What wireless security settings?

Discussion in 'Computer Geek Zone' started by Omnimill, Mar 3, 2011.

Help Support HMEM by donating:

  1. Mar 3, 2011 #1

    Omnimill

    Omnimill

    Omnimill

    Well-Known Member

    Joined:
    Oct 29, 2009
    Messages:
    1,090
    Likes Received:
    46
    I've just bought and hooked up a Netgear 3500L wireless router in preparation for iPad2 when it arrives. The Netgear paperwork says to use the highest security level but this reduces the throughput so I'm wondering what setting to use for good performance/security?
    The options are, in increasing security:

    None!
    WEP
    WPA-PSK (TKIP)
    WPA2-PSK (AES)
    WPA-PSK (TKIP) + WPA2-PSK (AES)

    Throughput is:

    Up to 54 Mbps
    Up to 145 Mbps
    Up to 300 Mbps

    Anyone care to offer some thoughts on this?

    Vic.


     
  2. Mar 3, 2011 #2

    Foozer

    Foozer

    Foozer

    Well-Known Member HMEM Lifetime Supporter

    Joined:
    Nov 26, 2008
    Messages:
    1,167
    Likes Received:
    69
    Gender:
    Male
    Occupation:
    Retired
    Location:
    Camano Island, WA
    I use the WPA2-PSK (AES) scheme on a cisco wireless n gigabyte router. Run a movie server to feed the popcorn home box and so far no jitters. did get some pausing with the netgear router

    Robert
     
  3. Mar 4, 2011 #3

    George_Race

    George_Race

    George_Race

    Well-Known Member

    Joined:
    Jul 29, 2010
    Messages:
    125
    Likes Received:
    2
    There is a simple way of providing probably enough security so that no one will connect and use your bandwidth.

    Every computer has a 12 digit code called the MAC address. They look something like this: 28:EF:04:0E:B0:06

    All wireless routers allow you to restrict connections to your router by the MAC address. You simply turn that feature on in your router setup and then put in ONLY those MAC addresses that belong to your individual computer hardware.

    Anyone who tries to connect to your router will not be able to attach, as they will not have a recognizable MAC address in your router MAC table.

    It is usually found under "Wireless MAC Table" in your setup.
    George
     
  4. Mar 4, 2011 #4

    milotrain

    milotrain

    milotrain

    Well-Known Member

    Joined:
    Jan 21, 2011
    Messages:
    138
    Likes Received:
    1
    Spoofing a MAC address is trivial, I would not count it as security. Additionally it's a pain if any guests ever want to use your wireless network.

    First rule of wireless internet connectivity is that it is inherently not secure. There is no way around this. However, in almost all situations WPA2 is plenty secure. Use a longish key with numbers, letters, capitals and symbols and you should be fine.
     
  5. Mar 4, 2011 #5

    S3MIH3MI

    S3MIH3MI

    S3MIH3MI

    Active Member

    Joined:
    Feb 25, 2011
    Messages:
    39
    Likes Received:
    5
    You could do the MAC address but if you ever change your network card or buy a new computer, you will have to add it.
    Also if you have anyone come over, like kids grand kids friends, and they want to be able to connect, then this becomes a pain.

    I suggest WPA-PSK (TKIP) + WPA2-PSK (AES). the computer must suport the type of connection you are brodcasting to connect. This option offers the 2 most common. Also give your router a simple name, not the default name.
    And change the default password (Admin admin ) to your own.
    then set it as not to broadcast. This will hide it from most. When you need to connect a PC for the first time you have 2 options.

    1 change it to broadcast and auto connect then enter pass phrase. Once connected change it back to not broadcast.

    2 If it is not broadcasting, you will need to setup network manually. Then enter the name of your router and pass phrase.


    hope this helps
     
  6. Mar 4, 2011 #6

    shred

    shred

    shred

    Well-Known Member

    Joined:
    Jul 19, 2007
    Messages:
    1,949
    Likes Received:
    6
    WPA2 with a decent pass-phrase and you'll be ok, broadcast or not, unless you're a bank or something. For a little while my day job was wireless network security. It's fun and scary seeing how fast you can break into WEP-protected networks. The only downside is if you have older (like 5-10 year old) networking gear, a lot of it doesn't speak WPA2. In that case, use WPA or WEP, turn the power down as low as you can and try not to send anything important over it

    MAC spoofing is pretty trivial as others have said. Keeps the neighbors out, but not the drive-by hackers. It also does nothing to secure your data against sniffing.

    Also if you can, check around to see who is on what channels and pick an empty one (there are really only 3 totally non-conflicting ones in the "usual 2.4Ghz" band, 1, 6 and 9. Most all routers default to 6, so try 1 and 9 first, then in between if those are all full. Some apps will still have a 'site survey' mode where you can see who is on what channel.
     
  7. Mar 4, 2011 #7

    Troutsqueezer

    Troutsqueezer

    Troutsqueezer

    Project of the Month Winner!!! Project of the Month Winner

    Joined:
    Aug 8, 2009
    Messages:
    930
    Likes Received:
    12
    Or you could move way the heck out in the middle of nowhere and don't bother with any security settings, like I do. ;D
     
  8. Mar 4, 2011 #8

    Omnimill

    Omnimill

    Omnimill

    Well-Known Member

    Joined:
    Oct 29, 2009
    Messages:
    1,090
    Likes Received:
    46
    Thanks very much for your thoughts on this guys! I've set it on WAP2 at present with a good obscure password with numbers and set it not to broadcast so I expect it should be ok for now.

    Vic.
     
  9. Mar 7, 2011 #9

    milotrain

    milotrain

    milotrain

    Well-Known Member

    Joined:
    Jan 21, 2011
    Messages:
    138
    Likes Received:
    1
    You should be absolutely fine. The only way you wouldn't be is if someone specifically wanted to get on your network, and that's like locking your house against someone who want's in.

    Trout's right on this. The only truly secure way of using wireless technology is keeping people far enough away from it.
     

Draft saved Draft deleted

Share This Page

Group Builder