Latest News Article

[SteevyT]

What is the best way to secure WiFi?  Well, other than shutting it off and using wired only.  Currently I'm using a MAC address filter on mine.  Only whitelisted devices may connect.

[SeaWry]

While even with MAC filtering, people may still connect to the router itself, meaning ENSURE you have a very strong password to connect.

From there, they cannot do nothing more. Of course to help minimize connections to the router itself, put a powerful phrase key and WPA2. About all you can do, and check your logs or have your router email your logs if it supports such to a email of your choice and have your Email account filter those router logs to a folder.

I personally make my router email logs to my gmail into a organized folder. It is nothing shocking to see the phrase [ATTACK] time to time.

[SteevyT]

SeaWry, on 10 January 2013 - 11:48 PM, said:

While even with MAC filtering, people may still connect to the router itself, meaning ENSURE you have a very strong password to connect.

How does this work?  Any time I've tried it with a device that isn't whitelisted the device says connecting, then the router doesn't let the device finish connecting.

[SeaWry]

Each router is to their own methods more less. If that is how it works, then by all means it will be fine.

Still slapping on WPA2 and a strong password is a first line of defense. MAC is a very strong secondary.


Again however, no router is the same really.

[SteevyT]

Thanks for the info.

Although now I have what is probably a more complicated question.
What is the difference between WPA, WPA2, WEP, and RADIUS, (there is also something called a WPA/WPA2 mixed-mode in my router)? As in, what is different with how they work, and what about how they work makes the better ones better?

[fm87]

If someone wants to get in, they will get in.

Just make your password strong enough for joe shmoe to not be able to randomly guess it.

WEP, WPA and WPA2 have both been bypassed with free software. RADIUS can also be bypassed.

[SteevyT]

fm87, on 11 January 2013 - 12:05 AM, said:

If someone wants to get in, they will get in.

Just make your password strong enough for joe shmoe to not be able to randomly guess it.

I know this.  I'm more curious about the differences between how the different methods work.

[SeaWry]

WEP old and easy to break, WPA older and had flaws, WPA2 updated WPA that fixed some of its flaws and added new needed things and a bit hard with AES encryption but still with dedication can be broken.

Radius I cannot remember so cannot explain it.

More less I would suggest WPA2 with AES if supported, no SSID broadcasting, MAC of course filtering and that's about it.

[fm87]

Really, not broadcasting the SSID would even be enough to prevent most people.

[SpartanBlockhead]

My dad made our SSID "FBI Surveillance" xD

That will totally deter people!

[fm87]

SpartanBlockhead, on 11 January 2013 - 12:18 AM, said:

My dad made our SSID "FBI Surveillance" xD

That will totally deter people!

I've had mine as "FBI Surveillance Van #something" for about a year. Neighbors changed theirs to some interesting things.

Girlfriend decided to name hers "Best Korean Labor Party Camp 22".

[BKrenz]

fm87, on 11 January 2013 - 12:27 AM, said:

I've had mine as "FBI Surveillance Van #something" for about a year. Neighbors changed theirs to some interesting things.

Girlfriend decided to name hers "Best Korean Labor Party Camp 22".

I've debated making my password youshallnotpass for teh lulz.

[SpartanBlockhead]

BKrenz, on 11 January 2013 - 12:28 AM, said:

I've debated making my password youshallnotpass for teh lulz.

It's so obvious that nobody will think to guess it

[SteevyT]

SpartanBlockhead, on 11 January 2013 - 12:33 AM, said:

It's so obvious that nobody will think to guess it

I'm surprised "password" hasn't hit that point yet.

[cookiesui]

SteevyT, on 11 January 2013 - 12:38 AM, said:

I'm surprised "password" hasn't hit that point yet.

"password" is usually at the top of most word-lists, so using that as your password will guarantee your Wi-Fi being broken into, insofar as people are interested in doing that in the first place (which they probably aren't).

[SteevyT]

cookiesui, on 11 January 2013 - 05:35 AM, said:

"password" is usually at the top of most word-lists, so using that as your password will guarantee your Wi-Fi being broken into, insofar as people are interested in doing that in the first place (which they probably aren't).

I know that, there is a reason none of my passwords are password.  (or 12345)

Spoiler:

I'm just surprised that people haven't started realizing it sucks as a password (which then means people would stop checking for it, which would make it a decent password)

[Trippledot]

password or <blank> is the default password for many routers IIRC.
I would not suggest using it and i would suggest ALWAYS setting your own password.

[fm87]

Trippledot, on 11 January 2013 - 06:35 AM, said:

password or <blank> is the default password for many routers IIRC.
I would not suggest using it and i would suggest ALWAYS setting your own password.

"Admin", "user", "owner", "root", and "0000" are also acceptable for both password, and username input.

[SeaWry]

fm87, on 11 January 2013 - 06:37 AM, said:

"Admin", "user", "owner", "root", and "0000" are also acceptable for both password, and username input.

You also forgot the serial number is also used as the password "as well username sometimes". I know centurylink does this for their new modems. The serial number is the default password, username is admin iirc, or something else.

[fm87]

SeaWry, on 11 January 2013 - 06:44 AM, said:

You also forgot the serial number is also used as the password "as well username sometimes". I know centurylink does this for their new modems. The serial number is the default password, username is admin iirc, or something else.

Yup. Some DSL routers broadcast their SSID as the serial number, which is also the password.