I suspect he'll tell you first ...
If you are that worried about it, why not put the Playstation in your DMZ and firewall everything else reaching your LAN? Your kid would get better gameplay that way.
So, you open the doors to anything that wants access to that piece of kit? Then, wonder if any exploits will be launched from *there* into the rest of your network?
Principle of Least Privilege/authority should apply to EVERYTHING. Yeah, that makes it a bit more tedious to do things *right*. And so do the lines on the roadway interfere with "driving wherever you want"!
And Don't forget complexity (two transceivers, RF link, etc..) means Wireless is a lot more complex than a few copper wires. More to go wrong.
That's why I know there's something wrong when people just say they want WiFi for something like a desktop PC, printer, or DVR where wired is nearly always a better choice.
[snip]
Yes, it will. The point of what I posted is that SSID blocking is NOT useless. I didn't say anything about it being better than anything else.
Here, I have (current SSID list):
notstupid1 AlsoNotTheWifiYou'reLookingFor Cisco80710 FBI Surveillance Karma WiFi
I know I'm missing some since this isn'a a dual-band WiFi card.
[snip]
Neighbor's alarm system is wireless. This, of course, makes sense from the standpoint of the folks who want to sell the *service* ("Only $29.95/month -- in perpetuity!") and want to keep the "cost of admission" (installation) low -- soas not to discourage potential suckers ^H^H^H customers; stringing wire to every door and window would quickly eat any profit they might glean in the following *decade*!
OK, so I'm sure (?) the system designers put some effort into dealing with "loss of connectivity" -- i.e., if they don't get a periodic "report" from each node, they probably err on the side that there *might* be a break-in.
[The approach of sitting passively and waiting for a sensor to signal an *exception* is too easily hacked; you want positive confirmation that "all is well" in addition to "exception" reporting]And, I'm sure they figure any "outages" in the normal course of events are few and far between. "Noise" that they can ignore or absorb as part of the cost of doing business...
So, what happens if someone sits out front in their vehicle and jams the band these devices communicate over? (wouldn't be hard to determine) Doesn't enter the property. Just sits nearby and mucks with the operation of the system. Does it report an intrusion attempt? Does it just set a flag for the homeowner ("Check sensors")?
What happens if you do this every day? When does the nuisance factor (assume the police are NOT notified of each of these "alarms", just the homeowner) cause the homeowner to abandon the system? I.e., an adversary has compromised their "investment" without putting himself at risk...
I have a PLC modem that I use, in a pinch, to avoid running a cable from to . Plug the transceivers into the wall socket "here" and "there"; plug the two devices into the two transceivers and, magic! Exploit the power line to connect A to B.
But, I'd never rely on it -- anymore than I'd rely on wireless. (there are lots of limitations) It's not a "closed" system.
I'm averse to anything that doesn't *really* address problems. If it only deals with some of them, then it's a false sense of security; you never know when/if someone "smart" is going to come along and catch you with your pants around your ankles!
My favorite is "Free WiFi".
Really?? (not!)
Time to get busy crafting SWMBO's XMAS card. She didn't appreciate the humor in last year's so I'll have to be a bit more careful! :<
Holly Hapidays!
Some one is connceting to one of your device connected. (192.168.1.5 what is this in your family?) using port 9000. You can trace route the other ip address to see what or who this belongs to. Trace route is a DOS command.
Does this mean I'm better off with the DSL modem that Verizon gave me and my own wireless router
than with the combination modem/router that they've been giving out more recently?
Do I have more security with the first setup?
I have one of the latter too, after a friend's house was hit by nearby lightning, and she thought the router was no good, and they sent her a new one before I got involved, but I think it was only the power adapter, which had an open primary. I was saving it in case my own router broke.
Seems to me, that's a lousy tradeoff.
Seems to me, that's a lousy tradeoff.
It's not privacy. It's just stupidity.
Or ignorance.
The 192.168.1.5 IP address belonged to the Sony Playstation. So, for some reason, the port 9000 was being used.
What does this mean though? Is this correct?
Assuming my static public IP address was 1.2.3.4, does this mean that someone, on the Internet, was going to 1.2.3.4:9000, which, somehow (via magic of upnp?) hit my router and then the router "port forwarded" it to the Sony Playstation at
192.168.1.5 at port 9000?
I've heard the word "DMZ" for years, but I really don't know what it is. So, AFAIK, I don't even *have* a DMZ.
My router is set up like most home routers, which is to say the only thing that is not default is the SSID login/password and admin login/password.
Hiding SSID increases security? Wrong. Not much really. Modem/router combo is always worse than separate router. Put the supplied modem in bridge mode and use your own router. If you can't or ISP won't put in to bridge mode for you , there is another way using DMZ in your modem. I have only DOCIS III cable modem, my router at present is Linksys EA8500 which never went down since I first boot in summer time. Very stable router.
An SSID that's not being broadcast will not disclose your AP when you're not using it.
But, it doesn't buy you much of anything. It's like "being clever" and NOT hiding your spare key under the door mat -- but, instead, hiding it in a FAKE ROCK conspicuously placed BESIDES your door mat!
Or, like locking all the doors to your house but leaving the windows open -- thinking that folks will ONLY check for accessible DOORS...
The DMZ (play on the term "DeMilitarized Zone") is like connecting your device directly to The Internet -- no packet filtering/firewall rules applied to the traffic going to/from the device. Those mechanisms are applied to clients that are NOT in the DMZ.
This is OK for a trusted device. Or, a SACRIFICIAL device (one that you don't care about its integrity). On some routers, you can achieve a tad extra performance (throughput) as there is less scrutiny of the traffic to/from the device).
But, my philosophy is to err on the side of clamping down "too much" rather than "too little" (or, in the case of DMZ, not at all!)
I think we're sort of saying the same thing, but, I don't know if we agree on the broadcast details.
We both agree that telling your ROUTER not to broadcast the SSID is a false security measure.
But, fact is, you *must* broadcast your SSID somehow.
a. So, either the router broadcasts your SSID. b. Or your mobile device broadcasts your SSID.
Here's how I understand it to work:
Now, guess what your cellphone does? HINT: Same thing.
So, guess what happens when you boot your laptop at a starbucks? HINT: Your laptop shouts out "Hey DonY, are you here?"
So, in effect, an SSID that is not being broadcast *by your router* at home, is broadcast *by your laptop* both at home, and at Starbucks.
If I'm wrong - someone will explain where - but that's how I understand it.
a. Either the router broadcasts the SSID, b. Or the device does.
No, it means someone was *trying* to connect to port 9000 on the Playstation. If there isn't anything on the Playstation "listening" on port 9000, the connection will be refused/dropped. Note that the port on the remote device can be anything! It needn't be "9000". Ports are just sort of "circuits" and the device can either use a specific one *or* just use the next one that is CURRENTLY available.
Like when you make a call from your employer; most of the time, the PBX just gives you "an outside line"... you have no idea *which* line it will give you. And, you don't care!
OTOH, you *do* care about which line (telephone number) you *call*!
Essentially, yes. In detail... not so much. :>
The router performs Network Address Translation (NAT). "You" (your entire "house") have a single externally visible IP address assigned by your ISP. (it may be constant or may change from day to day; it also may be a PRIVATE address... one that *I* can't see "from here" because it is hiding behind some other NAT mechanism!)
Each of the machines inside your home have their own IP addresses ASSIGNED BY YOUR ROUTER (the DHCP service running therein). These are called "private addresses" and they are very specific. E.g.,
192.168.xxx.yyy in your case. NOWHERE on The Internet will you find a machine with one of these addresses! Verbotten!Because of this, your machines can talk to each other with these private addresses -- and *my* machines, here, can safely use the exact same addresses without any conflict!
[IP addresses that are VISIBLE on The Internet must be UNIQUE; no two machines can have the same IP address, there! But, there aren't enough addresses to handle all of the potential "connections" to The Internet. So, you put a box (router) between YOUR "internet" and The Internet which allows you to create an isolated address domain -- the addresses on YOUR internet are never seen by anyone outside of your house!]When one of your machines wants to connect to the outside world (e.g., to visit google.com), the NAT software in the router takes the incoming connection from your computer -- let's say it's that playstation at 192.168.1.5 -- and TRANSLATES it to a connection that the *router* originates, using the adddress that your ISP assigned to you (which technically has been assigned to the "out-side" of your router!).
When traffic comes back on that connection *to* the router (because the router is the originating entity, as far as google is concerned), the router massages the message and passes it on to your playstation -- at 192.168.1.5.
At the same time, your PC (using *private* IP address the router has assigned to your PC) can also be trying to connect to google.com -- or anything else! The NAT software plays it's translation game and creates ANOTHER connection from the router to google.com. And, the reply that comes from google gets routed back to the PC, not the playstation.
Every connection is defined by a bunch of numbers: the IP address of the originator, the port number that is being used, the protocol, the IP address of the targeted device and the port on the targeted device. The router keeps track of all of this and magically tricks each party -- the "inside" device and the "outside" device -- to think that they are talking directly to each other WITHOUT it's presence in the middle!
Yes. But, you can often configure a device (laptop) NOT to "shout it out" but, rather, *look* for it. If it doesn't "see" it (because it's not being broadcast), then your device says the network is unavailable.
Once you have a connection established, clever software can snoop on the traffic -- even if it is encrypted -- and "notice" that there are messages being exchanged between two devices using the SSID "DonY".
So, the information is ALWAYS there, just harder to find (but not REALLY hard!)
Correct. If your neighbor was sitting at a table at Starbucks and snooping the messages being broadcast, he would know that he could return to your home and expect to find "DonY" -- even if the SSID was turned off.
If you have a good passphrase *and* good encryption, this doesn't buy him anything. It's like knowing you have an email address at gmail.com (because he saw one of your messages in someone's inbox -- assuming you don't correspond with him!) but not knowing what your password is!
The real risk is that you can leave security off (weak passphrase) and his knowledge of the SSID now lets him get past that (ineffective) hiding of the network name!
Lots of Googling. Practice makes perfection. Port can be open or closed. When you close a port, something may not work because some ports are used ad default for certain things. ip address is just like unique address, port is like a gate. Even if you are knocking on the right address, if gate is not open, you can't get in(or communicate) Sounds like you are just using the router with default settings. Do you use ad blocker, pop up blocker, etc. on your browser or router?You use W10?
Regardless, WiFi sniffing tool can see every thing. Run some thing like Acrylic(freeware) inSSIDer( need paid version to see -AC mode signals),etc. BTW, port 9000 is common default port for CS listener. Device does not, router does. Device is behind router on your intranet(home network) If security is a concern use LAN port(much better), no WiFi. If you don't have enough LAN ports, use switch box(dumb or managed one). Run CAT cables in your house. And move up to UTM class router(stiff learning curve)
A packet sniffer won't be able to see the encrypted traffic (in plaintext form). I.e., good passphrase/key is where you want to make your investment (assuming you're NOT using WEP).
And, as I mentioned elsewhere, you can capture a bunch of packets and email them to a service that will "crack" them and provide you with the key. among others (you get what you pay for)
The log indicates port 9000 on the playstation is being targeted. No idea if there is a process running on the playstation with port
9000 open; I suspect there are no tools on the playstation to expose this level of detail.Exactly. I have at least two "uncommitted" drops in every room (except bathrooms). In several of those rooms, one of the drops will feed a local switch. E.g., I have a 24 port switch servicing the (24!) devices in the office, a 16 port switch servicing the (8) devices in my bedroom, a four port switch servicing the devices in the dining room, etc. They're all tied together with the 72 port switch in the equipment cupboard.
HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.