PM, geoff wrote:
Here is the router I'm using:
http://www.monoprice.com/products/pr...seq=1&format=2


... others have said it is similar to a WinStar router. The wireless
configuration page does have MAC address filtering, but that may not
help since other routers I've owned do have a 'clone MAC address' function.

'... only WEP security is easily crackable. If you were using WPA2 ...'
Your speaking of data confidentiality, I'm talking about someone
cracking my wireless password. The reason I know someone was using my
router is because it has a 'Wireless status page', and on that page is
an item 'Associated Clients'. The number of associated clients has
always been '1', the device on my TV. I checked this status page after
noticing a slowdown, and the associated clients was '2'.



I've blocked MAC addresses in my wireless router configuration when I
would catch them. I gave the kid across the street the password to my
router because he needed to download something but the little critter
gave the password out to his pals so I just blocked any MAC I didn't
recognize. ^_^

TDD

On Mon, 11 Feb 2013 15:24:14 -0600, The Daring Dufas
wrote:

On 2/11/2013 12:32 PM, geoff wrote:
Here is the router I'm using:
http://www.monoprice.com/products/pr...seq=1&format=2


... others have said it is similar to a WinStar router. The wireless
configuration page does have MAC address filtering, but that may not
help since other routers I've owned do have a 'clone MAC address' function.

'... only WEP security is easily crackable. If you were using WPA2 ...'
Your speaking of data confidentiality, I'm talking about someone
cracking my wireless password. The reason I know someone was using my
router is because it has a 'Wireless status page', and on that page is
an item 'Associated Clients'. The number of associated clients has
always been '1', the device on my TV. I checked this status page after
noticing a slowdown, and the associated clients was '2'.



I've blocked MAC addresses in my wireless router configuration when I
would catch them. I gave the kid across the street the password to my
router because he needed to download something but the little critter
gave the password out to his pals so I just blocked any MAC I didn't
recognize. ^_^

TDD

You simply need to change your password.