You are currently viewing our boards as a guest which gives you limited access to view most discussions, articles and access our other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, download files, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!
If you have any problems with the registration process or your account login, please contact contact us.
If you've been following the Addict Tip of the Week, you saw our last tip showed an easy way to encrypt your WiFi network to keep your sensitive data from prying War Drivers in your neighborhood. This week will we'll show how to further increase your security so that even if Kevin Mitnick is wardriving your house he still won't be able to get into your network.
This week, we will make the router invisible and change the name of the router so that it is difficult or impossible for hackers to guess (thus, get in through the back door.) As an added bonus, we'll set your router to ONLY allow connections from pre-determined machines (including your Pocket PC).
We are going to assue you already know how to access your router's control panel. If not, see last week's tip of the week here. If you know how to get to it already, proceed to step 1. Step 1: Open your router's control panel and choose the "Channel & SSID" function (Note: as per our last article, your router control panel may be slightly different, but the instructions should apply just the same.) Step 2: Change the name of your SSID and uncheck the Broadcast SSID option then hit "Apply Changes" or Ok. This will prevent your router from broadcasting beacons that can be picked up by people scanning for networks. It also prevents people who know the router is there from guessing your Router id and trying a rogue connection. PART II: Securing by Mac Address
We will now move on to Mac address filtering. In a nutshell, let me describe what a Mac Address is. Every network card that meets IEEE specifications has a unique identifier. This is called a Mac address. As such if I set my router to allow a connection from my Ambicom Network card's address, even if YOU have an Ambicom too, it won't let yours connect because your Mac address is different! Step 1: So let's begin by finding out all the Mac addresses on our network (including our Pocket PCs) Open DHCP client list function in your router's control panel. This lists the computers and devices your router has assigned IP addresses to. Step 2: Make a list of the computers and devices that appear on this page. Beside each computer/device, write down the corresponding Mac Address. Step 3: Go into the Mac Address Filtering page of your Router control panel (note: picture is a bit cut off, but you can still make out the side panel that shows MAC Address Filtering at the bottom). a. Put a checkmark in "Enable MAC address filtering" b. Enter the MAC addresses for all your devices/computers. Don't add colons ( or spaces in the mac addresses, just list them out. c. Hit "Apply Changes" or "Ok" and you're done!
Now that we've done just about everything to secure our home routers from Wi-Fi drivers and hackers, we can get some much needed rest. I think I'm going to take a nap right now.
This isn't "secure". I can sit outside your house with my linux laptop and my wifi card, and sniff your traffic. Once I know what MAC addresses you're using, I've bypassed that part of the security. I then let Airsnort suck down your traffic till I've got your WEP key. And guess what, I'm on your network now.
I'm not trying to put you down, this is a wonderful guide to hardening a wireless network. But PLEASE...this is NOT "secure".
-Matt
This isn't "secure". <snip>
I'm not trying to put you down, this is a wonderful guide to hardening a wireless network. But PLEASE...this is NOT "secure".
-Matt
Im curious. if its not broadcasting any sid like he says above how do you know the wireless router is there?
you make it sound pretty easy, how long does it take to break into a network?
Even if it isn't absolutely secure, this is still a great series of tips. With the last one I was able to secure my network in an appartment complex that has half a dozen unsecure routers that interfere with each other . I now have the best access of anyone in the complex I can't wait to get this one in so that joeshmoe can't "see" my router.
He can still detect the home network using different tools.
Netstumbler/ministumbler will send out a packet, and look for replies, and your average access point will still respond even if it's BSSID broadcast has been disabled. A wireless sniffer as well will locate a access point just by looking for the traffic from/to it.
It is very important to do these steps to lockdown or harden your network, because it makes it harder for someone to get it. The usual people attacking networks are looking for low-hanging fruit, easy places to get in. So, Make it hard for them.
Another thing, is unless they really want into YOUR network bad, they're gonna drive down the street and find the 3 of 4 networks that aren't secure. Driving by apartment complexes, I normally see 2-6 wifi networks, and maybe 1 out of every 4 of those is secured in some way.
. I now have the best access of anyone in the complex 
I can't wait to get this one in so that joeshmoe can't "see" my router.
Linear Mode
