Right so I’ve got this crappy router that doesn’t work (properly) with WPA, and an equally crappy Windows Media Centre Extender that doesn’t work properly with WEP, so the only way to make it work nicely is to turn security off.

Bad idea, I thought, but the router supports MAC address filtering. If I just use this as security, then it should be ok right?

I am leaving myself open to packet sniffing, though, but that could happen anywhere on the internet I am guessing, and anything secure (ie online banking) should be via https anyway.

Whaddya reckon?

MAC filtering can be bypassed by someone with the correct knowledge – but then so can any form of encryption. I reckon it’s safe for home use.

Depends on your paranoia level. As you mention, anything that isn’t encrypted is available for snooping so make sure your Email etc is via https. Changing a network interfaces MAC address is easy also so someone could use your internet connection if left on and you’re not using it.

Paranoia level is low. Email is already via https.

So they can get my MAC address from my packets and thence change their own MAC address to match mine, right?

Failing that I’ll just buy a decent N router and use it as a wireless access point, and then just use the crappy one as a DSL modem.

So they can get my MAC address from my packets and thence change their own MAC address to match mine, right?

Yup, sorry didn’t explain myself very well.

Turn off or leave on broadcasting SSID, bother or dont bother with MAC filtering…

Choose one of WEP/WPA/WPA2

Then boot up a box running Ubuntu or some linux distro and install Aircrack NG and chillax, safe in the knowledge you should be able to crack any of them assuming you can capture enough data 😀

Then boot up a box running Ubuntu or some linux distro and install Aircrack NG and chillax, safe in the knowledge you should be able to crack any of them assuming you can capture enough data

Thanks, and there was me thinking my precious posts to STW were completely invincible! 🙄

This is about reasonable lenghts, not ultimate security!

Haha

I had to be awkward.

I was expecting a moat, guard dogs, barb fences, UPS, backup generators… A serious place 😀

Bad idea, I thought, but the router supports MAC address filtering. If I just use this as security, then it should be ok right?

I am leaving myself open to packet sniffing, though, but that could happen anywhere on the internet I am guessing, and anything secure (ie online banking) should be via https anyway.

Whaddya reckon?

You’re not just leaving yourself open to packet sniffing, you’re making your access point easily available. No encryption, anyone can associate with it, then they have an unfirewalled connection to your PC and obviously they can use your bandwidth…you know, to attack the FBI or download kiddie porn.

When a malicious user does a network scan, he’ll look for open access points first, why go to the effort of cracking some encryption if he can gain access effectively for free? As above, MAC filtering and turning off SSID broadcast will only stop the most casual of attackers. WEP is normally a trivial five minute job to crack, WPA/WPA2 all depends on how strong your password is and how much time and computing power they have. They only need to capture one IV to start cracking and there are a number of online server farms who will do the job for you for a few dollars.

All wireless protection is breakable, but what you need to do is make yours less attractive than your neighbours. 😉

If it’s that easy to hack with some downloadable software then I might as well just enable MAC filtering to get rid of the risk of neighbours logging on and downloading kiddie porn.

Depends if you have neighbours like me or not. 😉

It’s not easy by any means but there are plenty of amateurs who know how to do it and if you make it look tough, they’ll just try another one.
If I fire up a wireless scan on my laptop I can see three access points that aren’t mine. If I plug in a fifty quid antenna I can see over a hundred. I’m picking up the macdonalds down in town which is over a mile away as the crow flies. With that sort of availability I wouldn’t need to bother trying to crack any WPA keys, I’ll just find the open and WEP ones.

Mac filtering is not safe in any way shape or form. Utterly trivial to bypass. Better than nothing, but that’s it.

http://www.techrepublic.com/blog/security/how-to-spoof-a-mac-address/395

I don’t have any security on mine, as quite frankly once I add up all the laptops, i-thingies, XBox’s and assorted phones in our house its too much for my brain…

But I’m sure it saves my neighbours paying for theirs 😕

New router it is then. Shame, I’ve got two at home 🙁

Powerline/homeplug is an option for some

you could then depending on your needs, turn off the wireless

Costly for what I want. Although I could use them when I get home.

Although I’m in Germany so they’d need adapters.. could mess it up.

If I fire up a wireless scan on my laptop I can see three access points that aren’t mine. If I plug in a fifty quid antenna I can see over a hundred. I’m picking up the macdonalds down in town which is over a mile away as the crow flies.

At first I thought I should start to panic because I live less than mile from Samuri – then I decided he should start to panic because I sound like a stalker. 😈

Now I’m intrigued. You’re not vocal enough online as far as I can tell to give much away too.

Have some fun if your neighbours are stealing your WiFi..

http://www.ex-parrot.com/pete/upside-down-ternet.html

And yes, it works 😉