DTP


 
Lively discussions on the graphic arts and publishing — in print or on the web


Go Back   Desktop Publishing Forum > General Discussions > Hardware & Gadgets

Reply
 
Thread Tools Display Modes
Old 12-15-2009, 12:38 PM   #1
terrie
Staff
 
Join Date: Oct 2004
Posts: 8,916
Default Wireless routers & security...

I had FiOS tv, phone and broadband installed today. I think I hate the tv but I'll live with it for a week and see...

Verizon provides a wireless router (actiontec either M1424-WR or MI424-WR not sure which) and the little bit I know about security on a wireless router is that one should change default userid and password which I've done.

I also changed the SSID Broadcast setting from "enabled" to "disabled" based on the definition of the option. Was that a good thing to do for better security?

Should I change the SSID value to something other than what is already there?


Currently, the router is using WEP 64-bit. I have a note that WPA is "better". Is it and should I change to WPA and if so, are there any pitfalls to doing this? I only have my one desktop pc on this network and I don't own a laptop that has wireless access.

MAC authentication is disabled. Is that a good thing?

The router's firewall is set to "Medium".

Suggestions?

Thanks...

Terrie
terrie is offline   Reply With Quote
Old 12-15-2009, 01:16 PM   #2
Robin Springall
Member
 
Robin Springall's Avatar
 
Join Date: Feb 2005
Location: Ealing Common, London W5, where I duplicate CDs and DVDs.
Posts: 1,259
Default

Definitely change the setup password so other people can't hack in and change your settings. If you want to disable SSID so its name is not broadcasted, then only do so after you've successfully connected all the computers; it's a good idea to change the default SSID to avoid confusion with neighbours who might have the same product, though the SSID should not be one which obviously refers to you (so unauthorised people aren't tempted to try to get at your setup.)

WEP really is old hat, and you should use WPA-PSK with a reasonably secure passphrase (ie use a mixture of upper- and lowercase expressions with a couple or nore numerals or items of punctuation, and definitely not a dictionary word.)

Some people prefer the additional security of MAC authentication (which means that only specifed computers can access the router) but that makes it irritating when yours guests want to get at the internet.

   
__________________
Robin
Intellectually challenged, alcoholically propelled
Robin Springall is offline   Reply With Quote
Old 12-15-2009, 02:57 PM   #3
terrie
Staff
 
Join Date: Oct 2004
Posts: 8,916
Default

Quote:
robin: Definitely change the setup password so other people can't hack in and change your settings.
That's the first thing I did...'-}}


>>it's a good idea to change the default SSID to avoid confusion with neighbours who might have the same product, though the SSID should not be one which obviously refers to you (so unauthorised people aren't tempted to try to get at your setup.)

I thought it might be randomly generated--it's just a series of letters and a number--but I guess not...I'll change it...


>>WEP really is old hat, and you should use WPA-PSK with a reasonably secure passphrase (ie use a mixture of upper- and lowercase expressions with a couple or nore numerals or items of punctuation, and definitely not a dictionary word.)

That's what I thought...I'll change it...

I'll think about adding MAC authentication...

Thanks...

Terrie
terrie is offline   Reply With Quote
Old 12-16-2009, 06:39 AM   #4
LoisWakeman
Staff
 
LoisWakeman's Avatar
 
Join Date: Jan 2005
Location: Uplyme, Devon, England
Posts: 1,402
Default

We use MAC authentication, although there aren't many people hereabouts to get into our network! It only take a few shakes to look up the MAC address of a new PC and add it to the list in the router.
LoisWakeman is offline   Reply With Quote
Old 12-16-2009, 12:03 PM   #5
terrie
Staff
 
Join Date: Oct 2004
Posts: 8,916
Default

Quote:
lois: It only take a few shakes to look up the MAC address of a new PC and add it to the list in the router.
As comfortable as I am with most computer based stuff, networking totally flummoxes me!

HOW (in very simple terms please...'-}}) do I do MAC authentication/addressing?

Thanks!

Terrie
terrie is offline   Reply With Quote
Old 12-16-2009, 02:20 PM   #6
BobRoosth
Member
 
Join Date: Jan 2005
Location: Los Angeles, Ca.
Posts: 933
Default

I know that we are told to change the defaults. Unfortunately most of my clients are so brain dead that they would never keep a record of the changed values; hence I generally leave them alone. So long as remote access to the router is disabled (and it generally is), one has to have access to the network to even use the username and password. If your kids and guests are malicious, then change the defaults. If not, please leave them alone so the support staff can help.

Suppressing SSID broadcast does not stop anyone who really wants to connect. Nor do MAC restrictions. A good WPA key does. More than eight characters and not findable in a dictionary.

Some vendors have SSIDs that are unique for each router -- 2wire does for sure. Others have the same SSID for every unit. Those need to be changed. I also try to determine the best channel. Some wireless utilities show the channel numbers for every access point in sight. If not, Windows users can try to use Netstumbler to survey the exisiting APs. Then choose a channel that is little used.
BobRoosth is offline   Reply With Quote
Old 12-16-2009, 02:32 PM   #7
terrie
Staff
 
Join Date: Oct 2004
Posts: 8,916
Default

Quote:
bob: So long as remote access to the router is disabled (and it generally is), one has to have access to the network to even use the username and password.
I've not checked that...from the printouts I made, I think that option must be in the Advanced section--maybe "Remote Administration" option?--and I'll check that.


>>A good WPA key does. More than eight characters and not findable in a dictionary.

It appears that I have both "WPA" and "WPA 2". Should I choose "WPA 2"? Also, my guess is that this is an either/or situation in that if I choose to use WPA (whatever flavor), I would choose "OFF" for WEP?


>> Some vendors have SSIDs that are unique for each router -- 2wire does for sure. Others have the same SSID for every unit.

I need to see if I can find a neighbor with FiOS broadband to check if the SSID is the same--just for my own info--but I think that I will probably change it. Are there any rules for the value? Currently, it's 4 upper case letters followed by one number so is 5 characters sufficient and should I use a mix of letters and numbers?

Thanks...

Terrie
terrie is offline   Reply With Quote
Old 12-17-2009, 01:25 PM   #8
Shane Stanley
Staff
 
Join Date: Oct 2004
Location: Melbourne, Australia
Posts: 526
Default

Use WPA2 (yes, that rules out WEP).

Hiding your SSID and using MAC filtering will only deter the most casual of would-be interlopers (MAC spoofing is pretty simple), so if you have WPA2, they're pointless and really just end up being one more thing to remember and maintain.
Shane Stanley is offline   Reply With Quote
Old 12-17-2009, 01:39 PM   #9
terrie
Staff
 
Join Date: Oct 2004
Posts: 8,916
Default

Quote:
shane: Use WPA2 (yes, that rules out WEP).
Thanks...

Are there any pitfalls to the WPA2 process I should be aware of? If it will auto-gen a key should I take that or do my own?

Thanks...

Terrie
terrie is offline   Reply With Quote
Old 12-17-2009, 09:50 PM   #10
Shane Stanley
Staff
 
Join Date: Oct 2004
Location: Melbourne, Australia
Posts: 526
Default

If someone wants to get into your network and is capable of cracking WPA2, your choice of password probably isn't going to make a lot of difference. Pick something an opportunist won't guess.
Shane Stanley is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Of FiOS, Wifi and wireless.... terrie Hardware & Gadgets 43 10-10-2009 07:12 PM
Wireless networking questions.... terrie Business Matters 20 08-15-2006 05:37 PM
Vermont wireless service ktinkel The Corner Pub 2 06-30-2006 10:51 AM
Wireless as only connection Paul General Publishing Topics 9 05-30-2006 11:00 AM
Wireless power Kelvyn The Corner Pub 8 04-02-2006 05:35 PM


All times are GMT -8. The time now is 02:18 PM.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Contents copyright 2004–2014 Desktop Publishing Forum and its members.