Setting up a home wireless network - what do I need?

[Redrobes]

Sure, WPA(2) is better than WEP. I'll buy that. But I was under the impression that no wifi protocol was completely secure. Its just down to how long it takes to break it. I understand that breaking WEP is now in the seconds tho. Its a poor choice if your concerned about being secure.

Theres all sorts of schools of thought about the whole security thing in wifi. Many people reckon that disabling the SSID is pointless as is the MAC address filtering. I dunno. I guess my advice would change depending on what kind of use you had for it. I treat wifi as insecure and do most stuff over cables partially because of the security but mainly due to the higher bandwidth.

I think the point though is not to leave it in a wide open state. WEP & MAC address filtering at least mean that you need a tool to break in even if they are of no real use to a determined hacker. If you have WPA2 then sure, use if you are able to - and use a long and obscure password otherwise its just as useless as any of the others.

 

[Anti-Sean]

Good advice if you can. Unfortunatly not everything is compatable with WPA, forcing you to use WEP or nothing.

(I'm looking at you Nintendo DS & Wii)

The Wii can use WPA; the DS, however, can only handle WEP.

 

[Thanee]

Theres all sorts of schools of thought about the whole security thing in wifi. Many people reckon that disabling the SSID is pointless as is the MAC address filtering.

The best is to use all available security measures, since that will make it the most annoying to break in (not that it is likely, that someone even wants to do that).

- disable SSID broadcast
- WPA2 (personal) pre-shared key with TKIP encryption
- non-guessable, long passkey (20+ random letters/numbers/special characters)
- MAC address filtering, permitting only listed PCs

That's about as secure as it gets today and everything there is supereasy to setup, so there is no reason not to use the full package (unless some parts of the network are incompatible, of course).

If you have WPA2 then sure, use if you are able to - and use a long and obscure password otherwise its just as useless as any of the others.

Yep. A password needs to be some string that is not a normal word, and should best contain letters, numbers and special characters to make it difficult for library-based brute force attacks to figure it out.

If you are paranoid, change the passkey (completely new key) every couple weeks.

Bye
Thanee

 

[Kid Charlemagne]

Picked up Netgear WGT624 wireless super-G box yesterday (along with a PS3). I'll be setting it up Sunday, most likely...

 

[azhrei_fje]

Wow, I would say "right on!" to Thanee's post concerning secure setups. Don't bother with MAC filtering, though. It's true that it won't stop a "determined" hacker, but it wouldn't even stop someone just browsing the networks very much. (It's quite easy to use available software tools to "sniff" the wireless network and find a valid MAC address, then tell your card to emulate that address.)

I have wireless available at home, but I don't use it. My friends are welcome to, though. I currently have WPA2 setup using a pre-shared key and TKIP, as Thanee pointed out. I have a spare machine in my office (file server/media server) that will soon be running FreeRADIUS. I'm really looking forward to that. I have some time in August when I won't be traveling, so I hope to have it up and running then...

Someone else asked about the "Wireless N" standard and whether it was out of "draft" yet. No, not yet. IIRC, there was to be a vote on it sometime this summer, but the vote had been pushed back a little bit. Some Google'ing would likely find some answers about it, though. At this point, any changes that might happen should be pretty minor and most would be fixable with a firmware upgrade.

(I just bought the "LinkSys WRT54G" book from Amazon, so I'm looking forward to hacking it. I'll probably load OpenWRT instead of DD-WRT. But we'll see...)