India Broadband

just4kix

Last week, I wrote this article on improtance of Wireless Security. We all would agree that security should be of paramount importance but when it comes to implementation we are sometimes too lazy to do it. I have posted in this guide (Setup of ADSL Modem/Router UT-300R2U with Linksys Wireless Router WRT54G) steps on how to implement WPA or WPA2 security. It is not difficult at all and should not take more than 5 minutes.

However all security will be of no use if:

a) Your wireless router's password is known
b) People can freely access your wireless router

In this blog, I intend to discuss on how to plug this basic security hole as much as possible. Note that nothing is secure - a determined hacker can and will hack into networks. But considering that most of us live in residential neighbourhoods and expect that people living around you are not experts are hacking some of the methods discussed here should suffice.

Although this blog is being posted in the BSNL forum (because most people view this forum the most), the contents apply to any wireless network.

The following two steps are not an alternate to wireless security. Indeed you must implement wireless security over and above the following.

Steps to make your router password strong:

There are enough articles on the internet on how to build a strong password. Those of you who work in corporates are even aware that corporates now insist on very strong password policies. To reiterate these policies, you can make your password strong and secure if you do the following:

a) Make your password at least 10 characters long
b) Use a healthy mix of uppercase and lowercase letters, numbers, special characters, etc.
c) Avoid using dates of any kind such birthdays, anniverseries, etc.
d) Avoid using full or part of your or your family members' name or surname in your password
e) Do not use names of places of importance to you
f) Do not use repetitive characters
g) Finally change your password every 45 days or so

Make your wireless router inaccessible as far as possible

The best way is to disable Wireless SSID broadcast. But this will be of as much inconvenience to you as to everyone else. Herein, I will suggest some other methods to make your router inaccessible.

a) The first step is the name of your Wireless network (SSID). This is the name that appears in your wireless network on your PCs when you switch on wireless. Most of the times, we do not change the default name - the default names are often like 'default', 'linksys', 'netgear', etc. Change your network name to something weird. This will make the potential hacker think that your network is hard to crack.

b) Change your wireless router's IP address to something unguessable. And this is the main trick. A potential hacker knows that IP address of wireless router is likely to be 192.168.1.1 or 192.168.2.1 or 192.168.0.1, etc. A few tries and the hacker gets the router's login page. The username is almost always 'admin' and if the password is not strong - wham! the hacker is in and can see all your setup, WPA keys, etc.

Once the WPA key is known the hacker does not need to login again on your wireless router because it is unlikely that we will change WPA key again and again. The hacker has the WPA key and that is all is needed.

So the key is change your router's IP address to something unguessable such as 129.241.167.91 - well anything really - all those four digits could be any number from 0 to 255.

The above steps side by side with wireless security should be quite sufficient for most.

p/s Please rate this article and post your views, suggestions, diagreements, etc. I would like to hear more and more on this.

__________________
*** My computer can beat me at chess but is no match when it comes to kick-boxing ***

My Albums | My Movie Collection | Moser Baer Movies

niraj8241

bro i know many tips and tricks as to how break all the security issues.

there are many softwares available as to how we can guess any ones router config.


except a cisco router........

just4kix

I agree that no security is perfect. I said so in my fourth para.

niraj8241

actually wireless is still not a good solution to opt on

Admin

What do you suggest for me if I want to go and use my laptop in my living room? Pull a 50 meters Ethernet cable and run it across three floors?

__________________
Reliance data card | Reliance broadband | Airtel broadband | Wimax

niraj8241

but what will be the condition if some one has hacked ur network and is surfing at a random rate and will resiult u in a huge bill.... and same bandwidth prob is there with wireless one.

and with the fact of using a ethernet cable

1. no chance of hacking and so no huge bills

2. up to date bandwidth

just4kix

I do not understand you when you say - bandwidth problem with Wireless. Can you explain how? Wireless networks operate at 54 mbps. Even the best ISPs the world over do not offer that much speed.

And your whole argument is much flawed. It is as if stating that one should not buy a good mobile handset just because it is liable to stolen.

niraj8241

bandwidth prob is not there when u are there in a viable condition, when condition goes rough the bandwidth goes down, sometimes even half........

(-N-)

i would like to meet ppl who break into wpa/wpa2 encryptions!
i seen ppl break into wep encrypted connections in less than 10 mins but... wpa is no no for many ppl as it uses 64 hexadecimal characters and it will take hours,days,may be even years to break!
its not worth many of the hackers precious time and resources to hack a simple 2mbps internet connection!

-also for windows networking processes the ip address has to start from 192.168.xx.xx,it doesnt take a mastermind to find the ipaddress of a network!especially since most ppl use the dhcp server on their routers!

-turning off wireless broadcast is just the most basic simple defence! most hackers can get ur hidden ssid with a sniffer in seconds!but changing the name from the default name is a good idea!

just4kix

Thanks for the valuable inputs (-N-).

I have changed the IP address of my wireless router to something totally different as suggested in the post. It works!!