Re: Personal Data and Security

In article <jollyroger-A0F796.22010621082009@xxxxxxxxxxxxxxxxxxx>,
Jolly Roger <jollyroger@xxxxxxxxx> wrote:
In article <C6B4D68A.43DE2%nicknaym@[remove_this].gmail.com>,
Nick Naym <nicknaym@[remove_this].gmail.com> wrote:

But if I understand what you're saying, putting in place a new password
simply adds another layer on top of WPA...an additional "obstacle" to
hackers. Leaving the default password unchanged, however, doesn't
_necessarily_ mean I'm toast.

No, not quite.

*sigh*

I give up. I'm too tired this evening for this. Maybe someone else can
explain better, or I'll take another look tomorrow.

Goodnight.

Nick, perhaps I can help JR out with an analogy. I live in a low-crime
part of town, in a well constructed house, with solid doors, which have
good, pick-resistant locks (~long passwords), and I take care to keep
them locked except when I'm actively going in or out. Each of the these
features increases the security of my house. If any one of them were
deleted, the security would decrease. That said, someone, if they chose
to make the effort, could still drive a Sherman tank through my living
room window.

I do (and you should) take similar precautions with a wireless
router--and that's TWO parts in one package, the wireless and the
router. You can leave any of the wireless router settings (router login
name, router login password, wireless network name, wireless network
password (aka 'Key'), and wireless network type (WEP, WPA, WPA2)) set to
the factory defaults and still have some security, albeit rather little.
However, if you change them ALL, you can have significant protection
from most threats. A digital Sherman tank could still break into your
network. (Done anything to piss off the FBI or the CIA?)

Specifically as to the WIRELESS part of the router (this is AFTER you've
changed the default router login name and password):

* Change the name of the wireless network (that's NOT the router login
name) and turn off broadcasting its name (its SSID). Daniel Cohen
mentions that changing the wireless network name is not easy. This has
not been my experience; perhaps it's a NetGear restriction (I've never
worked with a NetGear product). On ever wireless configuration I've ever
accessed via a web browser and the router's built-in web page, somewhere
there is a place to change the SSID. Change it to something unintuitive,
i.e. NOT 'Nick Naym's wireless network', but perhaps
'delusions0fgr@ndure' ;) .

* Select WPA or WPA2, if available, for the security protocol. And
presumably you'll be using 'pre-shared key' (PSK).

* Make the password as long as possible. Longer is more secure. Check
your router's manual to determine the maximum length WIRELESS password
the router will accept. I've seen up to around 128 characters with some
routers. Perhaps that's for WPA2. Making a decent, long password is
easier than you may think. Come up with a good, shorter password, say
15-20 munged, alphanumeric characters long, and then repeat it until you
approach the max allowed by the router. E.g. thisismyrouterpassword (22
characters) -> th1sMyR0ut3rP@sswOrd, could be
- th1sMyR0ut3rP@sswOrdth1sMyR0ut3rP@sswOrd (44 characters)
- th1sMyR0ut3rP@sswOrd+th1sMyR0ut3rP@sswOrd (45 characters)
- th1sMyR0ut3rP@sswOrdth1sMyR0ut3rP@sswOrdth1sMyR0ut3rP@ssw (63
characters, note the last 3 characters were deleted)
- th1sMyR0ut3rP@sswOrdth1sMyR0ut3rP@sswOrdth1sMyR0ut3rP@sswOrdth1sMyR0ut3
rP@sswOrdth1sMyR0ut3rP@sswOrd (repeated 5 times, 110 characters).

Finally, save the settings and/or restart the router as it requires and
logout. You're as safe as you can get.

And it's just that easy!
--Red Green
.

Relevant Pages

  • Re: How to permit another machine to access wireless network?
    ... Some months ago I set up a wireless network using the Netgear CD. ... Have a computer connected to the router with an ethernet cable. ... You are now in the router's configuration utility. ...
    (microsoft.public.windows.vista.networking_sharing)
  • Re: Network Key.
    ... I have three PCs on a home wireless network. ... If I use a manual IP address the connection icon on the task bar ... The name/model of the router is given. ... general information about setting up a wireless network securely. ...
    (microsoft.public.windowsxp.newusers)
  • Re: Wireless connection died following HD format
    ... When you had your notebook connected to the wireless router previously, ... Wireless connection is not ... If you open Network Connections, is a wireless network ...
    (alt.sys.pc-clone.dell)
  • Re: Cannot browse local or remote sites with any browser, FTP and email works fine
    ... I also used (in safe mode) several online port checkers and virus ... Q=> Are you using a NAT router? ... I have a Dlink wireless with ... > outside from using, abusing, or altering your wireless network ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: [UPDATE] BearWare Comprehensive Security Plan
    ... Test your wireless Internet connection and make sure it is ... good idea to leave your router open while you are setting things ... With any encryption method, you will need to supply a key ... letters, small letters, nuMBers, and characters but no spaces. ...
    (alt.2600)