Networking & Wireless forum

General discussion

The six dumbest ways to secure a wireless LAN

by Gakada / March 20, 2006 5:10 AM PST
http://blogs.zdnet.com/Ou/index.php?p=43

The six dumbest ways to secure a wireless LAN
Posted by George Ou @ 2:01 am
Digg This!

For the last three years, I've been meaning to put to rest once and for all the urban legends and myths on wireless LAN security. Every time I write an article or blog on wireless LAN security, someone has to come along and regurgitate one of these myths. If that weren't bad enough, many "so called" security experts propagated these myths through speaking engagements and publications and many continue to this day. Many wireless LAN equipment makers continue to recommend many of these schemes to this day. One would think that the fact that none of these schemes made it in to the official IEEE 802.11i security standard would give a clue to their effectiveness, but time and time again that theory is proven wrong. To help you avoid the these schemes, I've created the following list of the six dumbest ways to secure your wireless LAN.....
Discussion is locked
You are posting a reply to: The six dumbest ways to secure a wireless LAN
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: The six dumbest ways to secure a wireless LAN
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Can you share why this is so?
by R. Proffitt Forum moderator / March 20, 2006 5:50 AM PST

I'll let you in on a little secret. Rock solid security was derailed by ___________.

I know this since a 2 way paging system I had the priviledge to work on had it's security system removed because of import/export controls of this government.

It's not that the companies don't know how to lock it up, it's simply not allowed.

Cheers,

Bob

Collapse -
I agreed and understand you, but
by Gakada / March 20, 2006 1:48 PM PST

that article is interesting to read while many people asking about securing their wireless network using the current standard ..

Collapse -
And why is this so?
by R. Proffitt Forum moderator / March 20, 2006 1:52 PM PST

Also, what do you propose that the average networker do?

If I handed that sort of lockdown to everyone, the number of failures would not be funny.

-> In closing, you seem to subscribe to the notion that a lock that can be picked is not a lock.

Bob

Collapse -
I don't propose to anyone what they should do..
by Gakada / March 20, 2006 2:31 PM PST
In reply to: And why is this so?

beside, it is not me, that have a ''notion that a lock that can be picked is not a lock''... may be the writer is.. I don't know... Happy

I agreed, that article is talking about ''a lockdown'' system, and maybe its only applicable to a highly secure environment and not for home users...

Collapse -
Then is what most do OK?
by R. Proffitt Forum moderator / March 20, 2006 3:38 PM PST

It's easy to guess you will agree that no security is a bad thing on WIFI routers. Since the method in the supplied article is not implementable for home users, will the combination of WEP/WPA and MAC filters sufficient?

Or should we never go wireless?

Bob

Collapse -
well, its in the users decision to make.. I would
by Gakada / March 20, 2006 3:44 PM PST

only advice people to use what is available and applicable to them..

Collapse -
So will it be OK?
by R. Proffitt Forum moderator / March 20, 2006 3:47 PM PST

For others to continue to offer this advice?

Also, you never answered the question "Why..." security is less than rock solid in WIFI routers? Please share why.

Bob

Collapse -
Again, Ok or not Ok is depends on
by Gakada / March 20, 2006 4:17 PM PST
In reply to: So will it be OK?

the individual who gave the advice and also depends on the users who use it.

As for your question on "Why..." security is less than rock solid in WIFI routers?

I don't have the answer, but I think, there will be no such thing as solid security, because rock solid system, equal to a dead system.. and again its about the users needs in their environment.

So, there will be a rock solid system in one environment, but there are also an open system in other environment.

Then its also depends on the market itself... if the market required for rock solid system, then they will create such things... in the end, its only about business... just like any other things on earth.

For me the article doesn't applied to my environment, because I don't even use wep/wpa/wpa2 etc. in my wireless devices..

By the way, you should ask the writer for more detail concept of why he/she wrote the article...

Collapse -
You posted it so I ask you.
by R. Proffitt Forum moderator / March 20, 2006 4:26 PM PST

Some use that article to knock good advice. I know the article and it doesn't give much leeway to the skill or knowledge of most owners.

I shared one reason why the supplied security is less than rock solid. And since it's from my design days with a 2 way paging system that had it's security ripped out because of export controls was a good lesson why we have what we have.

Bob

Collapse -
Ok, Bob, I posted it, just as a reading material
by Gakada / March 20, 2006 4:46 PM PST

not because it is right or wrong, or about why or how it should.

but maybe anyone who needs a rock solid security system, won't have a false sense of security, by using the features available, and should find other additional way/device/utility for their needs... if available... or atleast be aware of the possibility of the risk and just accept what is available...

Collapse -
So what you are saying is..
by R. Proffitt Forum moderator / March 20, 2006 8:34 PM PST

You won't be using that to "correct" those that offer simple security of their Wifi setup?

Bob

Collapse -
I don't even
by Gakada / March 21, 2006 12:22 AM PST

have a knowledge to correct someone..

and as I said before, I don't even use any wifi security...

Collapse -
I think that is a sign.
by R. Proffitt Forum moderator / March 21, 2006 12:40 AM PST

In your last post you reveal you don't use any wifi security measures.

-> Let me share that I left a wifi unsecure for a day and in 24 hours someone was downloading via a P2P client on my connection. Call me a dummy for leaving it that way after setting it up but I was out of time after updating firmware and settings all over. I simply used the WEP and MAC filter and it's been over a year without issue.

I hope you understand the implications of others freeloading your connection to download via P2P. Your ISP could cut you off or you could get a nasty legal problem.

Just because you find an article calling the stock security "dumb" doesn't mean you shouldn't use it.

Bob

Collapse -
I don't use the wifi security, because
by Gakada / March 21, 2006 1:06 AM PST

In my home network... it only make more problem, with so many laptop coming in and out... so I don't want to keep giving the ssid and password everytime a new device is coming.

Beside, the signal not strong enough to penetrate the brick wall of the working area..

P2P is none existent in the users vocabulary.

And I don't use the security NOT because the article.. but I just never use it permanently (I tried those security features, just to know how to configure it).

Beside, like I said before, my home network is an open Hotspot... for anyone inside my building.

If someone out of the building can get the signal .. it will only get very low signal, that they can not even get connected.. (I tried)

Note: This is just like our old discussion, if you recall it..

Collapse -
Have you tried with a Cantenna?
by R. Proffitt Forum moderator / March 21, 2006 1:09 AM PST

I have one of those and it does work wonders at times.

Bob

Collapse -
Yes I tried it .. the home made and
by Gakada / March 21, 2006 1:19 AM PST

the store bought antenna... it didn't get through my building.. beside due the brick wall, it also because the distance from the public area, is about 3oo+ mtr.

Collapse -
I even tested it with
by Gakada / March 21, 2006 1:25 AM PST

booster/amplified antenna, and using netstumbler, airsnort and many other wardriving tools... (my friends, who know something about wardriving, have tested it)

FYI, I use 1 wrt54g, and a range expander + 24 port allied telesyn switch.

Collapse -
Boosting it more...
by R. Proffitt Forum moderator / March 21, 2006 1:42 AM PST
In reply to: I even tested it with
Collapse -
I tried those too..
by Gakada / March 21, 2006 2:47 AM PST
In reply to: Boosting it more...

by now you should realized that I don't even have a neighbour closed by (the nearest is about 5-7km away), and the public road is not a main road .. and the environment is densely populated with large tree.. (almost like a rain forest) so there is No line of sight too...

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?