Is my wireless router screwed?
Aug 15, 2008 | 10:09 pm
#16
FlyerTalk Evangelist
Join Date: Jul 2003
Posts: 11,377
It's all about layers.
Aug 15, 2008 | 11:18 pm
#17
Original Poster
FlyerTalk Evangelist
Join Date: Feb 2003
Location: New York, NY
Programs: BAEC Gold, Delta Platinum, Hilton Diamond, Marriott Gold, AMEX Platinum (US)
Posts: 18,543
I've turned off SSID broadcasting and with the MAC address filtering I'm getting rid of the person who just turns on their laptop and latches onto the nearest unsecured network. There are enough unsecured networks round here that if someone wants to get onboard then they'll probably look elsewhere.
Aug 15, 2008 | 11:26 pm
#18
In Memoriam
Join Date: Jun 2000
Programs: Honors Diamond, Hertz Presidents Circle, National Exec Elite
Posts: 36,111
If you've got a computer always on, My Wife Zone is very effective.
http://www.worldstart.com/tips/tips.php/2064
If someone attempts to associate whom you haven't approved via either ip address, mac address, or both, they get a nasty "denied" page.
However, you'll need to hunt for version 3.0 which is free; current 4.0 version is paid.
http://www.worldstart.com/tips/tips.php/2064
If someone attempts to associate whom you haven't approved via either ip address, mac address, or both, they get a nasty "denied" page.
However, you'll need to hunt for version 3.0 which is free; current 4.0 version is paid.
Aug 16, 2008 | 10:26 am
#19
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,773
I solve this problem by leaving my wifi open, and closing all ports on my machines.
If someone wants a little bandwidth for a bit, I don't mind.
Plus, if someone traces questionable activity to my IP, I can say that it could easily have been someone else.
If someone wants a little bandwidth for a bit, I don't mind.
Plus, if someone traces questionable activity to my IP, I can say that it could easily have been someone else.
Aug 16, 2008 | 12:09 pm
#20
Suspended
Join Date: Jan 2001
Location: ORD / DUB / LHR
Programs: UA 1K MM; BA Silver; Marriott Plat
Posts: 8,240
Besides, how do you possibly benefit from that setup?
Aug 16, 2008 | 10:28 pm
#21
Join Date: Oct 1999
Location: Woodside, CA, USA
Programs: United Platinum
Posts: 530
That's a stunningly dangerous decision - speaking as a professional in the networking / communications industry. There's whole categories of "questionable activity" where the relevant authorities wouldn't even stop to listen to a defense like that (eg: the FBI "believing" that anything "terrorism-related" originated from that connection, to say the least); personally I'd be doing everything I could to keep people from getting to that stage.
Besides, how do you possibly benefit from that setup?
Besides, how do you possibly benefit from that setup?
If someone really wants to sneak into my yard to get on my wireless network, I'll let my dog discourage them.
I wouldn't lose TOO much sleep over leaving my AP somewhat open, as the above poster's doing, but I certainly wouldn't go to all the trouble of locking down every PC while leaving the AP alone. Its just easier to secure the AP.
Bob
Aug 17, 2008 | 2:32 am
#22
Join Date: May 2004
Location: Home
Programs: AA, Delta, UA & thanks to FTers for my PC Gold!
Posts: 7,674
If you've got a computer always on, My Wife Zone is very effective.
http://www.worldstart.com/tips/tips.php/2064
http://www.worldstart.com/tips/tips.php/2064
Aug 17, 2008 | 10:18 am
#23
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,773
That's a stunningly dangerous decision - speaking as a professional in the networking / communications industry. There's whole categories of "questionable activity" where the relevant authorities wouldn't even stop to listen to a defense like that (eg: the FBI "believing" that anything "terrorism-related" originated from that connection, to say the least); personally I'd be doing everything I could to keep people from getting to that stage.
Besides, how do you possibly benefit from that setup?
Besides, how do you possibly benefit from that setup?
You know, I've always run 128 bit WEP on my connection (my Tivo's wireless adapter doesn't support WPA) and decided, I don't really care if someone uses some of my bandwidth. So I turned WEP off, thinking it'd be good karma to share. But after a couple days of feeling insecure, I turned it back on.
I mean, paranoia check. What's the worst that can happen? Someone uses my connection to email al Qaeda or something - but the chance of that happening is infinitesimal. So really, big deal.
And yet, I still turned it on...
Aug 17, 2008 | 1:22 pm
#24
Suspended
Join Date: Jan 2001
Location: ORD / DUB / LHR
Programs: UA 1K MM; BA Silver; Marriott Plat
Posts: 8,240
but far more likely is your 16 year old next door neighbour who finds he can get a perfect signal on your wireless network and uses it to download child porn or something like that. These things happen literally every day. I just struggle to understand why you would turn off security when you already had it enabled - unless you have an extremely fast WAN connection it really has no performance impact. Just trying to make a helpful suggestion
Aug 17, 2008 | 1:52 pm
#25
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,773
That's probably the worst (at least in the US) but far more likely is your 16 year old next door neighbour who finds he can get a perfect signal on your wireless network and uses it to download child porn or something like that. These things happen literally every day. I just struggle to understand why you would turn off security when you already had it enabled - unless you have an extremely fast WAN connection it really has no performance impact.
Just trying to make a helpful suggestion
but far more likely is your 16 year old next door neighbour who finds he can get a perfect signal on your wireless network and uses it to download child porn or something like that. These things happen literally every day. I just struggle to understand why you would turn off security when you already had it enabled - unless you have an extremely fast WAN connection it really has no performance impact. Just trying to make a helpful suggestion
Aug 17, 2008 | 6:53 pm
#26
Join Date: Aug 2007
Location: New York, NY
Programs: Mileage Plus, Skymiles, EleVAte founding member, SPG
Posts: 1,910
Not paranoia exactly, but Time Warner in Manhattan drives up and down the streets looking for open networks. If they find one, you might get a letter threatening to terminate your service if you don't lock it down.
Last edited by wiredboy10003; Aug 17, 2008 at 6:59 pm
Aug 18, 2008 | 8:32 am
#27
Join Date: Mar 2003
Location: IAD
Programs: United MP
Posts: 7,857
My first WiFi router was an Apple Airport. I just plugged it in and it worked. Then Vonage offered me a Belkin WiFi router to use with their service. I've hated it since the day I got it because of this stuff. If the cleaning lady has to unplug it for any reason I curse her under my breath.
I wouldn't use one if it isn't.
Aug 18, 2008 | 8:39 am
#28
Join Date: Aug 2007
Location: New York, NY
Programs: Mileage Plus, Skymiles, EleVAte founding member, SPG
Posts: 1,910
Sure you can configure it. You just don't have to memorize 54648.343684.164.194545 to do it. If you're happy with it as it is out of the box then you don't even have to do anything.
Aug 18, 2008 | 9:30 am
#29
FlyerTalk Evangelist
Join Date: Nov 2002
Location: ORD
Posts: 14,773
This is why I use my Airport only to stream music to my stereo.
Well, that and it's a bad router - drops connections a lot, slow throughput.
Aug 24, 2008 | 10:04 am
#30
Original Poster
FlyerTalk Evangelist
Join Date: Feb 2003
Location: New York, NY
Programs: BAEC Gold, Delta Platinum, Hilton Diamond, Marriott Gold, AMEX Platinum (US)
Posts: 18,543
OK, so I checked my security log and despite not boradcasting SSID and using MAC address filtering I've got this in the log which a quick Google suggests isn't too good.
So I had a look round and it seems My WiFi Zone 4 is free for download now! Just tried downloaded it and blocked my wife who got a bit worried for a second
Sat Aug 23 17:02:47 2008 : DHCP Client : Receive Ack from 68.87.73.12, Lease time = 345600
Sat Aug 23 17:02:47 2008 : DHCP Client : Send Request, Request IP = 71.197.4.219
Thu Aug 21 17:01:40 2008 : DHCP Client : Receive Ack from 68.87.73.12, Lease time = 345600
Thu Aug 21 17:01:40 2008 : DHCP Client : Send Request, Request IP = 71.197.4.219
Wed Aug 20 10:54:17 2008 : **TCP SYN Flooding** Source IP:192.168.2.68 Port:60131 Dest IP:83.195.16.79 Port:6881
Wed Aug 20 10:54:17 2008 : **TCP SYN Flooding** Source IP:192.168.2.68 Port:60130 Dest IP:83.81.75.155 Port:6881
Wed Aug 20 10:54:17 2008 : **TCP SYN Flooding** Source IP:192.168.2.68 Port:60129 Dest IP:97.117.11.62 Port:43360
Wed Aug 20 10:54:17 2008 : **TCP SYN Flooding** Source IP:192.168.2.68 Port:60128 Dest IP:24.163.201.73 Port:25770
Tue Aug 19 17:00:33 2008 : DHCP Client : Receive Ack from 68.87.73.12, Lease time = 345600
Tue Aug 19 17:00:33 2008 : DHCP Client : Send Request, Request IP = 71.197.4.219
Sat Aug 23 17:02:47 2008 : DHCP Client : Send Request, Request IP = 71.197.4.219
Thu Aug 21 17:01:40 2008 : DHCP Client : Receive Ack from 68.87.73.12, Lease time = 345600
Thu Aug 21 17:01:40 2008 : DHCP Client : Send Request, Request IP = 71.197.4.219
Wed Aug 20 10:54:17 2008 : **TCP SYN Flooding** Source IP:192.168.2.68 Port:60131 Dest IP:83.195.16.79 Port:6881
Wed Aug 20 10:54:17 2008 : **TCP SYN Flooding** Source IP:192.168.2.68 Port:60130 Dest IP:83.81.75.155 Port:6881
Wed Aug 20 10:54:17 2008 : **TCP SYN Flooding** Source IP:192.168.2.68 Port:60129 Dest IP:97.117.11.62 Port:43360
Wed Aug 20 10:54:17 2008 : **TCP SYN Flooding** Source IP:192.168.2.68 Port:60128 Dest IP:24.163.201.73 Port:25770
Tue Aug 19 17:00:33 2008 : DHCP Client : Receive Ack from 68.87.73.12, Lease time = 345600
Tue Aug 19 17:00:33 2008 : DHCP Client : Send Request, Request IP = 71.197.4.219
Last edited by Fraser; Aug 24, 2008 at 11:18 am