Discussion: Wireless network - To secure or not
-
Saw a column on Digital Life today about sharing your wireless network with other users.
What do you think?
Me thinks the answer lies in what you want to protect. The focus is on data protection. Data lies in your computer, thus the logic to secure your computer, rather than your network.
If we look at Wireless@SG... the network is open. Is anything worth there? Or is targetting users who use Wireless@SG more attractive?
Rules aside... a black mark is always a black mark (my opinion). If some funny user decides to try another bomb hoax stunt and I'm arrested, I won't feel good. Not even if my name is cleared.
How do you feel if someone have been downloading lots of stuffs via P2P and the police knocks on your door one day for illegal downloads? I have no P2P programs, so nothing to worry. But what if you have P2P progams? How are you going to explain your files (save for the legal ones)?
How would someone think of you? How are you going fill in job application forms?
Article:
Ask any home user "Why lock your Wi-Fi?" and the answer will inevitably be to keep out the crooks.
The most conventional method - possibly the only way the masses know - is to use a password.
A media frenzy following Singapore's first Wi-Fi theft conviction in January last year and a second conviction a month later could have caused the knee-jerk reaction among Wi-Fi owners here.
The first case involved a video game addict and the second, a bomb hoax.
But it's time to throw out the password and go open - with your Wi-Fi, that is.
Bizarre as the idea may sound, you're not any safer behind those passwords than you are without them.
Do you really criminals bent on stealing your identity will be thwarted by flimsy passwords? A simple programming script is all it takes to crack them.
What's incredulous is that it's the people using the default usernames and passwords of their routers who are congratulating themselves for locking out bandwidth thieves.
Little do they know that the default settings of wireless routers or access points are openly available on the Web. Anyone keen to break in can simply look them up. Such passwords offer no protection at all.
The number of networks retaining their default names is also jaw-dropping. The many generic names like "wireless", "netgear" and "linksys" only go to show how little people know about security.
Still, Wi-Fi owners think they're safe.
Well, they could be right - they are safe. Safe from the harmless passer-by who needs just a few minutes of access to check his e-mail or find directions from online maps. Safe from the neighbour's kid who struggles with school work on a hand-me-down computer. The malicious hacker who steals credit card information isn't going to be put off by a mere password. So is the paedophile who exploits the anonymity offered by wireless signals to commit a raft of crimes.
There are more effective ways to deter criminals. The answer doesn't lie in passwords but in firewall and encryption programs. Firewall logs show you the Internet protocol addresses of intruders. Encrypted data is hard to make out without the software to decode them.
If people secure their PCs - with encryption, anti-virus and firewall tools - for instance - they shouldn't be too worried about their networks.
This is renowned security guru Bruce Schneier's rationale for running an open Wi-Fi at his home in Britain.
"If I configure my computer to be secure regardless of whether the network is on, then it (securing my Wi-Fi) simply doesn't matter," he wrote in a column in Wired magazine earlier this year.
"If my computer isn't secure on a public network, securing my own network isn't going to reduce my risk very much," wrote the chief technology officer of BT Counterpane and author of Beyond Fear: Thinking Sensibly About Security In An Unsecure World.
More importantly, he likens giving free Wi-Fi to offering them a hot cup of tea. "Similarly, I appreciate an open network when I am otherwise without bandwidth... Pay it forward, I say."
What do you say?
-
Must secure.
-
Originally posted by Beautiful951:
Must secure.
I will ask the same question - Why?
Forget. And secure what?
-
Originally posted by ndmmxiaomayi:
I will ask the same question - Why?
Forget. And secure what?
So that you will be safe.
-
Originally posted by Beautiful951:
So that you will be safe.
Safe in what sense? What things are safe?
Physically?
Psychologically?
-
If everyone unlock their wifi, wouldn't there be free wifi throughout SG?
Thats fugging cool when you need internet....but its all down to trust as in whether what the person is doing with your wifi.
-
Originally posted by ndmmxiaomayi:
Safe in what sense? What things are safe?
Physically?
Psychologically?
both
-
This makes good sense.
The question is simple.
Do you trust the piggybackers on your Wifi?
-
lol.. thats funny... ndmm tok so much... but your reply was jus simply must secure.. haha...
anyway i juz saw the article too.. i think securing pc or wifi makes no difference... who noes wad might happen... technology now is kinda developed... if ppl can think of ways to hack the password... very soon ppl will also tink of ways to hack into ur computer, no matter u use firewall or wadever shit... agree? and all these are thanks to those hackers, who make the technology keep on gg and gg, making ppl suffer (losing data, spending money), and making manufacturers to keep coming up ideas to securing their data.. and normally the first person has to be hacked thru, den ppl will know tt now even securing ur pc is no use... by the time the whole world knew about this, thousands or millions had it already... so if ppl are so worrying about these, lets juz stay away from internet and computers... lets live back to the oldies... where ppl know nuts about electricity.
-
Damn good article.
Its true how a hacker can invest days just to crack another person's wifi if he wants to obtain high value information. WEP security is insufficient deterrence, and WPA simply just needs more time.
Then again, some security is better than no security. There are few people who have specialised knowledge on cracking wifi. Therefore, the simple WEP goes a long way to preventing some random passer by from hooking up and leeching your wifi. Or worse, release a virus into your network.
Proper document security needs discipline and will incur extra hassle. For example, one would have to examine the confidentiality of his document and may decide to place it in a secured directory on his hard drive, encrypted by something like bitlocker or toucan.
Higher confidentiality documents are best encrypted and then stored permanently on a writeable cd, ready to be destroyed if necessary.
In otherwords, anything that you have on your computer, that is important, at least ensure that its encrypted and proper security permissions set.
-
That is why i buy the server with many many lan ports
i never on my wifi i have 2 comp 2 laptops at home, the longest lan cables i have is 100 meter, to connect for living room into room
actually i have wifi lar, but no matter what wep i put also cannot work, even i put my own custom one also cannot work
-
That is why i buy the server with many many lan ports
You need a switch.
WEP is easily cracked because of the way it works...
http://www.wi-fiplanet.com/tutorials/article.php/1368661
http://www.networkworld.com/details/715.html
This tool cracks WEP based on its weakness...
http://www.warezgarden.com/2007/09/01/live-cd-for-wireless-hacking/
-
Originally posted by MyPillowTalks:
That is why i buy the server with many many lan ports
i never on my wifi i have 2 comp 2 laptops at home, the longest lan cables i have is 100 meter, to connect for living room into room
actually i have wifi lar, but no matter what wep i put also cannot work, even i put my own custom one also cannot work
U have no WIFI.
-
I do mac and WEP filtering.
I do not broadcast my SSID. I dont think any hacker will sian enough to locate and hack, cuz ur network have nothing special... for home users
-
LOL... it's a widely made mistake.
Hide SSID = just can't be seen by casual users.
Technically, it's not hidden.
If it is, how can you connect to a network?
You sure you have nothing special? Your email passwords not worth protecting?
-
I secure with mac filtering only. Just make sure you change your wireless modem's login and password.
That's good enough for me.
-
That's good enough for most people.
-
Mac filtering.
Still there are ways, but it is more secure than wep + i can fool that desperate person trying to login to my "unsecured" wifi.
-
i remember there is a script which u can add into the dhcp or hdcp or wad
u can reverse eveything the user sees
and i am looking at the link mayi posted
-
The answer to this is to use WPA (if possible WPA2) instead of WEP. WPA encryption is considered fully secured. However like virtually all security modalities, the weakness comes down to the passphrase. A determined hacker can break into your network if your WPA passphrase is weak. The longer the passphrase and the more random it is, the better. Just jot it down somewhere if you think you might forget about it.
Using mac filtering alone is useless, in fact using it or not doesn't matter, MAC address can be easily spoofed. Of course, it does keep those newbies out of your network.
Likewise disabling broadcasting of SSID, like MAC address filtering, is only able to keep your average joe away from your network.
Not securing your wireless network is a bad idea. Why?
Firstly, you surely wouldn't want people to use packet sniffer (this kind of software can be easily downloaded from the net) to start sniffing on what porn site you are watching or your sensitive data (password/credit card number) you are sending across the net.
Secondly, you wouldn't want your network to be misused by unauthorised people (e.g. using your network to launch an attack/bittorrent illegal stuff). Yes, you may say its not you who did it, but its you who get into unnecessary trouble in solving/clarifying issues.
Thirdly, surely you are not that kind-hearted to share your internet bandwidth with someone who does not pay a part of your internet bill.
Lastly, Man-in-the-Middle attack. Attackers make use of this exploit by de-authenticates your computer and then masquerades as the your access point/router you was connected to before. The new AP/router then proxies the entire client's traffic through the attacker's computer, reading everything you sends and receives—including secure web pages.
There are much more to it but I'm not gonna trouble myself by listing it out.
Yes, you may say 'Hey, I can't be that unlucky' but who knows, your neighbour might be a pro hacker for all you know.
So you think securing your PC is enough? Think again.
-
Originally posted by MyPillowTalks:
i remember there is a script which u can add into the dhcp or hdcp or wad
u can reverse eveything the user sees
and i am looking at the link mayi posted
http://www.ex-parrot.com/~pete/upside-down-ternet.html
If you got Linux, it's fun.
-
Originally posted by furb:
The answer to this is to use WPA (if possible WPA2) instead of WEP. WPA encryption is considered fully secured. However like virtually all security modalities, the weakness comes down to the passphrase. A determined hacker can break into your network if your WPA passphrase is weak. The longer the passphrase and the more random it is, the better. Just jot it down somewhere if you think you might forget about it.
Using mac filtering alone is useless, in fact using it or not doesn't matter, MAC address can be easily spoofed. Of course, it does keep those newbies out of your network.
Likewise disabling broadcasting of SSID, like MAC address filtering, is only able to keep your average joe away from your network.
Not securing your wireless network is a bad idea. Why?
Firstly, you surely wouldn't want people to use packet sniffer (this kind of software can be easily downloaded from the net) to start sniffing on what porn site you are watching or your sensitive data (password/credit card number) you are sending across the net.
Secondly, you wouldn't want your network to be misused by unauthorised people (e.g. using your network to launch an attack/bittorrent illegal stuff). Yes, you may say its not you who did it, but its you who get into unnecessary trouble in solving/clarifying issues.
Thirdly, surely you are not that kind-hearted to share your internet bandwidth with someone who does not pay a part of your internet bill.
Lastly, Man-in-the-Middle attack. Attackers make use of this exploit by de-authenticates your computer and then masquerades as the your access point/router you was connected to before. The new AP/router then proxies the entire client's traffic through the attacker's computer, reading everything you sends and receives—including secure web pages.
There are much more to it but I'm not gonna trouble myself by listing it out.
Yes, you may say 'Hey, I can't be that unlucky' but who knows, your neighbour might be a pro hacker for all you know.
So you think securing your PC is enough? Think again.
When you think about it, securing your wifi isn't gonna stop a hacker from attacking you. It frustrates him, but it won't stop him.
As for the wireless man-in-the middle attack, can't really be helped if someone really really really wants to see what you are surfing. I saw some devices masquerading as Wireless@SG before... bastards!
-
Well... I think it boils down what you want to protect. If you've got no data to protect (like in operating Wireless@SG), why would you want to protect it?
If something is yours, would you protect it? Or would you more than likely to protect something that's not yours?
-
the idea is to protect your computer not your wireless access
-
I use WEP so that my wii and nds can connect to nintendo wifi.. :( they don't support WPA.. so sad right..