 |  |  |  |  |  |  |  |
add security to wireless network
 |
•
•
•
•
Originally Posted by server_crash
I was stupid and didn't add any security to my wirless network when I set it up. I guess I thought it would be quicker. Anyways, is there a way to just add it after you have everything set up? Or do I have to reinstall everything?
If you are on a home network/system with no services, no firewall is required or even recommended.
Firewalls have two uses:
1. Filtering ports, either by packet type or data content.
2. Segregating network traffic.
No need #1 If you are not running any services and your network topography doesn't call for #2, running a firewall is not only unneeded, but to do so would be a poor choice. By adding a firewall in this environment you actually decrease the security of your system by increasing its complexity (reduced assurances, and just another application that needs to be trusted and kept current) and surface area. For example a number of personal firewalls had/have issues of being broken my particularly agressive nmap scans.
It is important to only add counter measures in response to threats that justify them, in this instance, I don't see that being the case here.
•
•
•
•
Originally Posted by catch
If you are on a home network/system with no services, no firewall is required or even recommended.
A networked system running no services, eh? If you've invented such a system, I'd suggest you patent that puppy pronto! :mrgreen:
Seriously though- While XP service pack 2 is a bit better about this than previous versions of Windows, an installation of any version of Windows will leave you with at least a few unnecessary services enabled by default. Having active network services means that you'll have open network ports, and that's a Bad Thing security-wise. In addition, on top of the normal Windows services, many users also install programs like Instant Messaging, IRC (chat), etc., and those programs open up even more ports on their computers.
While a firewall (hardware or software) certainly can be used to monitor/block/filter ports, the proper way to secure your system is to disable the services that open those ports in the first place. After all, an active port is an active port even if you've got a firewall guarding it, and firewalls can definitely be compromised. If your firewall does get breached, your open ports present an unprotected attack vector through which malicious programs and people can compromise your system.
That said though, your average user doesn't even know what services and ports are, let alone know which services should be disabled and which services are needed. Given that, a firewall can provide at least some measure of protection for such users.
For example, say that a user's firewall program suddenly starts bombarding them with warnings to the effect of "Such-and-such application is trying to connect to the Internet. Do you want to allow or deny access?". Granted, the user may not know what the messages mean or what to do about them, but if they've got half a brain in their head, chances are that they'll call up one of their computer-savy friends and ask them what the heck is going on. Sure, the "such-and-such application" might turn out to be a legit program that needs to connect to the Net, but on the other hand, it might turn out that the firewall has just brought to the user's attention the fact that they're infected by a worm.
"May the Wombat of Happiness snuffle through your underbrush."
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
Just as I was getting into your post DMZ, I found that you still havent posted your second half of it (about wireless security). I know its been a long time now but enouf for you to post it right?
•
•
•
•
Originally Posted by Exploit
Just as I was getting into your post DMZ, I found that you still havent posted your second half of it (about wireless security). I know its been a long time now but enouf for you to post it right?
"May the Wombat of Happiness snuffle through your underbrush."
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
"Most of the configuration is done in the router's setup utility, so open your web browser and point it to http://192.168.1.1, which is the default IP for that model of router."
What if this does not work, i.e. does not connect to the IP address? I too set mine up without security and can't figure out how to go in and set it up now.
What if this does not work, i.e. does not connect to the IP address? I too set mine up without security and can't figure out how to go in and set it up now.
•
•
Join Date: Apr 2006
Posts: 5,051
Reputation: 
Solved Threads: 332
•
•
•
•
Originally Posted by tmlkcl 
"Most of the configuration is done in the router's setup utility, so open your web browser and point it to http://192.168.1.1, which is the default IP for that model of router."
What if this does not work, i.e. does not connect to the IP address? I too set mine up without security and can't figure out how to go in and set it up now.
Secondly, the IP address used to access the control panel differs from manufacturer to manufacturer. The easiest way to determine the IP address you need to type into your browser is to open up the command prompt and type in the following:
ipconfig /all
"Technological progress is like an axe in the hands of a pathological criminal."
All my posts may be freely redistributed under the terms of the MIT license.
All my posts may be freely redistributed under the terms of the MIT license.
Wireless security is essential for any wireless network whether its at home or in the work place, if you havnt secured your wireless network then you obviously dont mind your bandwidth being stolen.
but saying that
I have recently for one reson or another had to connect to the internet through my mobile phone and dont really know what security this has is it WEP,WPA or WPA2 also since i have been connecting through my phone i have been getting regular port scans and wondered if the two are related in some way
but saying that
I have recently for one reson or another had to connect to the internet through my mobile phone and dont really know what security this has is it WEP,WPA or WPA2 also since i have been connecting through my phone i have been getting regular port scans and wondered if the two are related in some way
|
Other Threads in the Network Security Forum
- Previous Thread: min requirements for setup for voip phone?
- Next Thread: Network monitoring
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Network Security Posts
- Today's Posts
- Unanswered Threads
2008 adobe advice antivirus apple banking blackhat botnet browser business china confidentiality crack crime cybercrime daniweb data database dataloss dataprotection development email emailretention encryption europe exploit facebook fail firefox flash forensic fraud gmail google government hack hacker hacking hardware homelandsecurity idtheft information internet iphone kaspersky koobface law linux malware mcafee mckinnon microsoft military mobile music nasa nationalsecurity network networks news obama password passwords pentagon phishing phone php politics privacy report research review sans satnav scam school search security skype socialnetworking software softwaredevelopment spam sqlinjection survey symantec terrorism terrorist theft trends trojan twitter uk usb virus vulnerability web worm yahoo zeroday
