I set up my wireless network a while back with a Linksys router. For a few minutes, the network was not secured, then I set up the WEP key and all that stuff. A while later after the WEP security was set up, I noticed a computer on my network that was not mine.

How is this possible? Did my network somehow get hacked?

Anyways, I changed the security to WPA-PSK (which I have no clue what the difference is compared to WEP) and I set up a MAC filter, so only the allowed MAC addresses have access to my network.

Is this enough security? Or is there a backdoor I'm missing here? I have to broadcast the SSID for my DSi and Droid to connect =/ I'm worried because I have an XP and Win7 sharing files through the network, although both firewalled, I don't want any interceptions going on here.

Dont broadcast SSID, use WPA-2

Probably. I like to turn off my wireless when I am not using it.....

Well, you can always manually connect to a wifi network by adding the SSID name, instead of ur device detecting it.

I believe the DSi has issues connecting when manually entering the SSID. I don't really use it anymore, so maybe I'll stop broadcasting it. Why WPA-2 rather than WPA-PSK?

I like it always on lol I'd be too lazy to be turning it off and on

much more time taken to crack down the key.

But even if the key was cracked down, if I have a MAC filter, wouldn't it reject the computer since it's not on the list?

MAC addresses are changeable

Sigh.


I soo need to study networks more, I feel soo clueless!!!


I don't like the idea of sharing my connection

The MAC filter should be enough security unless you let someone plug into the router directly.

Keep in mind, some routers have known exploits, so look for your model online to see if it's vulnerable from the 'net and take appropriate actions. (I.E. firmware updates, disable configuration from WAN, etc.)

As for the unidentified computer... There are programs that purport to be able to hack wireless security, so pick an encryption scheme of 128 or more if possible and disable SSID broadcasting.

It may also have connected before you set up security in which case, a hard reset should clear the known devices listing.

Nope, no one has touched my router. I never thought about firmware updates and such. I'll have to do more research on my model. I'm not sure what "configuration from WAN" means exactly, but I'll find out. I think you're right when you say the unknown computer might have stayed in the known devices memory list, but maybe it wasn't necessarily able to connect after the security had been setup.

Blah. It took me like 6 hours to set up this network the first time, I'll mess with this more later on

WAN = Wide Area Network (the internet)
LAN = Local Area Network (your network in your house)

I like your attitude, and you already know more than most people. (I'll find out is such a confident phrase)

Find your router's model number and do a Yahoo search for (your model#) +exploit.

LOL I know what the acronyms mean, but I wasn't sure what it meant to "configure from WAN" =P and thanks lol Network Administration is my major after all (although I'm leaning more towards security, I like the adrenaline rush haha), so I better learn this stuff so I can be ahead of the game when the time comes lol

I think it's interesting and fun, but omgsh it takes sooooooo much time to deal with computers (In my case, when I don't know what I'm doing lol but that's how I learn!)

I think the combination of MAC trapping (limiting connection to known MAC addrs) plus WPA-PSK is probably adequate for 99% of the people with a wireless router in their home. The first rule of network security is to be a less appealing target than anyone around you (the 2 guys and a lion story), and in an urban area, there are more than enough poorly secured networks to keep people busy, so even moderately secured ones get skipped. Yes, it is fairly easy to change a MAC address to connect to a router, but this is usually pretty obvious (since you end up with duplicated MACs on the same network segment). Generally, you should be more concerned with people attacking your computers from the Internet.

Network security as a profession is challenging. I know because I've been a network security professional for over 15 years. It has good points and bad points. I wish you well with it, I'm actually getting out of that business.

Cheers.

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

the difference between WEP and WPA is the amount of bits it takes to establish the encryption. WEP is 128 bit while WPA is 256 bit. The difference in mathematical complexity between the code is staggering. WPA2 is 512 bit. WEP and WPA both have been hacked but WPA is still not hackable by the Average Hacker! WPA2 has yet to be hacked even by professionals. WEP is just short of an open invitation into your network since there is software out there now that allows you to decode the signal and tap into it from an outside source (hacking in).

Change your encryption to WPA at least but make sure your router and computer support WPA. If you buy new components shoot for 802.11 N! 802.11 B and G are old school these days. 802.11 B only supports WEP encryption.

802.11 G supports WEP and WPA.

802.11 N supports WPA2 as well as WPA and WEP.

At least with WPA not just anyone is going to hack your signal!