What wireless security settings?

Shop deals on ebay
Find deals on amazon
Advertise with us
Home Model Engine Machinist Forum

Help Support Home Model Engine Machinist Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
O

Omnimill

Well-Known Member
Joined
Oct 29, 2009
Messages
1,090
Reaction score
47
I've just bought and hooked up a Netgear 3500L wireless router in preparation for iPad2 when it arrives. The Netgear paperwork says to use the highest security level but this reduces the throughput so I'm wondering what setting to use for good performance/security?
The options are, in increasing security:

None!
WEP
WPA-PSK (TKIP)
WPA2-PSK (AES)
WPA-PSK (TKIP) + WPA2-PSK (AES)

Throughput is:

Up to 54 Mbps
Up to 145 Mbps
Up to 300 Mbps

Anyone care to offer some thoughts on this?

Vic.


 
Omnimill said:
I've just bought and hooked up a Netgear 3500L wireless router in preparation for iPad2 when it arrives. The Netgear paperwork says to use the highest security level but this reduces the throughput so I'm wondering what setting to use for good performance/security?
The options are, in increasing security:

None!
WEP
WPA-PSK (TKIP)
WPA2-PSK (AES)
WPA-PSK (TKIP) + WPA2-PSK (AES)

Throughput is:

Up to 54 Mbps
Up to 145 Mbps
Up to 300 Mbps

Anyone care to offer some thoughts on this?

Vic.
Click to expand...

I use the WPA2-PSK (AES) scheme on a cisco wireless n gigabyte router. Run a movie server to feed the popcorn home box and so far no jitters. did get some pausing with the netgear router

Robert
 
There is a simple way of providing probably enough security so that no one will connect and use your bandwidth.

Every computer has a 12 digit code called the MAC address. They look something like this: 28:EF:04:0E:B0:06

All wireless routers allow you to restrict connections to your router by the MAC address. You simply turn that feature on in your router setup and then put in ONLY those MAC addresses that belong to your individual computer hardware.

Anyone who tries to connect to your router will not be able to attach, as they will not have a recognizable MAC address in your router MAC table.

It is usually found under "Wireless MAC Table" in your setup.
George
 
Spoofing a MAC address is trivial, I would not count it as security. Additionally it's a pain if any guests ever want to use your wireless network.

First rule of wireless internet connectivity is that it is inherently not secure. There is no way around this. However, in almost all situations WPA2 is plenty secure. Use a longish key with numbers, letters, capitals and symbols and you should be fine.
 
You could do the MAC address but if you ever change your network card or buy a new computer, you will have to add it.
Also if you have anyone come over, like kids grand kids friends, and they want to be able to connect, then this becomes a pain.

I suggest WPA-PSK (TKIP) + WPA2-PSK (AES). the computer must suport the type of connection you are brodcasting to connect. This option offers the 2 most common. Also give your router a simple name, not the default name.
And change the default password (Admin admin ) to your own.
then set it as not to broadcast. This will hide it from most. When you need to connect a PC for the first time you have 2 options.

1 change it to broadcast and auto connect then enter pass phrase. Once connected change it back to not broadcast.

2 If it is not broadcasting, you will need to setup network manually. Then enter the name of your router and pass phrase.


hope this helps
 
WPA2 with a decent pass-phrase and you'll be ok, broadcast or not, unless you're a bank or something. For a little while my day job was wireless network security. It's fun and scary seeing how fast you can break into WEP-protected networks. The only downside is if you have older (like 5-10 year old) networking gear, a lot of it doesn't speak WPA2. In that case, use WPA or WEP, turn the power down as low as you can and try not to send anything important over it

MAC spoofing is pretty trivial as others have said. Keeps the neighbors out, but not the drive-by hackers. It also does nothing to secure your data against sniffing.

Also if you can, check around to see who is on what channels and pick an empty one (there are really only 3 totally non-conflicting ones in the "usual 2.4Ghz" band, 1, 6 and 9. Most all routers default to 6, so try 1 and 9 first, then in between if those are all full. Some apps will still have a 'site survey' mode where you can see who is on what channel.
 
Or you could move way the heck out in the middle of nowhere and don't bother with any security settings, like I do. ;D
 
Thanks very much for your thoughts on this guys! I've set it on WAP2 at present with a good obscure password with numbers and set it not to broadcast so I expect it should be ok for now.

Vic.
 
You should be absolutely fine. The only way you wouldn't be is if someone specifically wanted to get on your network, and that's like locking your house against someone who want's in.

Trout's right on this. The only truly secure way of using wireless technology is keeping people far enough away from it.
 
You must log in or register to reply here.

Latest posts

Back
Top