Wireless question: secure or no?

so, in my router settings setup page (routerlogin.com) this is checked off :
WPA-PSK (Wi-Fi Protected Access Pre-Shared Key)
other option is wep which is unchecked.

but under my wireless network windows settings i get the message:
unsecured wireless network - this network is configured for open access. Information may be visible to others.

all i want is no one to mooch off my wireless network and not be able to see my private/embarrassing/illegal/immoral/stupid web surfings.

so is it secure or is it unsecure?

When you connected to your router wirelessly for the first time, did you have to supply a network password of some kind?

If you did not, then you’re unsecure.

You really really want to be using WPA-PSK.

Also, turn off SSID broadcast if you can.

What SSID do you have set for the network? I just want to confirm that you changed it to something other than the default “NETGEAR”.

I only ask what seems like an obvious question because I had a client call me up about the same thing and it turned out he had a Linksys and so did his neighbor, but neither changed the default SSID.

So while his “LINKSYS” network was secure, his computer would automatically connect to the unsecured “LINKSYS”.

It’s also a good idea to use mac address filtering.

i did type in a password and changed the ssid name.

i found the options and shut off the ssid broadcast. does that have any side effects?

Nope. It just means that passing people can’t see the network as easily. The router still broadcasts the SSID in many other ways that can be sniffed if you know what you’re doing.

Actually, if I’m using this, do I need to bother with anything else? Why?

Because MAC address filtering is trivial to bypass?

How so? Guessing the MAC address of my 360? It’s just as long as the WEP password and more random, so I don’t get it. Doesnt this make the router only allow those devices to connect? so how would anotehr device connect, even if it had one of the 2 allowed MAC addresses, do routers allow 2 devices to connect w/ the same MAC?

MAC address filtering is stupid. All I have to do is sniff the packets in the air, pick out your MAC address (broadcast in the clear), and then tell the router “Hey, I’m also Spartacus!”. Ta-da, I’m in.

And routers dont mind letting 2 devices with identical mac addys on? Thats retarded. I guess I’ll change a setting when I get home. Wish my router didnt suck ,since the wifi doesnt work w/ my DS I dont use the wireless (works with my psp! how useful…), but it doesnt have an option to shut it off and use it wired only.

For all purposes, they are the same device. Being a doppleganger means just that. To everyone else, you are who you are pretending to be.

We’re getting a little into “oh does, the sky is falling here.”

If you’ve got some technical know-how, it can be trivial to crack WEP and sniff MAC addresses. However, if someone’s doing that to you, you’ve got larger problems because we’ve gotten away from “neighbor leeching” to “targetted attack.”

The only thing you can do is hide the SSID, do mac address filtering and use WEP. What you’re really trying to do is not make your wireless convenient.

I’m lucky, I live in a remote area and my neighbors can’t leech.

WPA-PSK is harder to break than WEP, and imposes less network overhead. Basically, unless you have at least some form of WPA on your network, it may not be wide open, but the word ‘secure’ cannot be applied to it.

If you have multiple devices and maybe a friend or family member who occasionally wants to connect, don’t bother with mac address filtering. It’s just a PITA for you and won’t stop a targeted attack. If your goal is to block the neighbors, just choose a secure password.

Also, use a good key for your WPA password, with numbers and capital and lower case letters, and maybe a symbol or two. WPA2 can be cracked with a dictionary attack, if the user has enough patience and CPU cycles.

With a third-party firmware you can also REDUCE transmition power so that anyone wanting to sniff has to be parked right inside your driveway or something.

Because passwords like this are easily reset with physical access, I just make long complex passwords, print em out and tape next to the router. Change every few months or when you feel like it.

I turned on wpa (my key is VA^STYDXRTJEN%X&XH&BYTRYFDYxdgxdrbgxdrybxdybdbdybewz34q33z!!! or something) and removed the antenna (I dont use wirreless, no option to shut it off though)

Why are you using a wireless router if you don’t need wireless? boggle