Help setting up a wireless network (please!)

Quite so. Non-obvious IP address, IP filtering, MAC filtering... ISTM that those are the speed bumps of the wireless security world. They slow people down a fraction but keep no-one out.

MAC filtering will be quite hard to spoof.

But the real point is that there are DOZENS of WAPs around completely open with almost no encryption advertising themselves.

My frind has three where he lives in suburban essex. I found four when I set up an office network.

Here, I cant get a signal from my own unit in the house when sitting on the garden.. Must be the metal lath the house is rendered over ;-(

That's not my impression. I just Googled up this video...

's is from the days of WEP. I suspect that moving on to WPA doesn't change anything that's said there - does anyone know?

In any event, put this sort of information on the web together with the teenager next door and you'll see why securing your network is important.

Oh it can be done, but you need a wifi device that supports it, and some knowledge..

Why bother when the next network along is not so hard?

I would guess that MAC addresses are no encrypted, only the data.

However WPA is pretty secure.

The real issue is whether or not you are sending info so senaitive and incriminating that someone will spend days trying to crack your network, or whether its just a case of a line of cars in the street and a chav trying every one till he finds one that isn't locked.

MAC address filtering is trivial to bypass as is SSID hiding.

This tends to be true of older routers and access points that shipped with "no security" as the default. Its increasingly common for routers to be shipped with security settings enables - particularly those that are supplied by ISPs

BW

Capture a couple of frames, read MAC, go to windows properties, change the MAC address, job done. Even easier on linux.

I would like you name one that doesn't support it.

To see what you are hiding.

Yes it takes a few minutes/hours, rather than seconds/minutes for WEP.

It is no longer days if you know what you are doing.

>

If you are that paranoid, use wired only.

I don't like wireless ..its flay, its vulnerable and it dosn't cope well with bits of metal

My house is largely cat5 wired everywhere.

But you use it enough to advise on its security?

I have been required to install it, thats all. Which means I have to learn enough to know something at least.

Well in that case..

Things that don't add significant security to a wireless network and really just show the administrator doesn't know much about wireless lans..

MAC address restrictions. fixed IP addressing. obscure IP address ranges.

Things that might slow down the unaware..

WEP

Things that will slow most down..

WPA

Things that will really upset a hacker..

IPSEC (or similar) tunnels over WPA and a firewall/tunnel server between the wireless and the real address.

Agreed.

Same here. But I also have handheld PCs which use wireless. I'm relaxed about that because they're isolated from the wired stuff by a NAT router. Oh, and our neighbours are all well out of range. :-)

I like wireless - it's reliable enough, secure enough, and lets people access the internet without having wires dangling all over the living room.

When I still used a desktop, I'd have gone for that solution. Now my computers are portable, my connectivity needs to be too.

If I have friends or relatives visiting, I let them use my wireless internet access, and vice-versa. This works well.

I know. They don't do a lot. MAC does a little more, because the caller cant just get in on any old numbers.

Yes. I agree.

Yes, but heck, this is DOMESTIC crap FFS.

Another good one is disable wireless on the router except when you are using it..

I let them plug into a cat5 on the wall. Because realistically, with foil covered plasterboard and chicken wire on the outer walls, my WIFI range is about 12 feet.

I must get something stuck on a chimney for garden use..

See aforementioned wires dangling all over the place. But I don't have foil everywhere.

The record for 802.11b, unamplified but with serious antennas stands at around 125 miles with a clear line of sight.

improvements over "normal" installations can be had just by using a high gain directional antenna (£30-£40 and readily available) on one end of the connection only.

Or you could just use something like this...

how far away did you say your neighbours were again... :)

BW

Yes for point to point working that is a good idea, but it doesn't do much for wi-fi around your back yard!....