As above.

Anyone done it?

No
*10 char*

Not necessary, strong WPA pass phrase is enough.

Not necessary, strong WPA pass phrase is enough.

Mine is WEP security..... so not necessary as well?

Thanks!

In all instance, no.

well, it depends on individual.. some people are born paranoid.

for home use, no point la...

up to you since u have security enable already.

On WEP so at least people wont accidentally join your network.

to sleep well at night use at least wpa2.

As above.

Anyone done it?

Better to change your SSID and hide it, for security reasons. It is one more piece of information a hacker must obtain before using your network.

Better to change your SSID and hide it, for security reasons. It is one more piece of information a hacker must obtain before using your network.

Go read wireless encryption articles, hiding SSID is not useful, it just like a thin piece of rope compared to a wooden door of WEP and metal door of WPA

BTW, have you used the software called kismet?

Go read wireless encryption articles, hiding SSID is not useful, it just like a thin piece of rope compared to a wooden door of WEP and metal door of WPA

BTW, have you used the software called kismet?

even you hide ssid... they still can find out using kismet ?
:s22:

Not necessary. But for me I do it as I have devices which cannot support WPA and must stick to WEP and I use SSID hide to complement the WEP I have.

Go read wireless encryption articles, hiding SSID is not useful, it just like a thin piece of rope compared to a wooden door of WEP and metal door of WPA

BTW, have you used the software called kismet?

Let me elaborate on my response. Hiding SSID must be complemented by encryption using wpa or wep.

You can also use mac address filters as an additional security feature, but is an hassle if you have new devices added very frequently.

Let me elaborate on my response. Hiding SSID must be complemented by encryption using wpa or wep.

You can also use mac address filters as an additional security feature, but is an hassle if you have new devices added very frequently.

You're not understanding the emphasis, WEP is equivalent to a wooden door, while hiding SSID together with MAC ID filtering is that of a thin rope. If you can hack the thin wooden door open, what is the rope then?

It does not matter if you use both or all the 3 mentioned together, it dosn't help.

Additional note: MAC ID and SSID are shown in clear text during association. Hence you can just sniff it out easily.

Go read wireless encryption articles, hiding SSID is not useful, it just like a thin piece of rope compared to a wooden door of WEP and metal door of WPA

BTW, have you used the software called kismet?


Oic.

I never heard of kismet, what is that?

In all instance, no.

Thanks for the advice.

well, it depends on individual.. some people are born paranoid.

Haha..... ok, thanks for the advise.

for home use, no point la...


Ok thanks for your advise.

to sleep well at night use at least wpa2.

Hmmm..... i don't on my connection when i sleep.

Not necessary. But for me I do it as I have devices which cannot support WPA and must stick to WEP and I use SSID hide to complement the WEP I have.

Oic.

Beside WEP encryption, i activate the check network of security to block any uninvited guests or intruders, hope it does work.

You're not understanding the emphasis, WEP is equivalent to a wooden door, while hiding SSID together with MAC ID filtering is that of a thin rope. If you can hack the thin wooden door open, what is the rope then?

It does not matter if you use both or all the 3 mentioned together, it dosn't help.

Additional note: MAC ID and SSID are shown in clear text during association. Hence you can just sniff it out easily.

Very true. A determined hacker can get past all of the security features listed here. This is like locking your house. You leave the door open, an intruder can claim he was merely trespassing. But put up even a wooden door with a thin rope, trespass becomes break and entry right? :)

Very true. A determined hacker can get past all of the security features listed here. This is like locking your house. You leave the door open, an intruder can claim he was merely trespassing. But put up even a wooden door with a thin rope, trespass becomes break and entry right? :)

:s11: :s11:

:s11: :s11:

Enabling the said security features would prove his undeniable intention to intrude and/or hack, and thus making it a criminal offence.

Your emphasis was on the technical aspects of security, while his was on the legal liability of the intruder. Both of you are on the wrong channel. =:p

I enable broadcast is it's much more convenient for me.

is mac id filtering really useless? i kind of depended on it as my main security.:look:

Enabling the said security features would prove his undeniable intention to intrude and/or hack, and thus making it a criminal offence.

Your emphasis was on the technical aspects of security, while his was on the legal liability of the intruder. Both of you are on the wrong channel. =:p
:s11: :s11:

is mac id filtering really useless? i kind of depended on it as my main security.:look:

well, .....

yes :)

Use WPA2. Enough said. :) If there are device don support WPA2 then update/flash the firmware of the device bah..

I think most devices when flash the latest firmware should already support WPA2 or at least WPA.

is mac id filtering really useless? i kind of depended on it as my main security.:look:
mac id can be cloned :P

mac id can be cloned :P

but if we dun know the mac id which is allowed, how do we know what mac id to clone?

or is there a way to see what mac ids are allowed?:o

yes mac id filtering and disabling ssid may be useless, but it's like having additional locks on your house gate. Of course, if the intruder is really determined to get into your house, he can use industrial tools to cut the locks or lock pick one by one. The thing is, will he go through all that damn trouble?

and also remember that not all wireless devices support WPA2 like the PSP.

yes mac id filtering and disabling ssid may be useless, but it's like having additional locks on your house gate. Of course, if the intruder is really determined to get into your house, he can use industrial tools to cut the locks or lock pick one by one. The thing is, will he go through all that damn trouble?

and also remember that not all wireless devices support WPA2 like the PSP.

i think i nid to update it to slightly more relevant compared to my previous example

WPA - made of steel
WEP - made of thin wood
??? - made of plastic
MAC ID/SSID hide - made of thin piece of string.

If you see relevant videos, you wouldn't want to even make such comments. It dosn't help.

well .. for better security. it means less convenient lor. For more convenient, then ... security will be worst.

So .. up to you to decide to choose the methodology. For me .. I choose WPA2 with AES and still I disable SSID broadcast. Up to individual to decide.

well .. for better security. it means less convenient lor. For more convenient, then ... security will be worst.

So .. up to you to decide to choose the methodology. For me .. I choose WPA2 with AES and still I disable SSID broadcast. Up to individual to decide.

I do all of the following, and yet a determined hacker can get through if he wants.


WPA2 with AES
Hide SSID
MAC Address filtering
Subnet sizing. Choose the smallest subnet to accomodate the number of devices in the house, and then specify the number of addresses in the DHCP pool. The number of available IPs will be just right to for my own devices.And yet, a determined hacker can get through all this. But then like I said, someone who gets through all this will barely have a defense if he is caught will he? :s7:

I do all of the following, and yet a determined hacker can get through if he wants.


WPA2 with AES
Hide SSID
MAC Address filtering
Subnet sizing. Choose the smallest subnet to accomodate the number of devices in the house, and then specify the number of addresses in the DHCP pool. The number of available IPs will be just right to for my own devices.And yet, a determined hacker can get through all this. But then like I said, someone who gets through all this will barely have a defense if he is caught will he? :s7:

No. Lets see why.

WPA2 with AES - There is no known effective cryptanalysis. You can however bruteforce your way out, but it will take at minimum years, so much so that the router is probably already dead!!

Choosing a subnet size. For example, setting DHCP to only dish 10.0.0.2 - 10.0.0.5 does NOT mean people cant set their PC to 10.0.0.6 and still be able to access the network, duhz.

Please see the article on the "The six DUMBEST ways to secure a wireless LAN" here (http://blogs.zdnet.com/Ou/index.php?p=43) if you still figure out you are doing something for nothing effective.

No. Lets see why.

WPA2 with AES - There is no known effective cryptanalysis. You can however bruteforce your way out, but it will take at minimum years, so much so that the router is probably already dead!!

Choosing a subnet size. For example, setting DHCP to only dish 10.0.0.2 - 10.0.0.5 does NOT mean people cant set their PC to 10.0.0.6 and still be able to access the network, duhz.

Please see the article on the "The six DUMBEST ways to secure a wireless LAN" here (http://blogs.zdnet.com/Ou/index.php?p=43) if you still figure out you are doing something for nothing effective.

thanks for that great link:D *thumbsup*

nICE LINK!!!!

No. Lets see why.

WPA2 with AES - There is no known effective cryptanalysis. You can however bruteforce your way out, but it will take at minimum years, so much so that the router is probably already dead!!

Choosing a subnet size. For example, setting DHCP to only dish 10.0.0.2 - 10.0.0.5 does NOT mean people cant set their PC to 10.0.0.6 and still be able to access the network, duhz.

Please see the article on the "The six DUMBEST ways to secure a wireless LAN" here (http://blogs.zdnet.com/Ou/index.php?p=43) if you still figure out you are doing something for nothing effective.

Thanks! nice info.

Here's more that i got from that page: http://www.networkworld.com/columnists/2007/030507-wireless-security.html