What is the best security for my router?

Discussion in 'Computer Games and General Discussion' started by Prime, Oct 2, 2008.

Oct 2, 2008
  1. Prime
    OP

    Member Prime GBAtemp Psycho!

    Joined:
    Nov 7, 2007
    Messages:
    3,664
    Location:
    Under your bed
    Country:
    United Kingdom
    MAC Filtering
    WEP
    WPA-Personal
    WPA2-Personal
    WPA2-Mixed

    [​IMG] Don't be going to steal my Internets neighborhood [​IMG]
     


  2. BiscuitBee

    Member BiscuitBee Semi-Resident Cookie-Bug

    Joined:
    Jul 30, 2008
    Messages:
    689
    Location:
    Canada
    Country:
    Canada
    I guess you could say that there are a lot of different thoughts on this.
    • MAC Filtering: This is very likely to stop your average neighbourhood user. It can be overcome by MAC Spoofing
    • WEP/WPA: Both are crackable. WEP is pretty much a wireless script-kiddie play toy and can be cracked quite easily with a linux live-cd (and other apps, of course). WPA takes a bit longer to crack than WEP, but it's still doable. If you do choose one, go with WPA and change your password every so often.
    • You can also disable SSID Broadcasting and setup your connections manually. This also keeps out the average user... but "hidden" networks aren't so hidden with even the basic WiFi searcher.
    My setup is a bit weird, but it works for me. I'm using a Linksys router with a 3rd party firmware (Tomato)
    • MAC Filtering: Gotta add you to my list if you want access.
    • Scheduling: I'm pretty sure most linksys firmwares do not support this. I have my wireless automatically turn off during the night and while I am at work. It turns on when I get home and for about 30 minutes in the morning so I can check my messages/email/news on my iPod
    • Monitoring: I take an active role in watching my attached devices and logs. Again, the Tomato firmware really helps out here because Linksys "Attached Devices" (wired or wireless) has always been less than desirable. But that's just me, perhaps other people have better luck with it.
    Any other thoughts on this? I'm quite curious.
     
  3. Twiffles

    Member Twiffles танковые победы

    Joined:
    Sep 6, 2007
    Messages:
    1,925
    Country:
    Germany
    All I got on my router is a 24 digit WEP code, lol
    Among other things
     
  4. Doomsday Forte

    Member Doomsday Forte GBAtemp Maniac

    Joined:
    Apr 22, 2007
    Messages:
    1,272
    Country:
    United States
    MAC filtering might work along with whatever else you want. I use...erm...whatever the Wii, DS, and PSP use. WEP or something I think. And this is in a dorm so naturally I know if someone's leeching my net. =P
     
  5. Renegade_R

    Member Renegade_R Audio/Video Expert

    Joined:
    Apr 21, 2004
    Messages:
    1,654
    Location:
    Toronto, Ontario
    Country:
    Canada
    The Tomato attached devices really works well...it gives you a good idea of what's connected to that router.

    The Linksys default firmware keeps thinking something is plugged in even though its been off FOR 5 DAMN MONTHS.

    On another note, any wireless protection can be cracked...its simply the downfall of using wireless. I recommend WPA and MAC Filtering but in the end...you're never really safe...you're just more well prepared
     
  6. BiscuitBee

    Member BiscuitBee Semi-Resident Cookie-Bug

    Joined:
    Jul 30, 2008
    Messages:
    689
    Location:
    Canada
    Country:
    Canada
    Arrrgh, I hate that so much.

    QUICK EDIT: I haven't played around with DD-WRT too much... mainly because the wireless on one of my laptops wouldn't hook up to it (even without filtering or WEP/WPA). Anyway, it LOOKED really cool, but had to use Tomato for compatibility... turns out it had a lot of want a wanted.
     
  7. Urza

    Member Urza hi

    Joined:
    Jul 18, 2007
    Messages:
    6,493
    Country:
    United States
    ddwrt >
     
  8. Prime
    OP

    Member Prime GBAtemp Psycho!

    Joined:
    Nov 7, 2007
    Messages:
    3,664
    Location:
    Under your bed
    Country:
    United Kingdom
    You cant get that on my router and that isn't a form of security. Which this topic is about. So stay out of this topic unless your going to answer then question.

    kthxbai.
     
  9. Urza

    Member Urza hi

    Joined:
    Jul 18, 2007
    Messages:
    6,493
    Country:
    United States
    The comment was a response to BiscuitBee's post.

    I really couldn't care less about what you want.

    Pro-tip: Unless you enjoy coming off as a middle-schooler who just discovered the internet, try to refrain from using silly idioms such as "kthxbai".
     
  10. Mewgia

    Member Mewgia drifter

    Joined:
    Dec 16, 2006
    Messages:
    2,161
    Location:
    Boston, MA
    Country:
    United States
    All I have on my wireless router is...nothing. It's completely unprotected :/
    I don't use it for anything besides my DS, and my dad uses it sometimes. My DS never sat well with even WEP...so I didn't bother with a password.

    I have a wired connection so it isn't a top priority for me, but I may do MAC filtering, for my father's sake...
     
  11. Javacat

    Member Javacat GBAtemp Fan

    Joined:
    Jul 27, 2007
    Messages:
    319
    Country:
    United Kingdom
    WPA should be fine as long as you've got a reasonably random password. The stupid amount of wireless networks around these days means the chances of you being targeted are pretty low. It's only really going to be if you've got a pissed off neighbour wanting to find your homemade pr0n [​IMG]
     
  12. GN-001 Exia

    Banned GN-001 Exia Banned

    Joined:
    Apr 1, 2008
    Messages:
    95
    Country:
    United States
    WPA2 Personal + Filter your equipments MAC address. Bit over kill unless you live around a bunch of script kiddies or wardriving idiots.
     
  13. GN-001 Exia

    Banned GN-001 Exia Banned

    Joined:
    Apr 1, 2008
    Messages:
    95
    Country:
    United States
    Preference>dumbfuck idiot fanboys
    kthxbai ttyl
     
  14. BiscuitBee

    Member BiscuitBee Semi-Resident Cookie-Bug

    Joined:
    Jul 30, 2008
    Messages:
    689
    Location:
    Canada
    Country:
    Canada
    ANYWAY

    Another thought, you could turn off your router's DHCP and pick a different network. (i.e. 192.168.144.1) This would stop even more amateur war-drivers. Again, with the proper sniffers and time, they'll probably just grab that IP and a packet.

    There are a couple options for post-'security' methods. Setup a wireless trap using a linux distro of your choice. You know, have the wireless router's gateway a computer and use that computer as the router.

    {internet cloud} --- [cable/dsl modem] --- [linux trap] --- [wireless router] --- [You and unsuspecting fools.][*]Your computers would have static IP addresses. These addresses would be programmed into the linux trap so you aren't affected. Much like, or exactly like, and access control list.[*]Everyone else that doesn't match your ACL (i.e. DENY), they get put through a bit of packet poisoning or redirect and everything they do will forward them to some weird webpage. Or, if you really wanna stick it to them, remain COMPLETELY transparent and gather all of their wireless data. Chances are, they might log into facebook/email/etc WITHOUT using https. Then, the game begins. Just don't mess with them the same day or the day after... wait a week and let them think their fine.While this is most likely illegal, they shouldn't have been stealing your WiFi in the first place (which is completely illegal).

    One a more LEGAL note: You could install some hotspot software with an introduction screen. Then, make them pay for a WiFi connection (or give it out free)

    I’ve never tried this… but here are some links!
    HotSpot Stuff
    http://www.2hotspot.com/
    http://www.chillispot.info/
    http://www.publicip.net/

    Linux Stuff:
    http://www.wifi.com.ar/english/cdrouter/ - Using Linux as a router, without installing! (Live CD)

    *** I cannot endorse any of these links/programs as I have yet to try them out personally. Perhaps I'll try a hotspot software for my parents business! University kids always go there and ask about wireless.

    @Urza: I've been dying to play around with ddwrt. Perhaps an updated version combined with the newest wireless drivers for my laptop will be compatible. The interface did look quite sezzy.

    The tomato interface works well with my iPod touch (Safari), so if I need to add someone to my Wireless ACL, I can just use my iPod and not have to turn on a computer. Any experience using the ddwrt interface with a mobile device?
     
  15. UltraMagnus

    Member UltraMagnus hic sunt dracones

    Joined:
    Aug 2, 2007
    Messages:
    1,967
    Location:
    Portsmouth
    Country:
    United Kingdom
    theoretically, wpa2 is the best encryption....

    however, all of them are crackable, there is a good saying, there are two types of security, those that keep your little sister/brother from reading your diary, and those that stop the FBI finding your ICBM plans, none of these are the latter. and some devices won't do wpa (hell, i have an old laptop that will only do wep64 bit)
     
  16. Salamantis

    Member Salamantis GBAtemp Advanced Maniac

    Joined:
    Feb 20, 2007
    Messages:
    1,945
    Country:
    Canada
    Tomato is good in certain cases, like when your ISP supports MLPPP connections to avoid throttling. I don't think DD-WRT has MLPPP, does it? Anyways, I'm happy with my Tomato/MLPPP firmware.
     
  17. da_head

    Member da_head A dying dream..

    Joined:
    Apr 7, 2008
    Messages:
    2,953
    Location:
    Toronto, Canader!
    Country:
    Canada
    is this really necessary? do u live in a house or apartment/condo complex? if a house, people would literally have to sit outside ur house to get a decent signal...unless ur router/internet is that awesome?
     
  18. Doomsday Forte

    Member Doomsday Forte GBAtemp Maniac

    Joined:
    Apr 22, 2007
    Messages:
    1,272
    Country:
    United States
    I did some research and I found that I can't use Tomato with my router (WRT54G V6, dammit!). I can use DDWRT, but I'm not even sure that I'd really need it. I'm completely new to routers and I bought this off of a friend after my past two wireless solutions dissolved. I'm familiar with the default interface now, and the only complaint I had (the interface screens would take forever to load) was cleared up in a firmware update.

    For those of you who use DDWRT, is the interface easy to pick up for the wireless network uninitiated? I'm not even entirely sure I need it to be honest. Well, don't need it right now anyway.
     
  19. phoood

    Member phoood taking it to a whole new level.

    Joined:
    Jul 28, 2006
    Messages:
    1,001
    Location:
    Jewgoslavia
    Country:
    United States
    Yes it is. In ddwrt you can also boost the signal
     
  20. Doomsday Forte

    Member Doomsday Forte GBAtemp Maniac

    Joined:
    Apr 22, 2007
    Messages:
    1,272
    Country:
    United States
    I don't really need that since everything in my room that I need for the router is within 20 feet anyway. =P

    I will look into it later, thanks.

    Edit: To BiscuitBee if she ever comes back to this topic: Apparently my router has access restriction on a timely basis. I can deny or allow at any time (in segments of five minutes) but mine's on 24h anyway. Just thought I'd point that out for some reason. I still would have liked to try Tomato...but anyway, I'll give DDWRT a look later.
     

Share This Page