FISHO wireless network, is it yours?

[lalaland 10]

Originally posted by mbatey

Stupid question -

 

I've got a wireless network for our home Macs, that uses an Airport Express router. I set it up to use WPA rather than WEP, which I think is a good thing. And OSX has a built-in firewall.

 

Do I need to do anything else?

 

[mbatey]

Not sure about Macs to be honest, but I would take a look at the included firewall. Check that it matches up to a comercial one.

 

Windows XP comes with it's own firewall too, but it's not really up to much when you compare it to the likes of Outpost or Smoothwall.

[melthebell 862]

Originally posted by lalaland

 

Manuals also play a massive part in educating people and it's time that manufacturers realised this and produced simpler manuals for people with less understanding of these products.

 

 

simpler manual, you cant get nothing simpler, they tell you how to set it up, plug it in, change display settings etc, and a number to phone for troubleshooting

 

they never say what you really need em to say about the inner workings of pcs..........in my eyes they should be a lot thicker, more indepth and tell you exactly about your pc and how to use it

 

 

" PCs can very much and should be home toys if that's what the buyer wants from them. Why shouldn't they be? Just because some idiot abuses his knowledge on a computer and takes advantage of a person with less knowledge doesn't mean that PCs can't be used by those with little knowledge."

 

this bit aswell, highly dodgy too, troube is if the idiot uses his knowledge to create zombies etc theres no telling what havac can be created

all it takes is the general public to read up, learn, get to know your computer, how it works etc and the net'd be 90% safer?

 

hacking, cracking, cyber crime is on the increase due to one thing............peoples ignorance about computer systems, this thread about somebodys unsecured wifi shows that

[lalaland 10]

Originally posted by melthebell

simpler manual, you cant get nothing simpler, they tell you how to set it up, plug it in, change display settings etc, and a number to phone for troubleshooting

I don't agree. The people I have had to help with their computer equipment have a lot of the time got a problem due to manuals that aren't written for someone with low PC knowledge to understand.

 

I don't have a problem understanding them, but I get sent to companies at £800 a day for computer and software matters so I normally know what I'm doing. (I don't get the £800 by the way, that goes to my employer)

 

Originally posted by melthebell

they never say what you really need em to say about the inner workings of pcs..........in my eyes they should be a lot thicker, more indepth and tell you exactly about your pc and how to use it

Possibly a good idea. Or maybe it's time they included two sections in the manual, one being for experienced users and one being for absolute beginners which a bit of an explanation in to how it works and why.

 

If stores took a little longer to train their staff to sell a product that a customer needs, not just because it's on offer or costs more etc. then that would help too. It would also be nice if when a member of staff is asked "Do I need to set anything up on this product?" that they are told the truth and not just some sales crap about it setting itself up.

 

Originally posted by melthebell

this bit aswell, highly dodgy too, troube is if the idiot uses his knowledge to create zombies etc theres no telling what havac can be created

all it takes is the general public to read up, learn, get to know your computer, how it works etc and the net'd be 90% safer?

 

hacking, cracking, cyber crime is on the increase due to one thing............peoples ignorance about computer systems, this thread about somebodys unsecured wifi shows that

Partly yes, but I'd blame the increase on more and more people taking to computer crimes rather than those that aren't aware of it. If the people commiting the crimes in the first place didn't do so then there'd be no problem.

 

One thing I noticed is that the younger generation of users tend to be more knowledgable on internet issues and modern day computer systems, so I suspect over time that the less knowledgable people will decrease in number.

[SupraSteve 10]

Originally posted by mbatey

Stupid question -

 

I've got a wireless network for our home Macs, that uses an Airport Express router. I set it up to use WPA rather than WEP, which I think is a good thing. And OSX has a built-in firewall.

 

Do I need to do anything else?

 

[mbatey]

 

The advice I've given on page 2 isn't OS dependant

[ToryCynic 10]

Originally posted by SupraSteve

The advice I've given on page 2 isn't OS dependant

 

No networking equipment isn't OS dependent, as Steve rightly points out. (http://www.sheffieldforum.co.uk/showthread.php?s=&threadid=63273&highlight=operating+system)

[Old_Bloke 10]

Originally posted by mbatey

Stupid question -

 

I've got a wireless network for our home Macs, that uses an Airport Express router. I set it up to use WPA rather than WEP, which I think is a good thing. And OSX has a built-in firewall.

 

Do I need to do anything else?

 

[mbatey]

 

At the moment you are fine using OS X's built-in firewall. There's no need to shell out for a comercial one like Norton, although they obviously try to persuade people differently. Just make sure you've unticked the boxes in the firewall prefs for those bits which you don't need.

[mbatey 10]

Thanks for the replies re Macs - I know the boxes you mean, Old_Bloke, they're almost all unticked.

 

It took me 10 minutes to get a wireless internet connection rocking, with file sharing between the two computers

 

I love Macs!

 

[mbatey]

[Hook 10]

Originally posted by limpetboy

Maybe some of these people use MAC Filtering on their router. The network 'looks' unsecure but actually if your name's not down you're not coming in.

 

Just a thought like. It's easier than having to hunt around for the bit of paper you wrote down the hexnumeric key on 6 months ago when you installed the router.

 

I'm sure it's round here somewhere...I left it with the disks I'm sure I did...no, i put it in the drawer with all the spare bits and bobs...no it's not there either...oh **** it, start again. And so on.

 

Mine looks unsecure to the outside world, but access is mac filtered. The logs show people trying to hijack it all the time!

[lalaland 10]

I am just waiting for my wireless kit to turn up to add it to my home network, but when it arrives I will encrypt it and use the Mac lock.

 

I know encryption can make a slight impact on the speed of the network supplied via the wireless kit, but it's worth it.

 

There are still many attacks that can be done on a network and to only use one method of securing it when there are two or more available seems daft to me.

 

It's possible to use Mac spoofing to gain access to a non encrypted network. I admit this wouldn't be possible by your average kid with a PDA or laptop, but if someone's determined enough to gain access to your network then you just made one less hurdle for them by not bothering with encryption.

 

I was discussing this with someone at work yesterday following reading this thread and he checked what he could see last night from his house. 5 unprotected networks by him!!

 

I suspect a good few of these types of people will have got their wireless kit and be unaware of the dangers of not protecting it, or even unaware that you can and should protect it.

 

Even the simplest script kiddie could gain access to a machine via an unprotected wireless connection. If the owner isn't aware of firewalls or has one but it's not correctly configured then it's not going to take long for the intruder to get a simple trojan on to the owners machine. Once that's in place it can easily be executed and give full access to the owners machine.

 

Once this little toad gets a trojan on the system he / she can carry out pretty much anything on that machine. One example would be Sub7 that used to be quite a threat. This is a freely downloadable trojan that allows the user to gain access to another user's PC by getting them to run a small server application which can be disuised as a legitimate application. Once they've run the server, the user with the client application can access the PC remotely without the owner even knowing. They could do things like watch them through the webcam, take over the PC, search files, log key strokes, steal passwords, lock out the owner and many other nasty things.

 

Most script kiddies use trojans as a form of fun to wind up their victims, but there are those that use features such as the screen monitor and key log to capture the owners activities and gain access to bank accounts and other personal stuff that you wouldn't want anyone knowing.

 

It may sound far fetched, but it's not. I could easily take a laptop to my mate's road and reckon I could gain access to at least one of those 5 networks, based on the number of users that are unaware of the risks and don't use firewalls etc. (I wouldn't do this)

 

So I still think you are best making it as secure as possible. If you have the option of 2 methods of securing your network then do it. Leaving one off just makes it so there's one less hurdle for the attacker.

 

And just curiously, did Fisho ever come forward or PM you Gpsy?

[Hook 10]

Originally posted by lalaland

So I still think you are best making it as secure as possible. If you have the option of 2 methods of securing your network then do it. Leaving one off just makes it so there's one less hurdle for the attacker.

 

Indeed, but for some reason (I'm not sure if it's because of the standards of WPA-PSK or just because of computers being computers) neither at my home here, or in Sheffield can any of the PC's with only a "B" network card access a WPA-PSK network. Using WEP encryption does very little, and your kiddie with the PDA can easily bypass that.

 

If somebody wishes to hijack my network and they're so determined they are willing to use MAC spoofing, WEP or WPA-PSK are highly unlikely to stop them. MAC protection is strong enough for me. The only other way to secure the connection is to enable some form of VPN tunnelling which requires a login to browse.

[SupraSteve 10]

Originally posted by Hook

Mine looks unsecure to the outside world, but access is mac filtered. The logs show people trying to hijack it all the time!

 

Be careful tho, ok they (possibly*) can't join your network, but if it's unencrypted then they can still read your traffic - so in theory anything you access via your wireless link (bank accounts for example) could be accessed by someone sat in range of your WiFi network listening in.

 

My advice still stands - WPA-PSK is a must IMHO

 

* = MAC Addresses can be spoofed with a bit of knowledge/basic hackers tools.

[Hook 10]

Originally posted by SupraSteve

Be careful tho, ok they (possibly*) can't join your network, but if it's unencrypted then they can still read your traffic - so in theory anything you access via your wireless link (bank accounts for example) could be accessed by someone sat in range of your WiFi network listening in.

 

My advice still stands - WPA-PSK is a must IMHO

 

* = MAC Addresses can be spoofed with a bit of knowledge/basic hackers tools.

 

Can you answer my question as to why WPA-PSK won't work with "B" cards though? Otherwise I would use it.

 

As it is I encrypt everything I do through the VPN tunnel I use to uni. That encrypts everything befoe it leaves my laptop