Important Information Regarding your Wireless Network Security
I received this email today from Verizon stating that I need to change my wifi router settings for WPA2 instead of WEP.
What the wonderfully intelligent Verizon folks forgot to include as a very basic step is to CHECK first before you follow any instructions. The wonderful router that Verizon supplied doesn't indicate on the configuration page that WPA2 is ALREADY configured. At first I thought Verizon pushed out new code and wiped that configuration, but that didn't make sense. I was sure I had set up WPA2. Then I remembered, looking at my notes, to check "Wireless Status" under "Wireless Settings."
My recollection was confirmed. I almost had to re-do everything and then update all of my devices because I started to blindly follow Verizon's lead.
So, don't blindly follow Verizon instructions and remember that the user interface on Verizon routers is pretty awful, too.
Check around, don't assume that the interface will indicate that something is already configured. One screen may tell you something is configured (status) and the other is written to assume you intend to configure (even if already configured).
I hope this helps someone.
Its a generic message going to EVERYONE.
The G and I version even come configured with WPA2 , and many have followed previous recommendations to switch to WPA2.
Similar Messages
-
Okay: I've read a quite a few of the posts under this topic, and (shamefully) I need something more remedial, please.
I have a cable internet connection and a (Belkin) wireless router with one Macbook and one PC (XP). What, specifically, do I need to do to make this reasonably secure, and where do I do these things?
Everything is set up and working, but I don't really understand which computer (if any) is controlling my "network" so I don't understand what settings to make on which piece of hardware (Mac, PC, modem, router). Where, for example, do I make the WPA password settings, and how can/do I check that they are working on the other computer? Do I need to change the SSID name? What about encryption?
Thanks for your helpI've set up a couple of wireless networks for businesses and can suggest you do the following.
Read the manual on how to login into your router. Usually you have to open your browser and navigate to something like: http://192.168.1.1 - again, consult your manual with regards to this. Also it will tell you which password to use, although some Belkin routers require no password by default. Now, to security.
1. Fit thing that you should do is to change name for administrator account (use marco, admin, administrator - whatever you like) if there is such an option, but most importantly, CHANGE OR SET UP A PASSWORD FOR YOUR ADMINISTRATOR ACCOUNT! There is a reason I put this in bold, as this is the most stupid mistake people make and the first thing hackers do is to check if they can get in by using default password (i.e. no password - easy, isn't it?)
2. Name your network (SSID) - something like 'nowiresbox' will do, and turn off SSID broadcasting. Only you will know the SSID name (there is no reason why someone else should) you have given to your wireless network, and all you have to do is type it in when setting up connections. While SSID can still be discovered easily, it is still a good practice to disable its broadcast.
3. Set up MAC address filtering. Every network device (Ethernet card, AirPort, etc.) have a MAC address that looks like this: 00:0d:93:8c:2e:3b. This means only network devices with MAC addresses you specify will be able to connect to your wireless network. To find out your MAC address, open Network Utility (in Applications>Utilities), click on 'Info' tab. Select 'Network interface (en1)' to view info about your wireless card or 'Network interface (en0)' to view info about your Ethernet card. The 'Hardware address' entry will display MAC address for each of the interfaces selected. Write them down, and put them in your router options as MAC filtering entries. Again, while it is possible to spoof a MAC address, this is a good practice that would give another hurdle to those who try to get into your network.
4. Set up encryption. This means transmitted packets on your will be encrypted (scrambled) so that they can't be read by eavesdroppers. The main methods of encryption are: WEP (wired equivalent privacy), WPA (wifi protected access) and WPA2 (enterprise-grade WPA in other words). First thing to know is that you shouldn't use WEP and use WPA (or WPA2 instead), as WEP is very easy to crack with the right tools. Also, try to make up a long encryption key.
5. Turn on logging on your router so that you know what's happened in case things go sour.
6. Mind that every time you press that reset button, all your settings (including administrator password) default to the factory state. To avoid redoing all the work, after you have set up your router with the instructions above in mind, back up your settings so that when you have to reset your router, you can restore everything back in a snap.
7. Also, sometime it might be a good idea to limit the amount of IP addresses that your router's DHCP server gives out to only the number of computers you have connected to it. Say, if your router's IP address is 192.168.1.1 and you have 3 computers in your house, set up an option in DHCP lease to give out IPs starting from 192.168.1.2 to 192.168.1.4 - but make sure you know what you are doing.
Ask more questions if you have any and good luck.
Aleh Saiko -
How do you know if someone else is attempting access to your wireless network? (WRT54G)
I searched adn tried the Linksys FAQ to no avail to get an answer to the subject question.
Is there any way to verify who is actually using or trying to attempt use of your wireless network, if so, where do I locate and view this information?
I just set up a wireless system so my wife could get access from her wireless equipped laptop, but I really see no area to verify who is actually using the wireless network or if some other outside source/person is attempting to get access.
Any info on where, how and what to do to view this type of info would be greatly appreciated and if it can't be, shouldn't there be something added to the system that would allow one to view all users accessing their wireless system?
Thank you,
Clay FugitteTracking down who is using your wireless system is usually difficult or impossible. The router only knows the MAC address of the connecting computer. MAC addresses can be faked. Even if you knew the MAC address of the person connecting, what can you do with that info? Go around the neighborhood asking people "Is this your MAC address?"
Instead of worrying about who is connecting to your wireless, you should simply set up wireless security. This will keep intruders off your wireless network. Then you don't need to worry about who is connecting.
It sounds like you are running an unsecured wireless router. When you run an unsecured wireless router, anyone within range can login and use your Internet connection. At a minumum, this means that they will be using your bandwidth. At worst, they could be uploading copyrighted music, sending spam email, distributing viruses, or downloading child pornography --- all from an account with your name on it! So my advice is --- secure your wireless network.
To set up wireless security, do the following:
First of all, to setup wireless security, you must use a computer that is wired to the router.
Where to find the router settings: The router's login password is usually on one of the "Administration" pages. The other settings are all found in the "Wireless" section of the router's setup pages, located at 192.168.1.1
First, give your router a unique SSID. Don't use "linksys".
Make sure "SSID Broadcast" is set to "enabled".
Next, leave the router at its default settings (except for the unique SSID), and then use your pc to connect wirelessly to the router. Test your wireless Internet connection and make sure it is working correctly. You must have a properly working wireless connection before setting up wireless security.
To implement wireless security, you need to do one step at a time, then verify that you can still connect your wireless computer to the router.
Next, encrypt your wireless system using the highest level of encryption that all of your wireless devices will support. Common encryption methods are:
WEP - poor (see note below)
WPA (sometimes called PSK, or WPA with TKIP) - good
WPA2 (sometimes called PSK2, or WPA with AES) - best
WPA and WPA2 sometimes come in versions of "personal" and "enterprise". Most home users should use "personal". Also, if you have a choice between AES and TKIP, and your wireless equipment is capable of both, choose AES. With any encryption method, you will need to supply a key (sometimes called a "password" ).
The wireless devices (computers, printers, etc.) that you have will need to be set up with the SSID, encryption method, and key that matches what you entered in the router.
Retest your system and verify that your wireless Internet connection is still working correctly.
And don't forget to give your router a new login password.
Picking Passwords (keys): You should never use a dictionary word as a password. If you use a dictionary word as a password, even WPA2 can be cracked in a few minutes. When you pick your login password and encryption key (or password or passphrase) you should use a random combination of capital letters, small letters, and numbers, but no spaces. A login password, should be 12 characters or more. WPA and WPA2 passwords should be at least 24 characters. Note: Your key, password, or passphrase must not have any spaces in it.
Most home users should have their routers set so that "remote management" of the router is disabled. If you must have this option enabled, then your login password must be increased to a minumum of 24 random characters.
One additional issue is that Windows XP requires a patch to run WPA2. Go to Microsoft Knowledge base, article ID=893357 and it will direct you to the patch.
Sadly, the patch is not part of the automatic Windows XP updates, so lots of people are missing the patch.
Note:
WEP is no longer recommended. The FBI has demonstrated that WEP can be cracked in just a few minutes using software tools that are readily available over the Internet. Even a long random character password will not protect you with WEP. You should be using WPA or preferably WPA2 encryption. -
Need my wireless network security key
I got a laptop and a kindall. Wanted to connect them to my wireless network. A screen asks for the wireless network security key. I have no idea what that is. Went to home computer and tried to copy the key, but I ended up deleting it and now can't connect to my wi-fi on that either. I attempted to restore computer to earlier date in hopes I could get back the code that was set up and when that didn't work, I set the router to default mode by using a pen to hold in button in back 10 to 15 seconds. Nothing has work, and I have no internet connection. I had to use my computer at work to type this. What can I do?
You must hard reset the router by pressing and holding the reset button in back for 30 seconds and release. Wait 10 seconds and power cycle the router. Connect via your browser with a wired computer to 192.168.1.1 username blank, password 'admin'. Now configure the router back to your settings with your new SSID and password. Once done change all your computers to the same password. Write the password down and tape it to the router.
-
How do you know your wireless is secure?
I want to know how you know your internet is secure so no one in your neighbor hood can steal or hack my internet service. A few people in our house use a mix between ethernet cable and wireless. I don't use the wireless so i don't know how you set it up on the computer but when you use wireless for the first time to you have to enter a user name and password to access? I just want to make sure its secure. Thank you
Prevent someone from hacking your network.. simple, dont use wireless at all and turn the wireless on the router off. Thats the only option to prevent hacking. All other security settings like WEP, WPA, WPA2 will only slow a hacker down. They will not stop them.
Now if you want wireless, then your only option is to use encryption. Again this will only slow hackers down. But the chances you have a hacker next door is rather remote. Now by default the Verizon router uses WEP security. This is just the basics. Keeps honest people honest. Now if you want to increase your security, you can change the router security to WPA2. Dont worry about WPA as this is basically the same as WEP in terms of security effectiveness. WPA2 is more secure than the other two. This will keep you safe from the novices. Then as long as you dont have an advanced computer user nearby you should be fairly safe.
====================================================================================
Error exists between keyboard and chair. -
Using public wireless network, security settings?
Hi there,
I'm a new Mac user. If I'm using my MacBook Pro on a public wireless network, do I need to change any security settings to prevent other users from accessing my documents/hard drive etc?
Thanks in advance.
M.Yes turn of guest access to your computer in the accounts preference pane.
Turn off any sharing protocols you may have enabled in your sharing preference pane.
In the security preference pane click on the firewall tab and set access for specific services.
Also when using public wifi it is a good idea not to use email or connect to any online banks etc. -
Is my Wireless network secure?
How do I go about checking that my wireless network is secure? I use the new Airport Extreme Basestation, and the network works well. It was set up with the help of an AppleCare agent. I'd like to know that my neighbours can't access my network too. The reason I'm querying this, is because each time I access my network, I get straight in, without the system prompting me for the password.
For peace of mind - I'd like to have to enter my password each time I go to access the network. Am I correct in thinking this will improve the security of my network?How do I go about checking that my wireless network
is secure?
Ensure you are using WPA.
I use the new Airport Extreme
Basestation, and the network works well. It was set
up with the help of an AppleCare agent. I'd like to
know that my neighbours can't access my network too.
The reason I'm querying this, is because each time I
access my network, I get straight in, without the
system prompting me for the password.
This is because the password is kept within your Mac Keychain Access.
Your Mac remembers the password and passes it on when asked, saving you having to do it.
For peace of mind - I'd like to have to enter my
password each time I go to access the network.
Reconfigure your Airport network with a new network name and password and ensure you uncheck the box to remember the Airport network password.
Am I
correct in thinking this will improve the security of
my network?
You are not correct it does not improve the security of your network. -
Wireless Network Security Settings
I have purchased a WRT54G router. I had no problems getting one computer and one laptop on the internet with the security settings turned on. The problem is that I am trying to connect an older laptop to the system. The older laptop does not have a ethernet connection port so I am not able to run the normal setup. It does have wireless adapter card. With the card I can get on the internet when the router security settings are turned off but I want to turn my security setting on. How do I keep my security turned on and still be able to get on the internet with the old computer? I was told that it would be possible and that I could set up a password to where the older laptop could sign on to get on the internet. How would I go about doing this?
First, make sure you have the latest driver for your wireless card.
Next, in the computer's wireless software, go to "Preferred Networks" (sometimes called "Profiles" ) and enter your network's SSID, encryption method, and key. Next make this network your default network and set it to connect automatically. (Note: to do this, you may have to right click on your network and select "Properties" or "settings". ) Reboot computer. It should work. -
Who's using your wireless network
Is there a program or anyway to show who's using a wireless network? Like a feature that shows a list of computers that are on the wireless network?
thxHi!
Usually, your router comes with a log file somewhere which you can use to look up the connections made. My DLink614+ uses this list to show the MAC addresses currently connected. My syslog makes references to attempts made. However all you can see is MAC addresses...
HTH -
New tip trick for capturing scanned images to the PB from your wireless network printer
I've read a couple of threads here and on crackberry about not being able to print directly to a printer on the local network (although there is a way to print via the cloud from gmail apparently). Anyway it occurred to me that I can browse to my printer's IP address and in addition to allowing me to configure it, it also lets me scan documents to jpg, pdf, and tiff formats and then renders the scanned image through the browser. I tried this from the Playbook browser and it worked perfectly. i was able to view and save the scanned document directly to my Playbook file system. Even more conveniently I could just take a screenshot of the browser window. Now if only the printer would let me print the scan or better yet browse to and upload a local file for print my printing problems would be solved. I am using an older HP 2500 psc. Does anyone know of a newer model wireless/network printer that allows printing via the browser interface?
Just to clarify. When your playbook and the wireless printer are on the same network, you can browse to the IP address of the wireless printer from your playbook just as you could from your PC or laptop. The browser will display the printer's web features which in my case includes the ability to scan the document that is laying on the scanner bed of the printer. When I click the scan button, the image of the scanned document renders on my playbook and I am able to save the rendered TIFF, JPG, PDF to the playbook locally or I can even just take a screenshot (press the playbook's volume up and down buttons simultaneously) and then the image of the document from the browser window automatically saves to the camera folder under pictures.
What I would like is to find a wireless printer that from the web page that is displayed when I browse to the printers local IP address be able to browse to a file on my playbook and upload it to the printer (kind of like uploading or attaching a document to a gmail email message or uploading a local picture to Facebook etc...) and then instruct the printer to print the document. Obviously this would only work when I was on the same local wireless network as the printer but it would essentially solve the "how to print directly to a wireless printer from the playbook?" question. -
Wireless network security solution
Hello All!
I'm looking to protect wireless network from possible network and malware attacks, bandwidth usage monitoring and content filtering.
Will Cisco IPS 4300-4500 series do the job? How about software solution (Cisco IOS Intrusion Prevention System)?
I would appreciate you thoughts and suggestions.Is this a router that is supplied by your ISP? Is it a DSL or FIOS service?
If so, let's reinstall the printer in this manner:
- Unplug the Internet line that runs between the router and the wall
- Turn the power off on the router, wait 30 seconds, then turn the power back on.
- Go through the normal process of connecting the printer to the router.
- Now find the IP address of the printer (it should be on the self-test printout), type it into a browser.
- On that screen you will find a Networking Tab, then on the left Wireless, then the IPv4 Tab.
- On this screen you want to set a Manual IP. You need to set an IP address outside the range that the router automatically sets (called the DHCP range). If you know what that is, set an IP outside that range but no higher than 254 (the last number in the address). If you do not know, use the current IP address.
- Use 255.255.255.0 for the subnet (unless you know it is different, if so, use that)
- Enter your router IP (its on the self-test printout) in the Gateway and first DNS field, leave the second blank.
- Click 'Apply'
- Finally, plug in the Internet line, reboot the router and test.
Say thanks by clicking "Kudos" "thumbs up" in the post that helped you.
I am employed by HP -
WRT54G wireless network security
I have a WRT54G V.6 that i've been using for several years. Its attached directly to my desktop and wirelessly to 2 laptops in my house. I have as much security as i can have on it...WPA2 with a long password, Mac filtering, password for the router administration etc. Lately i've been getting billed from my interenet for too much downloads and i'm sure it wasn't me thats been downloading. I'm worried someone's been on my network. I enabled logging on the router but i don't understand how to tell if someone's been on my network aside from me and my family. Can someone please tell me how to find out if someone's been on my network, either by looking at the log or some other way? Also, any other suggestions for protecting my network?
thanks
DanielYou could check the "DHCP Client Table" and see if there are any MAC addresses listed that don't belong to you. However, keep in mind that MAC addresses can be faked.
You said that you have a "long password", but just as important, does it contain a variety of characters, such as capital letters, small letters, and digits? If you are simply using a long dictionary word, WPA2 can be cracked in a few minutes. Usually I recommend at least 24 random characters for the encryption password, and at least 12 random characters in the router login password, but even half this number will keep out all but the most dedicated intruders.
It is very unlikely that anyone could crack a WPA2 protected system, if you are using a strong password. But, for your own peace of mind, change your encryption and router login passwords.
More likely, you have a lot more downloading than you realize. Most people have their computer set for automatice updates. Microsoft recently put out a 250 megabyte update. Antivirus programs update themselves frequently. If anyone in your household is using peer-to-peer (P2P) software, this can result in massive downloads. If your computer is infected with a virus, the virus could be generating downloads.
Overall, it sounds like your security is pretty good. For added security, if you do not use UPnP, then, in the router, set it to "disabled". UPnP is used by some programs, such as Internet games, video conferencing software, etc. When UPnP is enabled, it allows any program on your computer to open a port and listen for incoming data. Virus programs will often use this feature to listen for instructions from home, and download data to your computer. I assume that you routinely run an antivirus program on your computer, if not, then I would suggest this. Make sure that your antivirus program also checks for "root kits", which is a common method that viruses use to hide on your computer.
Hope this helps. -
Shared device / wireless network security
Past couple days... my daughters SLEEPING MBP has appeared on my MBP as a shared device. How is this possible if it's sleeping?
Perhaps there's a good explanation for this, but I'm concerned about it.
She connects via wireless to our home D-link wireless router.
Wasn't sure where to ask question on boards... help appreciated.
Thanks.
David StammHere are the relevant System Preferences Mr. Stamm:
To enable "wake" from a remote system (Note this feature may not work with non-Apple routers, so it's good to know it works with your D-Link):
To enable screen sharing, file sharing etc ("Remote Management" encompasses Screen Sharing):
Connecting to your system from another one, for purposes of screen sharing or copying files (screenshot is from Lion):
If you do not want your password field to automatically populate, just deselect "Remember this password..."
In summary:
You always need a name and password
Your name and password are secured in OS X's Keychain (with your consent)
You can enable or disable any or all of these features
None of your shared devices or computers may by reached from outside your LAN (without using other utilities)
I hope this helps assuage your concerns. -
Wireless network security detected wrong
My work has it's access point configured for both WEP and WPA. Unfortunately WPA doesn't work at the access point side. Tiger detects the access point with the correct name, but always tries to use WPA even though I tell it each time to use WEP.
Is there any way to have it remember this?My work has it's access point configured for both WEP
and WPA. Unfortunately WPA doesn't work at the
access point side. Tiger detects the access point
with the correct name, but always tries to use WPA
even though I tell it each time to use WEP.
Is there any way to have it remember this?
I have never come across a wireless access point to be using WEP and WPA. It is normal for a WAP to require wpa or wep not at the same time.
When connecting to the access point with the WEP key do you add it to the keychain.
Also is your company aware that WEP is not secure at all and can easily be cracked by even amatuer crackers. Therefore if the access point is using a wep key as well as a wpa key it may as well be wide open. -
Certificate and Key Expiration information regarding your Access Control Service (ACS) 2.0 Namespace
I've received an email from Windows Azure Team ([email protected]) with the above title. It suggests
I
We are writing to inform you that certificates or keys related to one or more of your Namespaces are about to expire between July 8, 2012-November 8, 2012.
Please find below the list of your Namespaces that need Certificate or Key rollover:
fiftyeggs-cache
These namespaces can be viewed by signing in to your Windows
Azure portal subscription. After you have signed in you are redirected to the Management Portal page. On the lower left-hand side of this page, click Service Bus, Access Control & Caching. To see
the registered namespaces under your subscription, under Services click Access Control/Service Bus/Caching.
However, this is a cache-namespace which appears to be a Managed Namespace
http://msdn.microsoft.com/en-us/library/gg185943.aspx and I don't believe there is any way of managing keys. Can anyone help or point me to the relevant article. I don't want the cache keys to expire (the site will die) but there doesn't appear to
be any actions for me to take.Did you add a X509/Symmetric Key/Password based "Service Identities" (Re Carson Wa above). If not, my year
is up on the 27th so I'll schedule for random failures! That will not keep my clients happy.
Can you keep us informed of the progress of your ticket here please :-)
I got an email from MS yesterday...
We inadvertently sent an email message to you between June 12 and June 18, 2012, that
described updating expiring certificates and keys in the Access Control Service (ACS) namespaces used by your Service Bus or Cache namespaces. The message referred to the following namespaces:
fiftyeggs-cache
The message was sent in error, and we sincerely apologize. No action is required.
Did you get that?
Andrew
Maybe you are looking for
-
Using an external drive with shared files (iPhoto, iTunes), attached to a Time Capsule, can the contents of the external drive be backed-up to the internal Time Capsule drive? Perhaps a RAID1 mirror to a partitioned Time Capsule? I understand that th
-
Wanto output video from FCP to tv-monitor..
I've been searching for an answere in this forum aswell as PD150 forums.. Please help, I think of myself as a logical person but just can't figure this one out. I try to output the video signal from FCP to a tv-monitor usin a Sony PD150 in the middle
-
How to rollback RBS and what happens to existing data
Let's say I am using Remote Blog Storage (RBS) in one of my content database and I decide not to use anymore. 1. How can I roll back RBS? 2. What will happen to my data and how can I migrate it from RBS to how SharePoint/SQL Server stores it normally
-
Prevent internal hard drive from being unmounted?
I have an XServe with two internal hard drives. The second hard drive is just for data storage. I have a work colleague who needs to get on this server periodically, using Apple Remote Desktop, to connect via afp to a second server in order to copy d
-
How dangerous is to use Arch as the base of webhosting servers?
Hi all, I am wondering this because I want to build my webhosting infrastructure using archlinux, but I wanted to know, what pitfalls should I expect from doing this? Will the rolling release model eventually become to dangerous for this kind of busi