Network protection

**dave2010** · 15-05-2012, 14:09

Originally Posted by MartinT

WEP is far too easily cracked. All they need is an automated tool and 15 mins. You need a router with WPA2K encryption. Not unbreakable, but I doubt that MI5 or the FBI want to use your wireless facility.

Most modern routers support WPA2K.

WEP - 15 minutes! That was years ago. Anyone who calls themself a hacker should be able to crack it in a couple of minutes or less.

As you say, WPA2 is the way to go. Sometimes one might be forced to use WEP in order to work with older kit, but no-one who wants to keep a secure system should do this.

**dr.jones** · 16-05-2012, 11:19

As someone else has stated, simplest way to stop others joining is to disable SSID being broadcast and configure the MAC address list of allowed devices and disable any others - most routers have this facility.
Pain to do in the first place but basically stop any new device (unless they managed to spoof one of your devices MAC addresses and this is highly unlikely) to join your network.

Just means you have to manually add all your devices one at a time, then add any new ones as you need to.

I'm pretty sure they've proven that even WPA2 can be cracked easily given long enough now and due to the fact they live nearby they could leave it running through until it cracks it quite easily.

**dave2010** · 16-05-2012, 19:01

The post here which mentions rainbow tables gives some clues - http://www.sheffieldforum.co.uk/arch.../t-786297.html

On balance it seems that WPA2 is hard to crack if you use a hard password i.e not your girl friend's name or your birthday. However it does look as though rainbow tables make life easier for hackers, and they seem also to depend on the SSID. One message from this is to change the SSID to something unusual, and maybe if you're paranoid, change the SSIDs periodically. Hiding the SSID doen't really make a great deal of difference though, as hackers can probably find them quite easily. What having different SSIDs does is slow them up a lot, as it takes time to create the rainbow tables. Don't leave the SSID at the default manufacurer's setting - that's just like leaving the keys outside the door.

MartinT · 16-05-2012, 19:06

Ultimately, you can't beat someone really determined. However, a combination of hiding your SSID, using WPA2K encryption and using Mac address registration for your devices will slow them down and probably make them go find other low hanging fruit.

I make do with WPA2K and don't get paranoid about it. A regular check with logged in devices in my router shows that no-one is interested.

**mike1210** · 16-05-2012, 23:24

I would recommend against SSID hiding see below it can make security worse

http://blogs.technet.com/b/networkin...-bad-idea.aspx

Only decent security is WPA2 with a long password, make one here:

http://www.kurtm.net/wpa-pskgen/

Thread: Network protection

Thread Tools

Display

Posting Permissions