Main Area and Open Discussion > Living Room
Do you guys have any experience with routers? because i have some questions
4wd:
I don't hide my SSID, though I keep meaning to do it. DO note, however, that the pundits do not consider this worth the time or the effort, either.-Darwin (January 09, 2009, 05:00 PM)
--- End quote ---
Interesting people these "pundits".
Hiding the SSID is usually nothing more than ticking a checkbox in your routers' config - so it can't hurt to do something that simple.
If anything, it will stop someone just turning on their laptop and clicking on 'DarwinNet' to connect :)
If given a choice between loading up software to do a scan for WiFi or clicking on 'EhtyarNet', (because 'DarwinNet' is invisible), to connect....what would you do ? >:D
Zyxel routers are good for other things too...........like wardriving :)
Here's a couple of interesting papers on the Zyxel P660HW-T1:
Hacking Zyxel Gateways
ZyXEL Gateways Vulnerability Research (Part 2)
Only compelling reason to keep someone from stealing your bandwidth is that in some US states what someone does with YOUR bandwidth is your responsibility ie the onus is on you to secure your network.-Darwin (January 09, 2009, 07:16 PM)
--- End quote ---
I'd agree with that if WiFi routers were sold with secure settings in place from the beginning and it was your fault that you disabled them....but they're not.
Do they really expect Mr/Mrs Joe Public, (who only wants the convenience of being able to browse a website from their laptop while floating on an inflatable horse in the middle of their pool), to go into the config of a router and configure it for secure WiFi when a lot of people have enough trouble just getting the damn printer to work ?
But then if the router was sold with WiFi secured you'd have a lot of calls to tech-support, store returns, etc, etc because they just want to take it home, plug it in, turn it on and click the button that says 'Connect'.........only it wouldn't.
What they need, (and Zyxel implemented this in their WiFi adapters - OTIST, One-Touch Intelligent Security Technology), is a way to secure the WiFi by doing the same as they do for wireless keyboards and mice, (I'm talking w.r.t. home based WiFi not public area WiFi).
eg. Plug in the main WiFi station/router and then push a button, (hardware or software), and then for each client push a button in their hardware/software within a fixed time period, (say 30 seconds), of the initial router initiation. Then through a unique device ID each device becomes known to that router and so has access, other WiFi clients are ignored or can be given ad-hoc access on a time limited temporary basis.
f0dder:
I'm not sure hiding the SSID is a good idea - it might make your network more interesting to hackers? "Ah, here's somebody who knows how to turn that off, they must have something interesting to hide". Especially if combined with weak protection like WEP or WPA-1. Same goes for MAC filtering.
Btw, what's the timeframe for cracking WPA-2? I thought that even with the latest GPU stuff, we were talking at least months with a decent passphrase?
4wd:
I'm not sure hiding the SSID is a good idea - it might make your network more interesting to hackers? "Ah, here's somebody who knows how to turn that off, they must have something interesting to hide". Especially if combined with weak protection like WEP or WPA-1. Same goes for MAC filtering.-f0dder (January 09, 2009, 11:41 PM)
--- End quote ---
Interesting to hackers, maybe...but mainly to keep Joe Public from arbitrarily logging on and knocking off a bit of your bandwidth.
Btw, what's the timeframe for cracking WPA-2? I thought that even with the latest GPU stuff, we were talking at least months with a decent passphrase?
--- End quote ---
The problem is very few people use decent passphrases and I doubt whether the majority of people who are knowledgeable enough to turn on any form of WiFi security protocol bother to use decent passphrases.
And once set, how many people actually bother to change it occasionally ?
So if a hacker wants to get in he probably has a very large time frame within which he can try and achieve it.
Here the Pyrit guys talk a bit more about it, giving an example time frame based on a 2006 NIST whitepaper.
All-in-all, I think the following is the best solution for people who want to steal your bandwidth - it'll probably annoy them enough to go elsewhere.
My neighbours are stealing my wireless internet access.
Darwin:
The issue with SSID (where the pundits are concerned) is that it is perceived to be a waste of time - anyone who wants onto your network is going to get onto your network, hidden SSID or not. I think the caveat they are trying to make is that one shouldn't get a false sense of security as a result of enacting these measures.
I take the general attitude that these measures may well be a waste of time, but it doesn't cost me anything to put them in place! I haven't enabled a hidden SSID because I haven't had time to explore the ramifications of doing so for hardware connected to my network.
Paul Keith:
Thanks for making this thread. I am having this dilemma too.
I'm still paranoid about it. Still haven't touched the damn router because of this. The whole "it's not worth it" security vs. "extra layers for the better" security sides further makes the issue confusing.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version