I'll let you in on a little secret. Rock solid security was derailed by ___________.
I know this since a 2 way paging system I had the priviledge to work on had it's security system removed because of import/export controls of this government.
It's not that the companies don't know how to lock it up, it's simply not allowed.
Cheers,
Bob
 | Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years. Thanks, CNET Support |
General discussion
The six dumbest ways to secure a wireless LAN
The six dumbest ways to secure a wireless LAN
Posted by George Ou @ 2:01 am
Digg This!
For the last three years, I've been meaning to put to rest once and for all the urban legends and myths on wireless LAN security. Every time I write an article or blog on wireless LAN security, someone has to come along and regurgitate one of these myths. If that weren't bad enough, many "so called" security experts propagated these myths through speaking engagements and publications and many continue to this day. Many wireless LAN equipment makers continue to recommend many of these schemes to this day. One would think that the fact that none of these schemes made it in to the official IEEE 802.11i security standard would give a clue to their effectiveness, but time and time again that theory is proven wrong. To help you avoid the these schemes, I've created the following list of the six dumbest ways to secure your wireless LAN.....
Discussion is locked
19 Posts
- Collapse
- Collapse -
- Collapse -
that article is interesting to read while many people asking about securing their wireless network using the current standard ..
- Collapse -
Also, what do you propose that the average networker do?
If I handed that sort of lockdown to everyone, the number of failures would not be funny.
-> In closing, you seem to subscribe to the notion that a lock that can be picked is not a lock.
Bob
- Collapse -
beside, it is not me, that have a ''notion that a lock that can be picked is not a lock''... may be the writer is.. I don't know... 
I agreed, that article is talking about ''a lockdown'' system, and maybe its only applicable to a highly secure environment and not for home users...
- Collapse -
It's easy to guess you will agree that no security is a bad thing on WIFI routers. Since the method in the supplied article is not implementable for home users, will the combination of WEP/WPA and MAC filters sufficient?
Or should we never go wireless?
Bob
- Collapse -
only advice people to use what is available and applicable to them..
- Collapse -
For others to continue to offer this advice?
Also, you never answered the question "Why..." security is less than rock solid in WIFI routers? Please share why.
Bob
- Collapse -
the individual who gave the advice and also depends on the users who use it.
As for your question on "Why..." security is less than rock solid in WIFI routers?
I don't have the answer, but I think, there will be no such thing as solid security, because rock solid system, equal to a dead system.. and again its about the users needs in their environment.
So, there will be a rock solid system in one environment, but there are also an open system in other environment.
Then its also depends on the market itself... if the market required for rock solid system, then they will create such things... in the end, its only about business... just like any other things on earth.
For me the article doesn't applied to my environment, because I don't even use wep/wpa/wpa2 etc. in my wireless devices..
By the way, you should ask the writer for more detail concept of why he/she wrote the article...
- Collapse -
Some use that article to knock good advice. I know the article and it doesn't give much leeway to the skill or knowledge of most owners.
I shared one reason why the supplied security is less than rock solid. And since it's from my design days with a 2 way paging system that had it's security ripped out because of export controls was a good lesson why we have what we have.
Bob
- Collapse -
not because it is right or wrong, or about why or how it should.
but maybe anyone who needs a rock solid security system, won't have a false sense of security, by using the features available, and should find other additional way/device/utility for their needs... if available... or atleast be aware of the possibility of the risk and just accept what is available...
- Collapse -
You won't be using that to "correct" those that offer simple security of their Wifi setup?
Bob
- Collapse -
have a knowledge to correct someone..
and as I said before, I don't even use any wifi security...
- Collapse -
In your last post you reveal you don't use any wifi security measures.
-> Let me share that I left a wifi unsecure for a day and in 24 hours someone was downloading via a P2P client on my connection. Call me a dummy for leaving it that way after setting it up but I was out of time after updating firmware and settings all over. I simply used the WEP and MAC filter and it's been over a year without issue.
I hope you understand the implications of others freeloading your connection to download via P2P. Your ISP could cut you off or you could get a nasty legal problem.
Just because you find an article calling the stock security "dumb" doesn't mean you shouldn't use it.
Bob
- Collapse -
In my home network... it only make more problem, with so many laptop coming in and out... so I don't want to keep giving the ssid and password everytime a new device is coming.
Beside, the signal not strong enough to penetrate the brick wall of the working area..
P2P is none existent in the users vocabulary.
And I don't use the security NOT because the article.. but I just never use it permanently (I tried those security features, just to know how to configure it).
Beside, like I said before, my home network is an open Hotspot... for anyone inside my building.
If someone out of the building can get the signal .. it will only get very low signal, that they can not even get connected.. (I tried)
Note: This is just like our old discussion, if you recall it..
- Collapse -
I have one of those and it does work wonders at times.
Bob
- Collapse -
the store bought antenna... it didn't get through my building.. beside due the brick wall, it also because the distance from the public area, is about 3oo+ mtr.
- Collapse -
booster/amplified antenna, and using netstumbler, airsnort and many other wardriving tools... (my friends, who know something about wardriving, have tested it)
FYI, I use 1 wrt54g, and a range expander + 24 port allied telesyn switch.
- Collapse -
But if you can't pick it up with a cantenna...
Bob
- Collapse -
by now you should realized that I don't even have a neighbour closed by (the nearest is about 5-7km away), and the public road is not a main road .. and the environment is densely populated with large tree.. (almost like a rain forest) so there is No line of sight too...
CNET Forums
Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Roadshow Autos
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic