Jump to content
RESET Forums (homeservershow.com)

5 Wi-Fi security myths you must abandon now by PCWorld


itGeeks
 Share

Recommended Posts

I was asked by a forum member in another thread if I hide my SSID and or do MAC filtering in order to help protect my wireless network, My answer was no mostly for the reasons listed in the link here: http://www.pcworld.com/article/2052158/5-wi-fi-security-myths-you-must-abandon-now.amp.html

 

What do you all do in order to help protect your wireless networks? Discuss

  • Like 1
Link to comment
Share on other sites

Packet sniffing basically lets you bypass #1+2, trivially. Finding SSIDs is easy, as is finding the MAC address. 

 

But yeah, WPA2 is what you should be using. If you have a device that doesn't support it, run a cable or dump the device. 

Link to comment
Share on other sites

Agreed, Another thing is if a router does not let me disable WPS and UPnP I dump it. The last thing we all need is devices deciding on what ports should be open on our networks. You know its fascinating to me that ease of use comes before network security, I feel so sorry for the average Joe that knows nothing about networks and they go buy the latest and greatest WiFi router thinking there secure only to find out they have opened the door to hell. I don't care that gaming consoles bark when UPnP is disabled or not present, If I can't work around it on my terms then we don't use them. I am not going to favor enjoyment over security no matter what cost. FiOs is another example of y I keep them on there own subnet in my house. Security first, Enjoyment 2nd. Period.......


Delte

I am sorry, What does that mean?

Link to comment
Share on other sites

Agreed. 

 

If it doesn't let you disable these options ... it's a huge security risk.  

Even worse are the programs that outright fail if it can't figure UPnP.... :( (and even more so, the devs that fail to see why this is a problem). 

Link to comment
Share on other sites

I was the one who asked you that, perhaps it could be called baiting... in any case an article like this is helpful to spread the word.

 

as for what I do, all my wireless routers are in AP mode so I don't rely on their features beyond transport. any wireless ap/router that did not get 'disable wps'  firmware went into the trash. just as phones are these days it seems the router manufacturers abandon updates for perfectly functional products in hopes that you will buy their newer product. given so many choices these days I don't think I rewarded the manufacturers of any of the ones I trashed with the purchase of one of their newer products.

I am 100% in wpa2 / aes mode with a very long password. 'outside' devices are on a separate subnet. I use opnsense for my main router and have IPS turned on.

Edited by nrf
  • Like 1
Link to comment
Share on other sites

Agreed. 

 

If it doesn't let you disable these options ... it's a huge security risk.  

 

Even worse are the programs that outright fail if it can't figure UPnP.... :( (and even more so, the devs that fail to see why this is a problem). 

Agreed, Microsoft should be shot for demanding routers to have UPnP to be enabled to pass the XBox test or it shows "Restricted NAT", How dare companies choose convenience over security. My step-son comes running upstairs one day and says there is a problem, XBox is showing restricted NAT so I said is your games working? He said yes so I said don't worry about it. Even if his games where not working rite I was NOT going to enable UPnP. If it was that important I would of got a new line strictly for gaming.

  • Like 1
Link to comment
Share on other sites

I was the one who asked you that, perhaps it could be called baiting... in any case an article like this is helpful to spread the word.

 

as for what I do, all my wireless routers are in AP mode so I don't rely on their features beyond transport. any wireless ap/router that did not get 'disable wps'  firmware went into the trash. just as phones are these days it seems the router manufacturers abandon updates for perfectly functional products in hopes that you will buy their newer product. given so many choices these days I don't think I rewarded the manufacturers of any of the ones I trashed with the purchase of one of their newer products.

I am 100% in wpa2 / aes mode with a very long password. 'outside' devices are on a separate subnet. I use opnsense for my main router and have IPS turned on.

My friend nrf, I already new you where testing me in your questions and that y I linked the article and added some extra. Neal I been messing with networks for the last 25+ years and though I still don't consider myself an expert in the subject as I seem to be learning all the time I am no dummy in networking either. I challenge this whole segment to Q&A as its a healthy topic, Thanks for the test, I hope I passed. Have a great day!

Link to comment
Share on other sites

Also, helping out everyone's "safe practices" helps everyone. :) 

Friends and family, even.

Link to comment
Share on other sites

I am 100% in wpa2 / aes mode with a very long password. 'outside' devices are on a separate subnet. I use opnsense for my main router and have IPS turned on.

 

 

same (but UTM9), and whenever possible i use cabled, rather than wifi.

 

 

Offtopic:

 

at work in some of our town centre branches, we see a low-level of connection attempts. nothing we worry too much about, but started a discussion that if the SSID was called POLICE SURVELLANCE, would it get more or less hits :)

Seems there is a lot of funny SSIDs about: https://community.spiceworks.com/topic/463862-funny-clever-names-for-home-wifi

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...