donut
|
| posted on 19/2/08 at 10:02 AM |
|
|
Home network security
I have just set up a home network between my PC and laptop which connects wirelessly. While reading the instructions it claimed that opening a network
can cause your pooters to be open to the world to hack into. Is this true? I have XP Firewall turned on and theres a firewall on my router.
Also if someone was able to get into my pooter would they only be able to see the shared files?
Cheers
Andy
When I die, I want to go peacefully like my Grandfather did, in his sleep -- not screaming, like the passengers in his car.
http://www.flickr.com/photos/andywest1/
|
|
|
|
|
graememk
|
| posted on 19/2/08 at 10:03 AM |
|
|
quick hack andys pc as its full of home made porn and amature photos....
|
|
|
Mr Whippy
|
| posted on 19/2/08 at 10:06 AM |
|
|
isn't this like on the tv when that guy drove up the street logging into all the wireless broadbands that folk who lived there were using. Thats
why I ripped off the antena from my modem box.
[Edited on 19/2/08 by Mr Whippy]
Fame is when your old car is plastered all over the internet
|
|
|
Duncan_P
|
| posted on 19/2/08 at 10:08 AM |
|
|
You will also need to secure your wireless connection as well. If you don't then potentially any tom, dick or harry within range of your
wireless rooter will be able to pilfer your connection and access your network (you would be suprised at the amount of people that don't have a
secured network).
There are lots of different ways of securing your network depending on how secure you want it to be. MAC address filtering is fairly secure and
pretty easy to setup (if your router supports this).
Unfortunately the setup steps vary from router to router so giving you detailed instructions is pretty difficult here so im afraid its a case of RTFM
or get someone more local to you to pop over and set it up.
|
|
|
jabs
|
| posted on 19/2/08 at 10:08 AM |
|
|
having an open wireless lan also means other people can connect to your network and use your internet connection. It's suprising how many
poeople leave their wireless lans open. Great fun using a laptop/mobile phone and seeing how many connections there are. Just turn on the encryption
to stop them.
|
|
|
vinny1275
|
| posted on 19/2/08 at 10:12 AM |
|
|
About the worst thing they can do to you is:
steal all your files
get your bank details and empty your account
steal your id
use your internet connection to download kiddie pr0n and have you arrested
all of the above
cheery, eh?
At the very least, make sure there's a password on your internet connection. Better still, make sure the connection is locked down to particular
MAC addresses (the hardware id of your wireless network card), use WPA2 encryption, and don't broadcast your SSID. That'll make your
wireless so much hassle to break into that anyone considering it will move onto the next one. As Duncan said, look at the manual for yours to see how
to do this.
One final thing - make sure you change the default password for the router (as it's normally something like "password" , make sure
that remote management is switched off, and keep a backup of your configuration settings, in case you ever need to do a factory reset on it.
HTH
vince
|
|
|
donut
|
| posted on 19/2/08 at 10:16 AM |
|
|
There is a password on my Internet connection/wireless so no one can hack that. Just making sure i have done enough to make things pretty secure.
There won't be many times that my laptop and PC will be on at the same time either so that will cut down the risk.
Oh and you leave my excessive collection of porn alone!!
Andy
When I die, I want to go peacefully like my Grandfather did, in his sleep -- not screaming, like the passengers in his car.
http://www.flickr.com/photos/andywest1/
|
|
|
Duncan_P
|
| posted on 19/2/08 at 10:17 AM |
|
|
quote:
Originally posted by vinny1275
One final thing - make sure you change the default password for the router (as it's normally something like "password", make sure
that remote management is switched off, and keep a backup of your configuration settings, in case you ever need to do a factory reset on it.
If you change the password then it is worth noting it down as it can be a PITA if you forget it (not that i know). As its for a domestic environment
i would just stick a label with it on onto the actual router.
|
|
|
r1_pete
|
| posted on 19/2/08 at 10:29 AM |
|
|
Search your manuals for MAC address filtering - restricts it to devices you define in the router. WEP / WAP - HEX key's required to log on. None
are infalliable but a mix of MAC filtering and wap/wep is advisable.
Pete.
|
|
|
britishtrident
|
| posted on 19/2/08 at 11:15 AM |
|
|
No big deal
On the router set mac address filtering and set a WEP or WEPA password.
Reduce the size of pool of available IP addresses issued by the router to the number of PCs that you will connect.
Some routers allow that each PC Host be allocated the same iP address each time it connects.
On the client PCs if you use windows networking ensure that only the directories you want to share are shared and the shares are passworded. ie keep
a directory specifically for files you need to share don't share your whole c; drive.
Ensure you don't have any web servers or ftp servers running on the clients.
You can also do a whole lot of clever things on the clients like customizing the host and lmhost files and fancy firewalling but it shouldn't
be required.
|
|
|
BenB
|
| posted on 19/2/08 at 12:50 PM |
|
|
MAC filtering helps but its a piece of wee to get round. There are so many bits of software out there to let you change your MAC address.....
|
|
|
gingerprince
|
| posted on 19/2/08 at 01:22 PM |
|
|
MAC address filtering is pretty useless - very easy to circumvent.
Enable WPA if your router supports it (should do unless it's pretty old). It's more secure than WEP, which again is a doddle to break.
Also make sure you've changed the default passwords on your router's admin page. If it's default then if anyone gets on your LAN
they can make changes to your router, potentially redirecting your browsing maliciously to phish for details etc. Good idea if it will let you to
lock down your router to only be administerable from a specific IP address - this will force you to change your laptop address to be that specific
address to be able to change your router, but provides an extra layer of obfuscation for any potential attack.
|
|
|
britishtrident
|
| posted on 19/2/08 at 01:33 PM |
|
|
On any suburban street about 60-75% of wireless nets aren't secured at all --- generally if you have password set you won't get
intruders.
|
|
|
donut
|
| posted on 19/2/08 at 02:59 PM |
|
|
I expect they will just scan for a non secure wireless router to use as there are so many. I hope so anyway!!
Andy
When I die, I want to go peacefully like my Grandfather did, in his sleep -- not screaming, like the passengers in his car.
http://www.flickr.com/photos/andywest1/
|
|
|
