Best way to secure a wireless router?

[|CoR| Xphile]

When the tornado hit close to my house Sunday Morning it seems that lightening hit my DSL modem. I got a new one from my phone company Wednesday and it has built-in wireless. I have it turned off right now because I have nothing that uses Wi-Fi. The cell phone I'm getting in a couple of weeks has Wi-Fi capability, though, so I'm looking into the best way to secure the wireless network while still using it with my cell phone. The cell phone (AT&T Tilt - link - link) is 802.11g capable and the DSL modem is an Actiontec GT704WG with these options for security: WEP, WEP+802.1x, WPA. From what I've been reading WPA is my best choice and will work with my phone, but I'm still a noob in this area having never had to do anything with Wi-Fi before.

Anyone have any tips or, especially, websites on how secure a wireless network.

And, yes, I'm a bit paranoid about it. That's why everything in my house is on a wired network right now. 

[Corvette]

Unless someone is just out to get you, they won't even bother trying to crack whatever security you decide to use.  There are enough unsecured wireless routers out there to keep them endlessly happy without having to spend time cracking yours.

[|CoR| Lets Duel]

Futhermore - anyone that knows what they are doing and has the right equipment can crack any current residential based wireless router out there. I know I can with a boot cd, and a certain wireless card installed in my laptop.

I only secure my wireless at home by mac address.

[|CoR| Lets Duel]

Futhermore - anyone that knows what they are doing and has the right equipment can crack any current residential based wireless router out there. I know I can with a boot cd, and a certain wireless card installed in my laptop.

I only secure my wireless at home by mac address.

[|CoR| Xphile]

I found that option while poking around last night. I plan on using WPA with a 63 character random PSK and MAC addresses. That looks like about as much as I can do, really.

I say again (since Larry did, lol), I found that option while poking around last night. I plan on using WPA with a 63 character random PSK and MAC addresses. That looks like about as much as I can do, really.

[Corvette]

It's kinda funny actually...right across the street from my house is a "model home" for one of the local developers.  They have an unsecured wifi.  Cool thing is, their wifi router is also their DSL modem.  And since I happen to know that by default your DSL account password is your phone number, and since their phone number just so happens to be conveniently posted on the sign on the front of the house, and since their DSL account username just so happens to be stored in their DSL modem...I could have lots of fun reading their emails, or even sending out a few of them for them.   

(Not that I would actually do any of that...it wouldn't even be challenging.)

[|CoR| gnomer]

going of of xphile's question...does any1 know of any good wireless router firewalls.... i think that would serve x's security issues better than just using wpa..
~gnomer

[|CoR| Xphile]

It is a wireless router firewall.

[|CoR| gnomer]

you can secure a wireless router more than just using the security settings in the router itself.... my mom's work does it to all the wirless routers.... not only do they use wep encryption but also more secure firewalls.

~gnomer

[Epic Fail]

best way to secure a wireless router - Duck tape it to the wall.



srsly, I use WAP on my airport extreme.

[|CoR| gnomer]

best way to secure a wireless router - Duck tape it to the wall.

that made me lol

nice joel
~gnomer

[|CoR| Deacon]

The firewall doesn't secure the wireless router...it secures the network the wireless AP provides connectivity to.

WPA provides pretty good wireless encryption between the AP and the PC with minimal authentication. MAC addresses are one step above, but remember, MAC addresses can be spoofed rather easily, and there's no way for you to hide it, anyone with a wireless sniffer has your MAC address (the physical address of your PC's NIC).

If you want a secure wireless network you're best off to use an open source 802.1x solution (http://open1x.sourceforge.net/) which will use WPA to encrypt your communication between the PC and the AP and will then require authentication to gain access to the network.

If you're still freaked about security you can go a bit crazy and add things like VPNs, etc to your home network (many of your SOHO firewall solutions actually support IPSEC VPN now).

Key thing to remember:

MAC addresses and IP addresses seem to offer a level of protection, but both can be spoofed and neither tell you who is actually at the other end of that communication session.

[|CoR| Swill]

Unplug it.

Unbreakable security.

You're welcome.

[|CoR| Xphile]

Unplug it.

Unbreakable security.

That's my solution until I actually need it. I much prefer a wired network, but.....

[|CoR| Deacon]

Unplug it.

Unbreakable security.

That's my solution until I actually need it. I much prefer a wired network, but.....

That was my solution for a long time too...now I'm totally hooked on wireless here at home. So my aversion to wireless went the same way as my aversion to laptops.

So trust me...just give in...you'll thank me for it.

[|CoR| Xphile]

Give in. If you only knew the power of the Dark Side!

[Epic Fail]

Dark side = mac's.

I have enough mac products in my house for now.

[|CoR| Cool_Hand_Luke]

Ultimate Router Protection...NINJA



But sometimes they take a break, it's hard being a Ninja and I think they are going to start a Union.