Doh, Double Doh, Wireless network

[ImADot]

I believe spoofing a MAC address is fairly simple.  Better to have a highly strong key.  While it's true that most residential folks don't need elaborately sophisticated encryption and other high-security features, I'd rather be safe than sorry.

[MrRiplEy[H]]

I believe spoofing a MAC address is fairly simple.  Better to have a highly strong key.  While it's true that most residential folks don't need elaborately sophisticated encryption and other high-security features, I'd rather be safe than sorry.

Spoofing a mac is very simple but then again you'd have to know the correct mac to be spoofed.

[Vulcan]

Vulcan, curious as to why you said not to use the mac filtering? Not a biggie, merely curious as I said fella.

Wurzel

As above, spoofing (copying or emulating) a mac address is very simple these days. There are a number of things that a well documented in 'wireless hacking for dummies' type guides... mac spoofing, hidden ssid scanning, and wep key breaking. Any kid thats gonna play silly buggers with wireless will run through this stuff. Plus the one thing most people seem to ignore is it's not necessary to join a network to cause trouble, some people will just sniff your traffic for passwords/users (which you probably send a lot of in clear text that you don't realize).

So, at the end of the day good encryption (WPA2) with a good complex password is whats going to stop them. All the rest are minor speed bumps, all you're doing is creating more work for yourself. WPA (as opposed to WPA2) has been broken as well, but the stronger your password the longer it takes to break, so WPA is ok, but WPA2 is best.

[Getback]

Can you change the default network name?

I changed to WPA PSK. I'm not so sure my pass phrase is solid by comparison to those posted in a previous link.

[OOZ662]

Can you change the default network name?

The name being broadcast wirelessly is called the SSID, if that's what you mean. That's meant to be changed.

[gpwurzel]

Good points on mac spoofing - guess I do the mac filtering outta habit more than anything else 

GB, yes, you can change the ssid name, should be in the set up. You can also change the channel it transmits on, if you are getting any interference from a nearby network etc.


Wurzel

[ImADot]

Let's not overlook the fact that even just the basic "locked down" settings is more than enough to keep the casual "neighborhood wireless surfer" out of your network.  If someone really has an interest in getting into your wireless network, they will.  Having a complex WPA key will just slow them down a bit--like decades worth brute-force or lots of packet-sniffing. 

If you see a car or van parked near your house that hasn't moved for weeks at a time, either your neighborhood is full of rednecks or someone thinks you have something they want and they're sniffing around. 

[gpwurzel]

Dot, you, you, you unspeakable cad, thats just cost me coke outta me nose. Point taken tho 


Wurzel

[Denholm]

Uhm, just a question here. If your wireless signal is encrypted, wouldn't that make sniffing useless unless you have the encryption key?

[ImADot]

I'm no expert - far from it.  Just a 5 second search found this short article which explains a little about it.

[Denholm]

That's how to crack the encryption, not how to sniff the network traffic without first connecting to it.

From the sound of it, you were suggesting that people could sniff your network traffic without first connecting to the network. I was asking if that's even possible as so far I've never heard of it working without first having the encryption key.

[Vulcan]

That's how to crack the encryption, not how to sniff the network traffic without first connecting to it.

From the sound of it, you were suggesting that people could sniff your network traffic without first connecting to the network. I was asking if that's even possible as so far I've never heard of it working without first having the encryption key.

Yes you need an encryption key to decode encrypted network traffic. No you don't need to connect to the network to sniff it.

Take for example WEP, it is possible to get a WEP key in around 5 minutes now I think - without connecting to the network. Then you can capture traffic (sniff) and decode it. IMHO far more can be gained from sniffing wireless traffic than using their network for leeching.

When I'm out and about on a public wifi connection or even a hotel ethernet connection first thing I do is run up an SSL VPN tunnel to work and route all my traffic that way, so if someone IS sniffing all they see is my encrypted SSL traffic.

[ImADot]

I don't want to post anything regarding how to sniff packets - although there are many legitimate reasons to do it.  Do a web search for wireless network sniffing and you can read about how easy it is to get the SSID, MAC addresses, spoofing, probing, etc., etc.

Like I said before, all you need is the rudimentary security settings to keep your neighbor out of your network.  If you feel generous, you can keep your wireless network open, and hook another NAT router to it and have all your computer equipment safe behind that while allowing anyone to leech onto your open Wi-Fi.  Visit this site to learn more about NAT routers and how they work.

[Denholm]

Well, I suppose that answers my question. I'm quite aware of how to crack a WEP and WPA key. Was simply curious if sniffing a wireless network's signal for packets was at all possible without first connecting to the network.

Vulcan, I've always been interested in setting up a VPN. Is this a simple SSL VPN you yourself set up. Or is it something more elaborate the IT department worked on at the place you work?

[Vulcan]

I set it up, but I'm network/security engineer. So it's something an IT department would setup, or try to