setting up wireless in apartment (security questions)

[RancidWAnnaRIot]

Hello,

So here's the deal

I just moved to a new apartment, I'm gonna go wireless..

here's what i plan to do, then my questions will follow

i bought a linksys cable gateway. It's a cable modem, a wireless router, and a wired router.

I plan to use these 3 functions

of course my cable line is going to it for the internet, i plan to have my main computer physically wired by the the ethernet connection, and then i plan to have it emit a wireless signal for two laptops, and possibly my nintendo DS (when the DS goes online)


i have security questions

1) how can i monitor my network?
2) do i need any tools to make this network more secure?

I'm worried because since i'm in a apartment there are plany of poeple around that can compromise my network performance.. and i guess maybe cause damage to me as well right?


thanks

 

[Bullitt]

enable any encryption you have and hide your SSID broadcast. If you have WPA, use it.


basically, hiding the SSID will make the casual person not see your network. Enabling WEP is decent, but not foolproof, it keeps out most of the script kiddies. WPA does the same thing.

Keep in mind, if someone _really_ REALLY wanted to and had the resources available, they could get into your wireless network.

 

[ashmedai]

I use WPA + MAC authentication set to deny by default.

 

[ktwebb]

WEP is basically worthless. WPA on the other hand, assuming you use a difficult, alphanumeric passphrase with a capital letter or two should be plenty of security. MAC filtering is extremely easy to crack. SSID broadcasting isn't much either however just use what is available to you, setting your security up in layers. If your solution doesn't have WPA functionality and yoru concerned about security then get an AP and card(s) that do support it. WEP, MAC filtering and turning off SSID broadcast are barely speed bumps to someone that knows what he/she is doing. WPA is another story. WPA2 is preferable.

Your router will have an admin interface that will allow you to track intrusion attempts. Should anyway.

 

[ashmedai]

Easy to crack or not, might as well turn it on in addition to the WPA anyway. It's definately not going to hurt any, and it'll tell most people to bugger off before it gets to the authentication stage.

WEP is better than nothing, at the least it tells people that you're not trying to set up an open node.

 

[ktwebb]

Better than nothing certainly but no need, and I have never heard of it even being possible, to run WEP if your currently running WPA

 

[ashmedai]

I'm pretty sure WEP & WPA are an either/or kind of thing.

 

[Menelmarar]

I beleive the most important thing is to know your neighbors.

At my dad's house, houses are pretty well distanced apart, there are no neighbors under teh age of 60. I know one of them has a computer that is like a 600mhz celery. We just turn the SSID broadcast off and get full wifi bandwidth.

When I lived on my university campus, lots of tech savy people that we didn't want jumping on ou cable connection. This meant hiding SSID, 128bit encryption, and MAC filtering (only letting on the computers that MAC addresses were specified for)

In my new apartment that I moved to recently, most of the ppl seem to be casual ppl and if they did know about wifi networks and how to work with them I predict that disabling SSID would keep me hidden enough, but just in case we run WEP 64bit to compromise between security and performance.

 

[IceWindus]

Or in my case when I moved to my apartment this month, I ran ethernet all over the place and turned off wireless.

Problem solved.

 

[sandmanx]

When I moved into my new apartment last weekend, I configed it with WPA-PSK. I've been watching my AP to see if anyone tries to connect to it. So far, so good.

I've got an external higher gain antenna on my WRT54G as well, to (hopefully) get coverage to my garage in the near future. I'll find out in the next week when I put my 24DBi antenna in the garage and try to get a signal.

 

[RancidWAnnaRIot]

How do i know if my wireless adaptor built into my laptop can do WPA??

one thing i did, is only allow the MAC address of my laptops access the network.. is that okay??

 

[IceWindus]

How do i know if my wireless adaptor built into my laptop can do WPA??

one thing i did, is only allow the MAC address of my laptops access the network.. is that okay??

Look up your laptop makers site and get system specs. MAC filtering is easily defeated, don't trust it with your life.

 

[ashmedai]

MAC filtering is easily defeated but it blocks out anyone that's not deliberately trying to crack your network and makes whatever encryption protocol you're using a smidge more secure for basically nothing. Turn it on, but don't go getting a warm fuzzy feeling inside thinking it makes you bulletproof either.

 

[Komataguri]

I say, If your worried about someone getting into your network, Its more efficient to just run Ethernet to the places you will most likely use the laptops [ Bathroom, Favorite Chair, Dinner Table ] and not worry about the security issue.

 

[RancidWAnnaRIot]

I'm just owrried about the casual person... i don't really think anyone around here is gonna try and crack my network, or target me personally.. it seems like people in this complex are a bit careless with their wireless networks.. i pick up like 3 from my apartment.. some odd SSIDs too...

 

[Malk-a-mite]

I don't really think anyone around here is gonna try and crack my network, or target me personally.

I used to say the same thing about my car, then I found out that some of the local "kids" liked to smash windows just for fun.

 

[RancidWAnnaRIot]

I used to say the same thing about my car, then I found out that some of the local "kids" liked to smash windows just for fun.

i see

 

[Komataguri]

I used to say the same thing about my car, then I found out that some of the local "kids" liked to smash windows just for fun.

ding ding ding


We have a winnar!


Kids like to do shit for no reason, Just for shits and giggles.