Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Securing a wireless laptop

Mar 4, 2007 4:07AM PST

Forgive me; am new Mac user, new wireless user. Set up a wireless router in my house for my new laptop; it is plugged into the wireline router that our older PC lives on.
In the Netgear router set up menu, there was an option for security settings, passwords, generating keys, etc. I am not sure I filled that in (I went through set up so many many times, I am not sure I had filled in that page when I had finally done everything correctly and the connection worked.) Is enabling the WEP security on that Netgear wireless router adequate for you to, say, order something online using a credit card, prevent hijacking? The idea of going back to the router, hooking up to the Mac and checking the setting fills me with revulsion, just in case I do something wrong and make the network stop working. If I do this, will that security precaution be adequate? What else should I do? Thanks very much.

Discussion is locked

- Collapse -
I'll write no. Link, comment.
Mar 4, 2007 4:14AM PST
- Collapse -
but I thought the point of WEP
Mar 4, 2007 4:48AM PST

is to encrypt the wireless transmissions between the client (in this a case the laptop) and the wireless router... If information is transmitted between them in cleartext, I agree that WEP is not sufficient...

But if one is logged in at a secure website, the packets between the website and the client (again, in this case the laptop) are encrypted - so the transport medium (wireless protocol) is nearly irrelevent...

Am I missing something? If the packets are locked up (due to website requirements), who cares if they are visible from a sniffer? Are you suggesting that whether wired or wireless a "secure website" is actually not? If that is the case, what is the point of SSL or VPN security?

- Collapse -
Which is part of the discussion.
Mar 4, 2007 5:11AM PST

If I were an evil person I could crack your WEP in some 10 minutes (ok, 15), then I could finish this by setting up what is known as an EVIL TWIN. Please don't ask me what the EVIL TWIN is but use google.com

Now the exploit is complete and hopefully the reason you don't want to use just WEP and browser encryption.

Bob

- Collapse -
securing a wireless laptop
Mar 4, 2007 7:25AM PST

Then, Bob, do you have any suggestions for something that would be good to implement? Thanks.

- Collapse -
Over in the noted discussion...
Mar 4, 2007 7:33AM PST

The consensus is to pick the highest security you can on the WIFI link. Then double down the security with MAC filtering. What this does is give the attacker more work. Just like a locked car with the alarm set the thief usually moves on to the easier target.

WPA2 is now preferred since I see no easy tools as in the demonstrations.

Finally you may read that one should never trust a hotspot but use such for browsing only. No transactions ever.

bob

- Collapse -
Securing a wireless laptop
Mar 4, 2007 8:13AM PST

Okay, last pestering of the evening, Bob and others.
If I have the WPA2 installed in my home network of one Mac, I should still only use wired access for $$ transactions? That is what seems to be the best idea to me....thank you.

- Collapse -
I agree. That's the best.
Mar 4, 2007 8:17AM PST

And as always, one last check. Make sure you are connected to YOUR access point. Some machines are set to connect to any good connection.

Bob

- Collapse -
Ah... understand and agree -
Mar 4, 2007 11:25AM PST

Now I remember the reason I use only wired 10/100/1000 at home.

Thanks for the reminder.