|
A few points.
It is trivial to spoof a MAC address, as it is trivial to see a non-broadcast SSID, as it is trivial to crack a WEP key, even if it is 128bit. What you can do is MAC address combined with a unique key to limit access. Or just use WPA which gives you encryption too. Newer kit will support WPA2 (or 802.11i, or AES) which is far more secure and doesn't have a performance hit. It is best to use WPA or WPA2 with 802.1x security rather than pre-shared keys. Windows Server 2000 or 2003 comes free with an 802.1x authentication server and it can be linked to the MS Active Directory. I could go on and on, but I won't. ;) |
Quote:
Quote:
There's a very well written high-level overview of wireless security at IBM's PC Institute, look for course TXW15, and ignore the slides unique to IBM products. |
Quote:
Trivial, yes the technique is fairly simple for the informed, but for the non tech geek, or heavy tech user, this is not something that someone is going to easily stumble upon, or even read a user group and perform. Sniffing the address is one thing, and implimenting it as a spoof another. We sometimes forget the nature of the things which we DO Do, on a daily basis and often consider them rather simple and/or trivial. Remember, many many MILLIONS of people continued for YEARS to have 12:00 displayed on their VCR's, never to be able to program them ONCE. So much so, that ATT had a special 800# just for getting the accurate time. Regardless of time of day, or HOUR called in it continue to tell callers that the accurate VCR time for programming was: 12:00!!! 12:00!!! 12:00!!! As long as stimply isn't your neighbor, spoofing the MAC address is not going to be a relevant threat, IMHO. Now, for someone living down on University and 10th, in NYC, lookout. I have sniffed peoples addresses, to gain "very short and benign" access to wireless internet just to get my mail or buy a ticket online, only to find a few moments later someone trying to HACK into my laptop. All I can say for those users is, AIRSNARE alerts are a life saver. |
Quote:
In the case of someone living in a suburban home, with a wide open lawn and neighboring houses separated by a hundred feet or so, an attacker will need to park on your street in front of your house, or in your driveway, and be there for say six to 12 hours collecting your WiFi signals. Then he will have to analyze the data to get your encryption keys (assuming WEP encryption). Then he'd have to come back again just to use what he found out. Now what sane person would do that just to steal your bandwidth? In a more dense urban environment, NYC, or any multi-story condo or apartment building for example, signals travel say 200 ft. So a neighbor above, beside or below can detect your signals in the comfort of his home (the SSID beacon, but that is the purpose of a beacon, to id that a network is present). If your network is open and unencrypted, it will be easy to use bandwidth. In this case, use the highest level of encryption your hardware and software can mutually accomodate, or that you can comfortably understand and setup. In increasing order of lowest to highest: None; MAC filtering; WEP; WPA with key authentication; WPA with AES encryption (this is a fed. govt. standard, neither the feds nor foreign govts. will be able to decipher the signals between your laptop and your router). |
Quote:
|
Quote:
|
sounds like
Quote:
sounds like "determined" to me. :-) |
Quote:
|
Quote:
Question: Can the wireless computers in your configuration "connect" to each other? Like on my mini "ethernet-LAN": Disk C on PC "B" is "mounted" as disk F on PC "A". And how about "remote" printing? Thanks. |
yes, and yes maybe
Quote:
yes, once sharing is enabled on the network, (via the computers themselves actually) then they can "connect" to each other, mount drives, etc. Printing is the same, but a printer has to be connected to one of the computers (preferably a wired LAN one) and that computer has to be one. That is why, it is nice to get a wireless router, AP with a printer port, thereby eliminating the need to have a computer connect to a printer, and most importantly ALWAYS ON!. Enable this printer for network printing is fairly trivial, and detailed in MSFT help and support within the basis of XP home and pro. |
Quote:
For printing, I ended up buying a wired netgear parallel port print server for my old HP4P printer. You just plug it into the parallel port and plug a network cable into the other side of it to your network. It gets an IP address, then from any computer you can just add the printer using a network port. The windows thing works too, but it's a pain in the neck. (at least it is for me.) -David |
Great information on this thread. Thanks to all for contributing. As the naive OP, I will have to take the whole thing step by step in order to have perspective on that myriad suggestions. This thread will be a great reference.
Best wishes, Teacher49 |
nmenaker and LIH Prem:
Thanks!!! ^ That means, that I can do what I do today without the cable! I assume the the APPLE AirPort Express would be a good device for the printer (and more): Quote:
|
yes it would
Quote:
however, the AE IMHO is not worth the 2-3 times the price of a very good 802.11g router. The WGT624 mentioned above is a very nice product, available this WE for 39.99, I actually got mine for 25$ after rebate. |
I think he meant for the printer.
Do you already have the AE? It would work for a USB printer. But that may or may not be the best configuration for you. You might just try the microsoft printer sharing, and then you don't need another device. I have my router in an inaccessible location. My notebook has built-in wireless in another location. The family desktop computer in the living room, with a wireless bridge connected to it. In my office I have a bunch of desktop computers and the printers. In the office I have a 10/100 switch connected to a wireless bridge. So all the computers and the printer in my office are using wired ethernet to the 10/100 switch and the 10/100 switch is connected to the wireless bridge. Netgear mini-print server (parallel port to wired ethernet) Netgear 802.11g wireless bridge Netgear 10/100 8 port switch I went with the switch/bridge since none of the desktops had wireless cards but they all had ethernet. The alternative would have been to add wireless cards to each of the four desktops in the office, or just go for the switch and the bridge, which is more flexible for me. (easy to add more devices and/or another switch if necessary.) In the family room, I had a usb wireless device, but that computer only supported usb 1.x, so it was fairly slow, so I spent the extra money and put a bridge in there as well. With the bridge, you connect wired ethernet to the bridge (after configuring it) and you're done. Bridges aren't volume devices for them, so they are relatively expensive compared to the deals you can get on everything else. I'm pretty sure somebody like d-link makes a wireless usb print server if you want to go that route. Nothing wrong with d-link. Many people prefer it to netgear. The best place to start is to plan out your entire network. Once you've done that, then you can pick the gear. The building blocks are the router, bridges, switches, wireless cards, wireless usb devices, wireless pc cards, print servers, etc. -David |
| All times are GMT -6. The time now is 8:45 am. |
This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2026 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.