Netwrok Questions

[zammer]

I have a few wireless netwrok questions. I have xp Home with all updates. My router is a links model wrt54gs.

First I dont understand how to use the SSID at all. I know that this deals with my network name and its purpose is to hide the name but for the life of me I cant figure this out.

Mac Address, what is this and how do I know what to set up to make my network more secure. Thanks for helping me out

[Freidog]

I have a few wireless netwrok questions.  I have xp Home with all updates.  My router is a links model wrt54gs.

First I dont understand how to use the SSID at all.  I know that this deals with my network name and its purpose is to hide the name but for the life of me I cant figure this out.

Mac Address, what is this and how do I know what to set up to make my network more secure.  Thanks for helping me out

<{POST_SNAPBACK}>

SSID is (sort of) a name for your network.

You should change that to a unique name for your network and disable SSID broadcast. That will prevent people from finding your wifi just from being in range.

You can access SSID info on the wireless tab of the router settings. (accessed by typing in 192.168.1.1 in a web browsers address bar)

Chapter 5 of the has more info.

By setting the SSID like that you'll have to manually type in the SSID of your wifi network the first time you setup the wireless cards.

Mac addresses are unique identifiers for each network card.

You can find a card's MAC by typing ipconig /all in a command prompt. (I think windows calls it as 'Physical address').

What you want to do is restric access to your nework using MAC addresses,

to enable it, again on the wireless tap of the router settings,

enable it, set it to 'permit only'

and add the MAC addresses of all your wireless cards to the list.

Once that's done, only the network cards that you have set to allow on will be permitted on the network.

You should also enable WPA since your router supports it. It's a way of encrypting network traffic. Just adds one more layer of security to your network.

[skeet6961]

I have a few wireless netwrok questions.  I have xp Home with all updates.  My router is a links model wrt54gs.

First I dont understand how to use the SSID at all.  I know that this deals with my network name and its purpose is to hide the name but for the life of me I cant figure this out.

Mac Address, what is this and how do I know what to set up to make my network more secure.  Thanks for helping me out

<{POST_SNAPBACK}>

SSID is merely what u name the network. call it something and then make sure u'r clients agree to the name. particularly if u disable the SSID broadcast. if broadcast is on, then anyone in 'range' will 'see' the SSID. u should use some form of encryption here regardless. wpa is solid.

MAC = the hardware 'code' that each network device has. it's a number stamped at factory so that the device is uniquely identifiable on any network. no two are the same. u do nothing w/ this mostly but i think u'r refering to the linksys MAC cloning or filter ability.

the cloning allows u to 'fake' the MAC address of the router by substituting the one on the NIC in u'r pc. mostly for odd ISP setups where they only allow a specific MAC addy - normally the one that u had when the ISP first was setup.

the MAC filter allows u to tell the router to only allow specific MACs to connect to it.

just setup encryption to the highest level u'r client accomodate and u need do nothing else mostly. and the linksys router setup pages have the 'more info' link if what u see at the right of the screen is not sufficient.

[zammer]

Thank you.. The light was just turned on.

[Parrotgeek7]

You should change that to a unique name for your network and disable SSID broadcast. That will prevent people from finding your wifi just from being in range

No you shouldn't disable it. SSID is part of the 802.1 standard and by disabling it you will/may actually slow down your network. It does a little more then just broadcast the name.

Anyone who want to "squat" on your wifi is going to know how to sniff for packets anyway so disabling it is absolutely useless as far as asecurity measure.

the MAC filter allows u to tell the router to only allow specific MACs to connect to it.

And anyone can easily grab your mac address and spoof it just like you are doing, MAC filtering is also NOT a security measure.

Edited August 21, 2005 by Parrotgeek7

[Parrotgeek7]

Enable MAC filtering - Using a passive sniffer you can easily find valid MAC addys and it takes seconds to spoof one.

Disable SSID broadcast - When you disable SSID broadcast you are only removing the SSID from the beacon frames and telling the AP not to respond to "ANY" type probe requests. The SSID is included in many other management frames though as it's neccessary for WLAN operation. Turning off SSID only cripples your network; it does not "hide" your SSID.

Reducing your DHCP pool or using static addressing - It only takes a very basic understanding of IP addressing to figure out someone's subnet by watching a few packets go by. There's no reason to think that an attacker would be using your DHCP service.

".

understand what you are saying here, but these aren't additional "layers of security". If someone is setup to crack WEP then these aren't even a nuissance. They are a pain to implement, don't increase your security and can cripple your WLAN. The features you are disabling are there to make the WLAN function better, easier to manage and easier to use. Don't disable them.

ALL you need is proper encryption like WPA. If your equipment doesn't support WPA/WPA2 then use WEP, but understand that it is broken.

From the desk of CC

[skeet6961]

the MAC filter allows u to tell the router to only allow specific MACs to connect to it.

And anyone can easily grab your mac address and spoof it just like you are doing, MAC filtering is also NOT a security measure.

<{POST_SNAPBACK}>

spoofing is beyond 'anyone's capability generally. u'd have to really have someone targeting u to do this.

and i've yet to see a crippled wlan from disabling ssid. it will stop those who don't know.

[Parrotgeek7]

spoofing is beyond 'anyone's capability generally. u'd have to really have someone targeting u to do this.

and i've yet to see a crippled wlan from disabling ssid. it will stop those who don't know

in RE to statement #1. Heres a link to a google search with tons of ways to spoof a mac address and how to's, so its really not hard and just about anybody can do it. Targeting someone has nothing to do with it. Most people who squat on wifi don't care about your email etc, they want your bandwidth to do something that is not traceable to them.

and in RE to #2

I've never seen a Great white shark eat a person but that doesn't mean it doesn't happen. Read the specs on 802.1, the ssid is contained in just about every packet anyway. It was never designed as any type of securoty measure.

If saftey thru obscurity is your idea of being safe then, maybe it will make you feel better, but it certainly won't stop anyone with a modicum of intelligence from knowing that your network is there.

If you want more details on the +/- of disabling SSID, PM CatCow over at tthe G4 boards or here. he'll be glad to explain it to you in great detail.

[skeet6961]

spoofing is beyond 'anyone's capability generally. u'd have to really have someone targeting u to do this.

and i've yet to see a crippled wlan from disabling ssid. it will stop those who don't know

in RE to statement #1. Heres a link to a google search with tons of ways to spoof a mac address and how to's, so its really not hard and just about anybody can do it. Targeting someone has nothing to do with it. Most people who squat on wifi don't care about your email etc, they want your bandwidth to do something that is not traceable to them.

and in RE to #2

I've never seen a Great white shark eat a person but that doesn't mean it doesn't happen. Read the specs on 802.1, the ssid is contained in just about every packet anyway. It was never designed as any type of securoty measure.

If saftey thru obscurity is your idea of being safe then, maybe it will make you feel better, but it certainly won't stop anyone with a modicum of intelligence from knowing that your network is there.

If you want more details on the +/- of disabling SSID, PM CatCow over at tthe G4 boards or here. he'll be glad to explain it to you in great detail.

<{POST_SNAPBACK}>

ssid off will keep those who don't know off. i'm basing on my experience - not catcows. i do read his stuff. i do agree that it's off spec. i don't see any reason that this affects anything tho. so ... being 'off spec' doesn't bother me at all i've had SSID off for years w/ no problems. and since learning that it IS off spec, i've yet to recommend to anyone here or g4. i still DO setup w/ ssid off for my clients tho. u can point to all th white paperes u want, i'll stick w/ what i've experienced. it is the best teacher.

the vast majority of wlans i've seen are not protected at all. i'd assume it's cuz these people buy em, plug em in and leave em at defaults. in this case, SSID off will do u a world of good by not annoucing the wlan's presence to those who are not 'in the know' - google or not. i contend that this is the bigger audience.

w/ encryption on, all this is moot for the most part.

[Parrotgeek7]

w/ encryption on, all this is moot for the most part.

I'd agree with that.

That aside, I have seen a dramatic upswing lately in secured vs unsecurednetworks (now that its become easy to do and fairly reliable)

I also base this not only on CC's opinion, although his explanation is clear and concise, so I quoted it (sue me, I'm lazy) but mostly on my own and those who work for and with me. Keep setting'em up that way, it makes easy money for our guys to show a homebased or small business how easily we can find their network.

I think the major point is this. Turn on the encryption and the rest, is as you said, a moot point.

Edited August 22, 2005 by Parrotgeek7

[skeet6961]

w/ encryption on, all this is moot for the most part.

I'd agree with that.

That aside, I have seen a dramatic upswing lately in secured vs unsecurednetworks (now that its become easy to do and fairly reliable)

<{POST_SNAPBACK}>

i haven't ... that could change w/ some of the newer products and the 'auto config' stuff they've got but ... i still see a huge number of wide open wlans. maybe they want em that way.

the only reason i responded above is that u quoted me only on the ssid part of my post. i said the encryption part in that same post. if that was quoted, i'da just kept reading on

[Parrotgeek7]

the only reason i responded above is that u quoted me only on the ssid part of my post. i said the encryption part in that same post. if that was quoted, i'da just kept reading on 

I didn't disagree with that part, thats why i didn't quote it. Oh well, seems like we all agree on one thing..Brooke Shield needs to shave more often...no, thats not it...encrypt it and forget about it...yeah, thats it.

[skeet6961]

the only reason i responded above is that u quoted me only on the ssid part of my post. i said the encryption part in that same post. if that was quoted, i'da just kept reading on 

I didn't disagree with that part, thats why i didn't quote it. Oh well, seems like we all agree on one thing..Brooke Shield needs to shave more often...no, thats not it...encrypt it and forget about it...yeah, thats it.

<{POST_SNAPBACK}>

now THAT was funny ... re: the quote stuff ... i read it wrong then. mea culpa. i'm used to full quotes cuz it's all i know. i'm old. heck ... i don't even like edits where u can remove orig material. i've read so many threads that just fall apart until i realize that the edit button took out most of the gist

[Parrotgeek7]

the only reason i responded above is that u quoted me only on the ssid part of my post. i said the encryption part in that same post. if that was quoted, i'da just kept reading on 

I didn't disagree with that part, thats why i didn't quote it. Oh well, seems like we all agree on one thing..Brooke Shield needs to shave more often...no, thats not it...encrypt it and forget about it...yeah, thats it.

<{POST_SNAPBACK}>

now THAT was funny ... re: the quote stuff ... i read it wrong then. mea culpa. i'm used to full quotes cuz it's all i know. i'm old. heck ... i don't even like edits where u can remove orig material. i've read so many threads that just fall apart until i realize that the edit button took out most of the gist

<{POST_SNAPBACK}>

But you agree about Brooke and her monobrow right?

[skeet6961]

the only reason i responded above is that u quoted me only on the ssid part of my post. i said the encryption part in that same post. if that was quoted, i'da just kept reading on 

I didn't disagree with that part, thats why i didn't quote it. Oh well, seems like we all agree on one thing..Brooke Shield needs to shave more often...no, thats not it...encrypt it and forget about it...yeah, thats it.

<{POST_SNAPBACK}>

now THAT was funny ... re: the quote stuff ... i read it wrong then. mea culpa. i'm used to full quotes cuz it's all i know. i'm old. heck ... i don't even like edits where u can remove orig material. i've read so many threads that just fall apart until i realize that the edit button took out most of the gist

<{POST_SNAPBACK}>

But you agree about Brooke and her monobrow right?

<{POST_SNAPBACK}>

posolutely ... seems tom cruise has bashed her enuff tho ... l ron knows what to do

[xxkbxx]

i've got my wireless network open to the public - ha ha, if the public wants to drive out by the farm