 |
 |
Wireless security
|
|
|
|
|
Professional Poster
Join Date: Sep 2000
Location: San Francisco
Status:
Offline
|
|
I was playing around with iStumbler last night and noticed that someone near me had a completely unprotected wireless network. I could have just connected to the network and started browsing the internet on their dime.
Two questions:
1) Is there any way to inform this person if I don't have a clue who they are? If they were on a Mac with Rendezvous iChat enabled then I could contact them, but that seems highly unlikely.
2) How do I know if someone is probing my wireless network? It is password protected, but I'm not sure if it is 40bit or 128bit. Is there a way to find out which version of Airport cards I have? I checked System Profiler, but it doesn't seem to give any version information. I just create a network between my G4 and my iBook (with the G4 sharing it's DSL connection) as I don't have a basestation.
Any other thoughts on wireless security?
thanks,
kman
|
|
|
| |
|
|
|
|
|
|
|
Forum Regular
Join Date: Jul 2001
Location: Tokyo
Status:
Offline
|
|
there are various levels of security in airport. starting with no security at all:
1. openly broadcast network name: anyone can see the name, as you did.
2. there is a check box however, to keep the network name secret and unbroadcast. this is one of the most important things to check. if you check this box, then iStumbler will not list it. it wont know the name of the network. anybody accessing it needs first to know the name of the network. beautiful. no one can join yr network without this name, but it is not encrpted transmission.
3.password protected network (ie, wep). there is a small hit on speed if yr network is password protected. this is encription.
if you password protect, and, encrypt it, for all practical purposes, no one will be able to join, or even see yr network, let alone view and understand yr transmissions over it.
yes, yes, yes, it can be done, it can be broken into. but again, if you check to cloak the name of the network to begin with, this is extremely troublesome to do. i would feel safe that no one on yr block (or mine), can do it.
4. there is one more thing you do, to prevent others from accessing/using yr network, which is to tell yr setup to only allow the specific airport cards that are in yr machines access it. each of yr cards has a MAC address (not mac, that, but MAC). if you tell yr network that yr cards only can access it, then no one else, no matter hard, will be able to access it. that is, no one will be able to USE it. they might be able to SEE that it exists, and maybe even read what you say on it, but they wont be able to borrow the signal for their own transmissions.
by the way, make the password for the basestation a long one, using numbers and letters, and change it every 2 or 3 months.
if you do all of the above, you are a rare soul indeed, but you will acheive wired EQUIVALENT protection at last.
by the way, it will say on yr airport card what the encryption level is (40 or 128).
i love airport and the world is not wirelessly hooking up quickly enough!
think different,
(
Last edited by niji; Feb 4, 2003 at 11:51 AM.
)
|
|
|
| |
|
|
|
|
|
|
|
Professional Poster
Join Date: Sep 2000
Location: San Francisco
Status:
Offline
|
|
Originally posted by niji:
there are various levels of security in airport. starting with no security at all:
1. openly broadcast network name: anyone can see the name, as you did.
2. there is a check box however, to keep the network name secret and unbroadcast. this is one of the most important things to check. if you check this box, then iStumbler will not list it. it wont know the name of the network. anybody accessing it needs first to know the name of the network. beautiful. no one can join yr network without this name, but it is not encrpted transmission.
3.password protected network (ie, wep). there is a small hit on speed if yr network is password protected. this is encription.
if you password protect, and, encrypt it, for all practical purposes, no one will be able to join, or even see yr network, let alone view and understand yr transmissions over it.
yes, yes, yes, it can be done, it can be broken into. but again, if you check to cloak the name of the network to begin with, this is extremely troublesome to do. i would feel safe that no one on yr block (or mine), can do it.
4. there is one more thing you do, to prevent others from accessing/using yr network, which is to tell yr setup to only allow the specific airport cards that are in yr machines access it. each of yr cards has a MAC address (not mac, that, but MAC). if you tell yr network that yr cards only can access it, then no one else, no matter hard, will be able to access it.
by the way, make the password for the basestation a long one, using numbers and letters, and change it every 2 or 3 months.
if you do all of the above, you are a rare sould, but you will acheive wired EQUIVLANET protection.
by the way, it will say on yr airport card what the encryption level is (40 or 12().
i love airport and the world is not wirelessly hooking up quick enough!
think different,
I don't have a basestation. Is there a way to cloak my ad hoc network between my computers? I don't see anything in the Airport tab of Network prefs in 10.2.3.
kman
|
|
|
| |
|
|
|
|
|
|
|
Forum Regular
Join Date: Jul 2001
Location: Tokyo
Status:
Offline
|
|
sorry, but i on the other hand, use a base station. so i cant be sure that what you see and what i see are the same, but, on my airport confi pref there are 5 tabs (airport/internet/network/port mapping/access control). on the airport tab, under network name that you enter, there is a check box that says, "Create Closed Network". Is it there for you? If so, check it! This cloaks the name of the network.
thnx
think even more different
wait, wait. i see the problem. we are talking about two different prefs! find the airport network config file which is in the main applications folder (computer/applications).
i am not talking about the airport pane in yr network pref!
hth even more/
|
|
|
| |
|
|
|
|
|
|
|
Professional Poster
Join Date: Sep 2000
Location: San Francisco
Status:
Offline
|
|
Originally posted by niji:
sorry, but i on the other hand, use a base station. so i cant be sure that what you see and what i see are the same, but, on my airport confi pref there are 5 tabs (airport/internet/network/port mapping/access control). on the airport tab, under network name that you enter, there is a check box that says, "Create Closed Network". Is it there for you? If so, check it! This cloaks the name of the network.
thnx
think even more different
wait, wait. i see the problem. we are talking about two different prefs! find the airport network config file which is in the main applications folder (computer/applications).
i am not talking about the airport pane in yr network pref!
hth even more/
The Airport Admin Utility only appears to work on basestations. Maybe it's time I get one. It's annoying to lose internet access when my wife goes to bed anyway since she shuts down the G4 which is in our bedroom. 
kman
|
|
|
| |
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Mar 2002
Status:
Offline
|
|
|
|
|
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
Top