I'm currently writing a paper for my Master's degree in Computer Science
on this exact topic -- or actually, wireless intrusion detection and
Both WEP and WPA are now pretty secure. If your router is newer, there
are no problems with either, but WPA is definitely the way to go. At
any rate, many routers don't support this.
If your router is one of the older ones, it will send out some packets
with "weak keys". What this really means for you is if I had my laptop
with my 10 dB antenna, I could crack the WEP key from close to one
quarter of a mile away with line of site access to your home and be
using your network in under 10 minutes. People do this all the time. If
you want proof, check out http://www.wigle.net/gps/gps/Map/
to your area of the world. Your access point could very well be on the map!
I would do a couple of things if you can't use WPA. I would probably
enable MAC filtering. I would also get rid of the DHCP server feature
of your router and stick with static IP addresses for all your wireless
devices. Sort of a pain, but better safe than sorry. I would also be
sure to change your router's administrator password. You'd be surprised
how many people have Linksys routers with the password of "admin" -- the
default. Following these steps would really reduce the amount of
problems and would probably be secure enough for 95% of Americans.
Plus, if you live in a remote area or there are not many people around
with wireless routers, that's a big plus too. The final thing I would
do is to disable the broadcast of your ESSID. This way, you aren't
sending out data to anyone listening!
If you want some references or more information, feel free to e-mail me
off list at mwood_bgt <at> frontiernet <dot> net.
Also, for those curious, I am currently running a Linksys router with a
Linux firmware to completely do away with the stock router software.
Don't try this at home if you aren't a Linux person.
And with regards to the MS vs. Mac debate, do away with all commercial
software and run Linux! Much more powerful and much cheaper.
> Definitely turn on MAC addressing as well. WEP is Ok. WPA is better. My
> router only allows wep, and I don't ever change my key, but I do check
> the logs every now and then just to make sure no one is getting on.
> On Fri, 2006-03-24 at 16:12 +0800, Andrew Priest wrote:
>>Now that I have moved, I have gone wireless .... I have set up the
>>wireless with WEP security. Would this be sufficient or should I go
>>with something else and/or a MAC number as well?
> Yahoo! Groups Links