 |
 |
Airport Station Access Log
|
|
|
|
|
Mac Elite
Join Date: Jan 2003
Location: Evansville, IN
Status:
Offline
|
|
I walked out of my apartment this afternoon and saw a guy sitting on the stairs with a 14" iBook, and I am assume he was warwalking. This makes me paranoid, and I want to be able to see if he was on my wireless network or the dolt next door.
Where does the base station house its logs?
|
|
|
| |
|
|
|
|
|
|
|
Administrator  Join Date: Apr 2001
Location: San Antonio TX USA
Status:
Offline
|
|
Ouch! Good luck, Tiki!
Sounds like a good reason to use MAC address filtering, at the very least, eh?
Whatever you find out, let us know, ok?
|
|
Glenn -----
MOT, OTR, TxLic
|
| |
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Mar 2001
Status:
Offline
|
|
For those of us who dont know much about this: What exactly is MAC adderess filtering???
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Jan 2003
Location: Evansville, IN
Status:
Offline
|
|
MAC Address is the unique hardware address your system has (I believe). If you go in your Airport Admin Utility, open your base station, and then go to Access control. Add your computer to the list, and it restricts access.
|
|
|
| |
|
|
|
|
|
|
|
Administrator Join Date: Apr 2001
Location: San Antonio TX USA
Status:
Offline
|
|
Oops. Sorry about that. I should have been more thorough in my response. Tikki's absolutely right, and hopefully everyone can now see why using MAC address filtering is a very useful security step.
|
|
Glenn -----
MOT, OTR, TxLic
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Jan 2002
Location: California
Status:
Offline
|
|
Hey guys....
I just went through several troubleshooting procedures with my new Powerbook/Airport Extreme Base Station setup. Had to change the channel on the Base station to get a new signal. Anyway,
How does someone freeload on your Airport signal if they do not know your Network password? I do not have the MAC enabled, but do have the 128 bit encryption enabled (with password protection).
Thanks!
|
|
MacBook Pro C2D 17
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Jan 2003
Location: Evansville, IN
Status:
Offline
|
|
WEP (128bit encryption) is incredibly insecure. Cracking it is very trivial if you know what you are doing.
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Jan 2002
Location: California
Status:
Offline
|
|
What about the "create closed network" option in the Airport Admin Utility?
How would someone crack that?
They would have to type exactly the password you have created.
I am no hacker so this is all new to me!
|
|
MacBook Pro C2D 17
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Jan 2003
Location: Evansville, IN
Status:
Offline
|
|
Not to frighten you, but Airport's and most wireless protocols are incredibly insecure. You just have to decide whether convenience is more important.
I took convenience with a few extra precautions, because nothing beats sitting here on my bed right now typing this 
|
|
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Jan 2002
Location: California
Status:
Offline
|
|
Well, I just went to the Admin again and enabled the Access Control tab so I guess that makes me feel better.
I have looked all over for the MAC address. Where do you set that?
Thanks!
|
|
MacBook Pro C2D 17
|
| |
|
|
|
|
|
|
|
Senior User
Join Date: Jan 2002
Location: Brisbane, Australia
Status:
Offline
|
|
Originally posted by Macpilot:
Well, I just went to the Admin again and enabled the Access Control tab so I guess that makes me feel better.
I have looked all over for the MAC address. Where do you set that?
Thanks!
Open up Airport Admin Utilty.
Hit the show all settings button.
Go to Access Control Tab.
Hit add to add computers in.
I sujest backing this list up when your done and putting it somewere safe. Its really anyoing to type it in a second time 
------------------
How do you get RADIUS to work?
I don't want any free-loaders (Warchalking, WarDriving, WarWalking, WarFlying... I think I listed them all... Mabye WarGolfing)
I have it setup up to only have a DCHP of 4 ips so that only my 4 computers have an IP. I set the licence to like time to 1 day.
I have the MAC specific address for each specific computer.
I have 40bit secruity (2 of the computers have cards that don't support 128 and there is no update... DAMN you ACER!)...
So in summary how does this RADIUS stuff work?
--------------------
Further more with my old Netgear Firewall / Router (aDSL) you could look at a log on its website (local) which would show you:
- Hack atteps
- Time admin signed on
- Websites visited top 10
- Downloads per IP (this was really helpful because I have 4 gb transfer limit per month)
- Blocked websites
Is there any log of some sort for the Airport Extreme? (I assumed there was when i bought it ) All I want to know is when ppl log on and off and the amount they transfer.
|
|
|
| |
|
|
|
|
|
|
|
Administrator Join Date: Apr 2001
Location: San Antonio TX USA
Status:
Offline
|
|
We should soon see Apple release new software/firmware for (hopefully all of) their AirPort products that implements something called Wireless Protected Access, or WPA. WPA addresses the shortcomings of WEP and, unlike WEP has been tested and reviewed by cryptographers.
As for hijacking your wireless network, if you only allow specific MAC addresses to access your network, at least the nasties won't be able to surf for free through your connection. They will, if they want to go to the effort, be able to break your WEP key eventually. It takes the right software and about 8MB of traffic to do so, which can take some time to collect. It's worse if you just leave the same key all the time. Change your key frequently, and you can frustrate, if not outright stop, the hackers and eavesdroppers. Then, when WPA comes out for your equipment-expect the newer stuff to be supported first-install it right away.
|
|
Glenn -----
MOT, OTR, TxLic
|
| |
|
|
|
|
|
|
|
Senior User
Join Date: Jan 2002
Location: Brisbane, Australia
Status:
Offline
|
|
Originally posted by GHPorter:
We should soon see Apple release new software/firmware for (hopefully all of) their AirPort products that implements something called Wireless Protected Access, or WPA. WPA addresses the shortcomings of WEP and, unlike WEP has been tested and reviewed by cryptographers.
As for hijacking your wireless network, if you only allow specific MAC addresses to access your network, at least the nasties won't be able to surf for free through your connection. They will, if they want to go to the effort, be able to break your WEP key eventually. It takes the right software and about 8MB of traffic to do so, which can take some time to collect. It's worse if you just leave the same key all the time. Change your key frequently, and you can frustrate, if not outright stop, the hackers and eavesdroppers. Then, when WPA comes out for your equipment-expect the newer stuff to be supported first-install it right away.
What apout RADIUS ? 
|
|
|
| |
|
|
|
|
|
|
|
Administrator Join Date: Apr 2001
Location: San Antonio TX USA
Status:
Offline
|
|
Unfortunately, Radius isn't as all-inclusive as the new WPA, in that not all vendors' equipment will run with a Radius system. Also, Radius requires a server to authenticate clients, while WPA has a special mode designed for non-managed networks-the kind most of us have at home.
Given my druthers, I'd get Cisco to develop a wireless gateway router that handled LEAP, and then make sure EVERY 802.11b hardware vendor updated their firmware to make every client LEAP compatible. I'm not king of the world today, so that's not going to happen. At least not because of me.
|
|
Glenn -----
MOT, OTR, TxLic
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
