Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

A few basic security questions

Options
  • 17-04-2010 3:26pm
    #1
    Fanny Cradock
    Registered Users Posts: 10,245 ✭✭✭✭


    Yesterday I set up a Netgear Wireless G router and I'm wondering if I have all the proper security features enabled. Thoughts would be appreciated.


    What I have do so far is the following:

    1) Password for router access enabled (WPA-PSK [TKIP] + WPA2-PSK [AES])
    2) Password for network access enabled (both have fairly obscure passwords)
    3) SSID Broadcast disabled (just realised that my wireless devices can't pick up the network so I will probably have to turn this back on)

    Bar an occasional change, there are only 3 devices that will use the network:

    1) My desktop which is using the router as a physical conjugate between it and the modem (it's not wireless enabled in other words, so I'm not sure if this counts.)
    2) Laptop
    3) iTouch

    Is there any way of selecting allowed devices? I was thinking the "Address Reservation" option in LAN setup might be what I'm looking for? Or maybe "Wireless Card Access List"? Perhaps it's unnecessary?

    Finally, and just to put my mind at rest, while I was setting up the network yesterday it was probably unguarded for an hour or so. I assume that when I reset the password etc (I also switched the router and modem off last night) anyone who might have been able to access it can no longer.


Comments

  • Options
    #2
    nin2010
    Registered Users Posts: 111 ✭✭nin2010


    If you have an 8 digit password mixed capitalisation letters and numbers with WPA2/AES then it should take a hacker around 18 years to bruteforce it with an average pc. You should probably disable the WPA option though if that allows somebody to connect with either WPA or WPA2 as new hacking methods to break WPA are coming out now.

    Setting up a radius server on the AP would be the optimal setup but overkill for home networks.

    The only quick way for a hacker to break WPA2 is if you use a word for your password which can be broken with a dictionary wordlist attack. Restricting connections by mac address is unnecessary as a hacker can see a list of clients connected to an AP and easily clone your mac address to bypass it.

    I'd recommend you change the default password on your router for the gui if you haven't done already, also there's an option on some routers to disable the web gui admin page from being accessible over wireless so you can restrict it to being viewable only when you plug an ethernet cable into the router.


Advertisement