urandom Posted April 17, 2012 Share Posted April 17, 2012 mac filtering and hidden essid are a waste of time. as stated earlier, use wpa2 and some strong ASCII password like you can find here for example: https://www.grc.com/passwords.htm Link to comment Share on other sites More sharing options...
surayu Posted April 17, 2012 Share Posted April 17, 2012 But I guess you've never checked what they actually record? That little box with flashing lights can log (rotating) at most can store few megabytes of largely worthless information, Well, better you start purchasing some better hardwares then I did check what my machines are doing, and i also decided to extend by a bit their capabilities too.... What you propose is leaving your house doors open at night because you've recognized the danger that you might get robbed with locks anyway, so screw any precautions I still fail to see what did they rob from me, i mean, i have been doing this for years now, problems so far = 0 (zero) Or if you live in ignorance, then live in greed too, dont run an open WIFI because it can make things slow for you.. Are we here maybe ignoring that you might be selling some security packages of some sort??? if you do, i am sorry but i am not interested, any decent router worth of his name will show you if any connections is using more bandwitch than it should and enable you to fix that with a couple of clicks, unfortunately you can't cure greeds (the me-me-me-only me syndrome) with the same ease.... Link to comment Share on other sites More sharing options...
Tywais Posted April 17, 2012 Share Posted April 17, 2012 Why secure it: Note 3. of the first list. Being in Thailand this could be a very significant issue if someone piggybacks your IP to do something that falls into the LM laws. Also, the Computer Crime Act has a variety of potential holes you could fall into by allowing it even unintentionally. It's a bit naive to think 'they' have to prove anything. ---------------------------------------------------------------------- 1. Ensure only authorised people can use the Internet services you have paid for An unsecured access point allows someone to connect to your wireless network and use your bandwidth. Depending on the type of account you hold with your ISP, this could mean you are able to download less content per month than you have paid for; your connection will be slower as it is shared with other unauthorised users; and/or your bandwidth might be ‘shaped’ due to exceeding your download quota; or if you have a plan which requires you to pay for bandwidth beyond a certain quota, you may find yourself with an unexpectedly large ISP bill. 2. Protect your data confidentiality and privacy With the right tools, it is relatively easy for someone within range4 of your unsecured wireless access point to see your Internet traffic and read what you do online. Failure to use encryption potentially allows people to read your email messages sent and received via email software on your computer and access your email account username and password. It may allow people to see what web sites you visit and the content of those pages (except where web sites use HTTPS). 3. Prevent unauthorised people from using your Internet access for criminal purposes Unauthorised users who connect to the Internet via your wireless connection, may undertake some illegal activity. If that activity is detected and investigated it will lead investigators to the owner of the IP address allocated to you by your ISP. This could mean you become liable for criminal actions that occur from computers that use your Internet connection, even when you did not authorise the activity or were not aware the connection had occurred. Source - .pdf file The downside of a wireless network is that, unless you take certain precautions, anyone with a wireless-ready computer can use your network. That means your neighbors, or even hackers lurking nearby, could “piggyback” on your network, or even access the information on your computer. And if an unauthorized person uses your network to commit a crime or send spam, the activity can be traced back to your account. Source - FTC Service violations: You may exceed the number of connections permitted by your internet service provider. Bandwidth shortages: Users piggybacking on your internet connection might use up your bandwidth and slow your connection. Abuse by malicious users: Users piggybacking on your internet connection might engage in illegal activity that will be traced to you. Monitoring of your activity: Malicious users may be able to monitor your internet activity and steal passwords and other sensitive information. Direct attack on your computer: Malicious users may be able to access files on your computer, install spyware and other malicious programs, or take control of your computer. Source - US Cert .pdf 1 Link to comment Share on other sites More sharing options...
surayu Posted April 17, 2012 Share Posted April 17, 2012 It's a bit naive to think 'they' have to prove anything. That's the common rule in Thailand, now the topic is the internet however it could be applied to everything, we take the risk, if it's not illegal and can improve other people lifes, for me it is worthed to fight for it, i don't want to live in a society where everybody think only about himself, what kind of world is that? Link to comment Share on other sites More sharing options...
Baloo22 Posted April 17, 2012 Share Posted April 17, 2012 mac filtering and hidden essid are a waste of time. as stated earlier, use wpa2 and some strong ASCII password like you can find here for example: https://www.grc.com/passwords.htm I will differ with you on this. MAC filters and disabling broadcasting of the SSID are not a waste of time. It is not a matter of having one "golden" lock but rather a number of security measures in place. You do not lock your car and your house to make them impenetrable. There is no such thing. You make it so that the thief passes by your car or house and goes for the easier, unlocked car/house. The more obstructions that you can put up against unauthorized connections, the less likely that they will happen. First, if you don’t need to use wireless, DON’T! Use a wired connection if possible. It is inherently more secure (it doesn’t send data over the air) and it is much faster than wireless. Only go wireless if you have multiple computers in multiple locations around the house or if you need to move around with your computer. For Example; At one time, my household had multiple people/multiple notebook computers. Then I used wireless. Then, for a six month period, there was only one computer, mine, and I used it right next to the router. I connected with LAN cable and disabled the router’s wireless activity. I even ran cable to my AppleTV so I would not need wireless for that. Hackers can’t hack what isn’t on. And wired connections are much faster. Here is what I do for the wireless when I use it in my household back home: (most modern wireless routers will allow you to do these things) 1--Disable the broadcasting of your SSID (the BM that advised to do it after you have setup and tested your connections is on the mark) 2--Use the MAC filter to limit the connections to ONLY those computers that you specify. The wireless “card”, or device, on your computer(s) have a unique number known as a MAC or “hardware’’ address. That is the address(s) that you enter into your router’s MAC filter. 3--Limit the number of IP addresses that your router can hand out to the number of computers that you will have connecting. 4--Use WPA2 security and a strong password. A password produced by the website you referenced would be good. (this password is entered in the router and also the computers to connect) Could someone still get in given enough time and resources? Sure. But it will be more likely that they will pass me by and go for the next house with the unsecured system. Link to comment Share on other sites More sharing options...
surayu Posted April 18, 2012 Share Posted April 18, 2012 And one more observation, as you know there are gazyllions of internet cafes where you can just start using the internet with nobody knowing anything about you at all, so how comes NOBODY is asking for your passport?? aren't they afraid to be prosecuted because of a potential crime you could do by using their internet connection? I can't recall of anyone being arrested because of this, can you??? Another case of a storm in a tea cup 1 Link to comment Share on other sites More sharing options...
astral Posted April 18, 2012 Share Posted April 18, 2012 ........... The MAC address can be spoofed. Yes but you have to know what value will be accepted , and that is not so easy. The standard value for most routers is 00:00:00:00:00:00, so it's wise to change that a More difficult value (Only numbers (0-9) and letters (A-F) accepted) I think you have missed the point. The router's MAC address is irrelevant!! If the router is set to block all except "äuthorised" MAC addresses then no-one can break in, unless they know one of those addresses Not an uncommon approach on secure commercial networks. Link to comment Share on other sites More sharing options...
MJCM Posted April 19, 2012 Share Posted April 19, 2012 (edited) I think you have missed the point. The router's MAC address is irrelevant!! If the router is set to block all except "äuthorised" MAC addresses then no-one can break in, unless they know one of those addresses Not an uncommon approach on secure commercial networks. Astral I made a Mistake in that post. Thaimite pointed that out already. Read here: http://www.thaivisa....25#entry5226849 It should read "the standard value in the mac address filter for most routers is 00:00:00:00:00:00". Edited April 19, 2012 by astral Link to comment Share on other sites More sharing options...
Crushdepth Posted April 19, 2012 Share Posted April 19, 2012 Thanks all for your replies.This is a bit of a learning project for me rather than being paranoid, just trying to keep up with the ever moving advance of technology. I am using WPA2 encryption so sounds as if I'm pretty well secured. Will have a look at the MAC address thing and have a play around with that, also the SSID filtering. I am trying the free Nirsoft program which does the job but does not have the automatic scans but useful for checking who is logged on or if I see someone with a laptop lurking outside the window. :-) Honestly just use the WPA encryption with a strong random key and forget about it. Currently considered bulletproof if the key is strong. But do not use a lame password as the key or you are wasting your time. Mac filtering is easy to circumvent, as the addresses are revealed whenever an authorised computer associates with the access point. Just need to listen for a while. Link to comment Share on other sites More sharing options...
4evermaat Posted April 21, 2012 Share Posted April 21, 2012 .......Dont run an unsecure WIFI network you greatly enhance any risk. If you are a restaurant or bar then at least WPA it and change the password daily, if sufficiently large approach a vendor that provide gateway equipment that will allow you to issue unique username/password for access (e.g. bangkok airways, big hotels etc..) ......... I've seen a few small businesses with this type of setup for logging into the wifi. Is it possible to get free or paid gateway software? It appears to be secure and you can also assign time to it as well, so you can limit the login to one-time use or expire after xx hours. It's a bit naive to think 'they' have to prove anything. That's the common rule in Thailand, now the topic is the internet however it could be applied to everything, we take the risk, if it's not illegal and can improve other people lifes, for me it is worthed to fight for it, i don't want to live in a society where everybody think only about himself, what kind of world is that? Reminds me of the days when you could leave your doors unlocked. There were times where I left my car door unlocked (if there was nothing it it). In thailand, I haven't seen that type of mentality. I've seen people give away produce (coconuts, mangos, papayas, etc), but they tend to lock sheds or doors that hold important items. I guess to each their own. It's still a good idea to ask the owner or landlord just to be on the safe side. Despite the fact that there are dedicated internet shops/wifi hotspots in just about every town large or small, if somebody really wants to use your specific internet connection, they need only do the same thing they would do if they needed to use the toilet or anything else on the property: ask . Taking some basic security measures are not unreasonable, especially if the internet is important for your livelihood.But yes, there are people with wifi sniffers and all they have to do is guess the correct password. Or they can reset your modem to factory settings or change admin settings undetected by logging into the admin panel; surprised no one mentioned that one. Anyway, that can easily be solved by changing the default router administation login/password. Make sure you do not forget it, although there is a manual "reset [to factory default]" button on the router itself. 1 Link to comment Share on other sites More sharing options...
surayu Posted April 21, 2012 Share Posted April 21, 2012 if somebody really wants to use your specific internet connection, they need only do the same thing they would do if they needed to use the toilet or anything else on the property: ask . Taking some basic security measures are not unreasonable, especially if the internet is important for your livelihood. How can giving out a password, for example, to any of your random customers, protect the owner of a restaurant/cafe, etc?? or you guys have in place some of the more secured place on this planet, as checking their ID and perhaps taking finger prints and an eye scan to each one of them, or there is something i am not understanding here When someone connect to your wi-fi, their machine it's in fact asking to your machine to lease them an ip address, if this can make someone feel better, if you would like anything else to it, as requesting the user to agree a Terms of Service Policy, to register in person or a few songs and a dance before you give them this new aquired power to browse the internet at their will, it's entirely up to you, maybe a button with the writing "Thank you" that they have to click before they get connected might make you happy I just modelled my own connection by thinking how i would like to have it if i was on the other side, always keeping in mind what could potentially go wrong. Personally when i am in a shopping center for example, and there are maybe 10-15 connections all asking for money, i am just disgusted by it, but that's just how i feel... Link to comment Share on other sites More sharing options...
nikster Posted April 21, 2012 Share Posted April 21, 2012 My take on this is: If you have an open network, the occasional freeloader will come by and leech off of you - wouldn't be a problem except for the Thai laws, so you have to protect your network. Use WPA2 with any* kind of password and you're fine. Nobody is going to sit in front of your house guessing passwords. Nobody is going to run a password cracker on your network. While these things are possible, they are highly unlikely. Getting hit by lightning should be more of a worry. Not to mention a bus. 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now