Wireless security-am I secure?

BLACKPANTHER · 08-07-2009, 06:55 PM

I've been on Sky broadband for a couple of years, but having just bought a laptop, I've gone wireless. I used the Sky set-up C.D, but wasn't asked about any password security. After a bit 'o' researching I came across Sky.com - Sky Help Centre>Product Help and followed the router settings and set up a password. Is this all I need, or should I do anything else? Help very much appreciated.

BTW, why the heck doesn't the Sky set up C.D. mention passwords or have a link to this page? I wonder how many people on wireless have the default password "Sky" (Probably as many as those whoose answerphone password is "0000"). What's the worse case scenario if you don't have a password? Cheers, Carl.

Also, I no longer have the firefox spell checker which had the "ABC" in the toolbar. I'd obviously downloaded it at some point to the desktop, but can't seem to find it again!

gasman · 08-07-2009, 07:51 PM

Depending on your location you might need to add wep/wpa security in the wireless settings. else someone can sit outside your house and surf on your network.

If you have other nearby wireless networks, it is safer to do this as well, as you then know others are using wireless and can just as easily use yours.

Use wpa unless you have to use wep for some reason.

Quote:

Originally Posted by BLACKPANTHER

I've been on Sky broadband for a couple of years, but having just bought a laptop, I've gone wireless. I used the Sky set-up C.D, but wasn't asked about any password security. After a bit 'o' researching I came across Sky.com - Sky Help Centre>Product Help and followed the router settings and set up a password. Is this all I need, or should I do anything else? Help very much appreciated.

BTW, why the heck doesn't the Sky set up C.D. mention passwords or have a link to this page? I wonder how many people on wireless have the default password "Sky" (Probably as many as those whoose answerphone password is "0000"). What's the worse case scenario if you don't have a password? Cheers, Carl.

Also, I no longer have the firefox spell checker which had the "ABC" in the toolbar. I'd obviously downloaded it at some point to the desktop, but can't seem to find it again!

08-07-2009, 10:12 PM

Hi BP... long time no see....

if you use WEP encryption a rogue such as I can hack your network in anywhere from 20 secs to 2 mins... If I am desperate to rob bandwidth for nefarious purposes, and there are no unencrypted networks handy then I might have a hack....

WPA takes from 20mins to 2 hrs to hack... so I'm just gonna move on to a wep network or an unencrypted one.. way too much hassle...

No network is completley secure, but using WPA or WPA2 makes it too much hassle for the casual hacker come bandwidth thief.

bigmax · 08-07-2009, 11:09 PM

I run WPA2-AES, but I'm not very good at explaining it, so I borrowed this...

WPA2-AES is currently the strongest and most secure encryption you can readily get on the consumer level. Realizing the flaws of the previous two protocols, network engineers went back to the drawing board, developing a secure protocol from the ground up. If this is an option, then definitely use it. Another option I sometimes see is WPA2-AES+TKIP — this is for backwards compatibility, mixing support for both WPA-TKIP and WPA2-AES. If you have to support legacy WPA-TKIP hardware, then this is an option; just be aware that you’ll be allowing all the vulnerabilities of WPA-TKIP onto your network. You’ve been warned.

moobli · 09-07-2009, 11:32 AM

just to enforce this point
you can be hacked and piggybacked by an hacker with just a sony psp or a nintendo ds
they dont even need a laptop
get the strongest you can or stay wired

CoguarSpirit · 09-07-2009, 11:59 AM

Quote:

Originally Posted by jonnywombat

Hi BP... long time no see....

if you use WEP encryption a rogue such as I can hack your network in anywhere from 20 secs to 2 mins... If I am desperate to rob bandwidth for nefarious purposes, and there are no unencrypted networks handy then I might have a hack....

WPA takes from 20mins to 2 hrs to hack... so I'm just gonna move on to a wep network or an unencrypted one.. way too much hassle...

No network is completley secure, but using WPA or WPA2 makes it too much hassle for the casual hacker come bandwidth thief.

WPA in 2 hours? What are you using for that? Last time I looked (this was a year or so ago), wpa was still fairly unbreakable on a standard system in anything less than several days.

ooh, BT4's just released... aah, haxorz

FireFox spell checkers - https://addons.mozilla.org/en-US/fir...hecker&cat=all

09-07-2009, 02:52 PM

Quote:

Originally Posted by CoguarSpirit

WPA in 2 hours? What are you using for that? Last time I looked (this was a year or so ago), wpa was still fairly unbreakable on a standard system in anything less than several days.

ooh, BT4's just released... aah, haxorz

FireFox spell checkers - https://addons.mozilla.org/en-US/fir...hecker&cat=all

Whilst I'm not going to give exact details here... you can google aircrack if your interested...

I was assuming an active connection with assciated clients, so there are plenty of packets to inspect. If there is no client using the connection then one can still inject packets to speed up the process but you are looking at nearer a day or so to break WPA. Like I said far too much like hassle for a casual user.

Might have a look at backtrack tho... not used that at it seems interesting, thanks.

CoguarSpirit · 11-07-2009, 10:23 PM

In answer to your question BLACKPANTHER, and as I've just set up wireless here, the best encryption method to use is WPA-TKIP, though any WPA encryption your router and clients support is better than WEP.

<geek> wep encryption can be broken in literally 30seconds with a few command lines. WPA encryption requires brute force with the use of a list of words or dictionary. This not only takes a long time (days of processing), but also relies on your password being in a word-list. A password with small-case, upper-case, numbers and symbols is pretty much secure.</geek>

gasman · 12-07-2009, 11:25 AM

This is assuming that someone is interested in your network in the first place.?

I have about 5 wireless networks in my cul-de-sac, obviously mine has the strongest signal for me, but even if next door had a stronger signal, I have no interest in surfing on his network or even seeing what is on there.

A few years back some Spanish idiot tried hacking into my computer. Plenty try and I just accept it, but this guy just got me teed off at that time, so I turned the tables on him. Now normally these hackers are well protected themselves, but this guy left himself open slightly so I took advantage of that and took a huge word document on his computer, copied the first half that was in Spanish, translated it to German and pasted it back in its place. Then just saved the document back to his hard disk.

I would have loved to have seen his face when he next opened that document.

FWIW I run WEP as my Omnifi music streamers need it to stream music around the house.

Quote:

Originally Posted by CoguarSpirit

In answer to your question BLACKPANTHER, and as I've just set up wireless here, the best encryption method to use is WPA-TKIP, though any WPA encryption your router and clients support is better than WEP.

<geek> wep encryption can be broken in literally 30seconds with a few command lines. WPA encryption requires brute force with the use of a list of words or dictionary. This not only takes a long time (days of processing), but also relies on your password being in a word-list. A password with small-case, upper-case, numbers and symbols is pretty much secure.</geek>