What is the best security for my router?

Discussion in 'Computer Games and General Discussion' started by Prime, Oct 2, 2008.

  1. Prime
    OP

    Prime GBAtemp Psycho!

    Member
    3,664
    0
    Nov 7, 2007
    Under your bed
    MAC Filtering
    WEP
    WPA-Personal
    WPA2-Personal
    WPA2-Mixed

    [​IMG] Don't be going to steal my Internets neighborhood [​IMG]
     
  2. BiscuitBee

    BiscuitBee Semi-Resident Cookie-Bug

    Member
    689
    5
    Jul 30, 2008
    Canada
    Canada
    I guess you could say that there are a lot of different thoughts on this.
    • MAC Filtering: This is very likely to stop your average neighbourhood user. It can be overcome by MAC Spoofing
    • WEP/WPA: Both are crackable. WEP is pretty much a wireless script-kiddie play toy and can be cracked quite easily with a linux live-cd (and other apps, of course). WPA takes a bit longer to crack than WEP, but it's still doable. If you do choose one, go with WPA and change your password every so often.
    • You can also disable SSID Broadcasting and setup your connections manually. This also keeps out the average user... but "hidden" networks aren't so hidden with even the basic WiFi searcher.
    My setup is a bit weird, but it works for me. I'm using a Linksys router with a 3rd party firmware (Tomato)
    • MAC Filtering: Gotta add you to my list if you want access.
    • Scheduling: I'm pretty sure most linksys firmwares do not support this. I have my wireless automatically turn off during the night and while I am at work. It turns on when I get home and for about 30 minutes in the morning so I can check my messages/email/news on my iPod
    • Monitoring: I take an active role in watching my attached devices and logs. Again, the Tomato firmware really helps out here because Linksys "Attached Devices" (wired or wireless) has always been less than desirable. But that's just me, perhaps other people have better luck with it.
    Any other thoughts on this? I'm quite curious.
     
  3. Twiffles

    Twiffles танковые победы

    Member
    1,925
    35
    Sep 6, 2007
    Gambia, The
    All I got on my router is a 24 digit WEP code, lol
    Among other things
     
  4. Doomsday Forte

    Doomsday Forte GBAtemp Maniac

    Member
    1,272
    0
    Apr 22, 2007
    United States
    MAC filtering might work along with whatever else you want. I use...erm...whatever the Wii, DS, and PSP use. WEP or something I think. And this is in a dorm so naturally I know if someone's leeching my net. =P
     
  5. Renegade_R

    Renegade_R Audio/Video Expert

    Member
    1,654
    0
    Apr 21, 2004
    Canada
    Toronto, Ontario
    The Tomato attached devices really works well...it gives you a good idea of what's connected to that router.

    The Linksys default firmware keeps thinking something is plugged in even though its been off FOR 5 DAMN MONTHS.

    On another note, any wireless protection can be cracked...its simply the downfall of using wireless. I recommend WPA and MAC Filtering but in the end...you're never really safe...you're just more well prepared
     
  6. BiscuitBee

    BiscuitBee Semi-Resident Cookie-Bug

    Member
    689
    5
    Jul 30, 2008
    Canada
    Canada
    Arrrgh, I hate that so much.

    QUICK EDIT: I haven't played around with DD-WRT too much... mainly because the wireless on one of my laptops wouldn't hook up to it (even without filtering or WEP/WPA). Anyway, it LOOKED really cool, but had to use Tomato for compatibility... turns out it had a lot of want a wanted.
     
  7. Urza

    Urza hi

    Member
    6,493
    89
    Jul 18, 2007
    United States
    ddwrt >
     
  8. Prime
    OP

    Prime GBAtemp Psycho!

    Member
    3,664
    0
    Nov 7, 2007
    Under your bed
    You cant get that on my router and that isn't a form of security. Which this topic is about. So stay out of this topic unless your going to answer then question.

    kthxbai.
     
  9. Urza

    Urza hi

    Member
    6,493
    89
    Jul 18, 2007
    United States
    The comment was a response to BiscuitBee's post.

    I really couldn't care less about what you want.

    Pro-tip: Unless you enjoy coming off as a middle-schooler who just discovered the internet, try to refrain from using silly idioms such as "kthxbai".
     
  10. Mewgia

    Mewgia drifter

    Member
    2,161
    10
    Dec 16, 2006
    United States
    Boston, MA
    All I have on my wireless router is...nothing. It's completely unprotected :/
    I don't use it for anything besides my DS, and my dad uses it sometimes. My DS never sat well with even WEP...so I didn't bother with a password.

    I have a wired connection so it isn't a top priority for me, but I may do MAC filtering, for my father's sake...
     
  11. Javacat

    Javacat GBAtemp Fan

    Member
    319
    3
    Jul 27, 2007
    WPA should be fine as long as you've got a reasonably random password. The stupid amount of wireless networks around these days means the chances of you being targeted are pretty low. It's only really going to be if you've got a pissed off neighbour wanting to find your homemade pr0n [​IMG]
     
  12. GN-001 Exia

    GN-001 Exia Banned

    Banned
    95
    0
    Apr 1, 2008
    United States
    WPA2 Personal + Filter your equipments MAC address. Bit over kill unless you live around a bunch of script kiddies or wardriving idiots.
     
  13. GN-001 Exia

    GN-001 Exia Banned

    Banned
    95
    0
    Apr 1, 2008
    United States
    Preference>dumbfuck idiot fanboys
    kthxbai ttyl
     
  14. BiscuitBee

    BiscuitBee Semi-Resident Cookie-Bug

    Member
    689
    5
    Jul 30, 2008
    Canada
    Canada
    ANYWAY

    Another thought, you could turn off your router's DHCP and pick a different network. (i.e. 192.168.144.1) This would stop even more amateur war-drivers. Again, with the proper sniffers and time, they'll probably just grab that IP and a packet.

    There are a couple options for post-'security' methods. Setup a wireless trap using a linux distro of your choice. You know, have the wireless router's gateway a computer and use that computer as the router.

    {internet cloud} --- [cable/dsl modem] --- [linux trap] --- [wireless router] --- [You and unsuspecting fools.][*]Your computers would have static IP addresses. These addresses would be programmed into the linux trap so you aren't affected. Much like, or exactly like, and access control list.[*]Everyone else that doesn't match your ACL (i.e. DENY), they get put through a bit of packet poisoning or redirect and everything they do will forward them to some weird webpage. Or, if you really wanna stick it to them, remain COMPLETELY transparent and gather all of their wireless data. Chances are, they might log into facebook/email/etc WITHOUT using https. Then, the game begins. Just don't mess with them the same day or the day after... wait a week and let them think their fine.While this is most likely illegal, they shouldn't have been stealing your WiFi in the first place (which is completely illegal).

    One a more LEGAL note: You could install some hotspot software with an introduction screen. Then, make them pay for a WiFi connection (or give it out free)

    I’ve never tried this… but here are some links!
    HotSpot Stuff
    http://www.2hotspot.com/
    http://www.chillispot.info/
    http://www.publicip.net/

    Linux Stuff:
    http://www.wifi.com.ar/english/cdrouter/ - Using Linux as a router, without installing! (Live CD)

    *** I cannot endorse any of these links/programs as I have yet to try them out personally. Perhaps I'll try a hotspot software for my parents business! University kids always go there and ask about wireless.

    @Urza: I've been dying to play around with ddwrt. Perhaps an updated version combined with the newest wireless drivers for my laptop will be compatible. The interface did look quite sezzy.

    The tomato interface works well with my iPod touch (Safari), so if I need to add someone to my Wireless ACL, I can just use my iPod and not have to turn on a computer. Any experience using the ddwrt interface with a mobile device?
     
  15. UltraMagnus

    UltraMagnus hic sunt dracones

    Member
    1,967
    0
    Aug 2, 2007
    Portsmouth
    theoretically, wpa2 is the best encryption....

    however, all of them are crackable, there is a good saying, there are two types of security, those that keep your little sister/brother from reading your diary, and those that stop the FBI finding your ICBM plans, none of these are the latter. and some devices won't do wpa (hell, i have an old laptop that will only do wep64 bit)
     
  16. Salamantis

    Salamantis GBAtemp Advanced Maniac

    Member
    1,945
    7
    Feb 20, 2007
    Canada
    Tomato is good in certain cases, like when your ISP supports MLPPP connections to avoid throttling. I don't think DD-WRT has MLPPP, does it? Anyways, I'm happy with my Tomato/MLPPP firmware.
     
  17. da_head

    da_head A dying dream..

    Member
    2,953
    2
    Apr 7, 2008
    Canada
    Toronto, Canader!
    is this really necessary? do u live in a house or apartment/condo complex? if a house, people would literally have to sit outside ur house to get a decent signal...unless ur router/internet is that awesome?
     
  18. Doomsday Forte

    Doomsday Forte GBAtemp Maniac

    Member
    1,272
    0
    Apr 22, 2007
    United States
    I did some research and I found that I can't use Tomato with my router (WRT54G V6, dammit!). I can use DDWRT, but I'm not even sure that I'd really need it. I'm completely new to routers and I bought this off of a friend after my past two wireless solutions dissolved. I'm familiar with the default interface now, and the only complaint I had (the interface screens would take forever to load) was cleared up in a firmware update.

    For those of you who use DDWRT, is the interface easy to pick up for the wireless network uninitiated? I'm not even entirely sure I need it to be honest. Well, don't need it right now anyway.
     
  19. phoood

    phoood taking it to a whole new level.

    Member
    1,001
    0
    Jul 28, 2006
    United States
    Jewgoslavia
    Yes it is. In ddwrt you can also boost the signal
     
  20. Doomsday Forte

    Doomsday Forte GBAtemp Maniac

    Member
    1,272
    0
    Apr 22, 2007
    United States
    I don't really need that since everything in my room that I need for the router is within 20 feet anyway. =P

    I will look into it later, thanks.

    Edit: To BiscuitBee if she ever comes back to this topic: Apparently my router has access restriction on a timely basis. I can deny or allow at any time (in segments of five minutes) but mine's on 24h anyway. Just thought I'd point that out for some reason. I still would have liked to try Tomato...but anyway, I'll give DDWRT a look later.