add security to wireless network - Page 2

I was stupid and didn't add any security to my wirless network when I set it up. I guess I thought it would be quicker. Anyways, is there a way to just add it after you have everything set up? Or do I have to reinstall everything?

Firewalls..............................

If you are on a home network/system with no services, no firewall is required or even recommended.

Firewalls have two uses:

1. Filtering ports, either by packet type or data content.
2. Segregating network traffic.

No need #1 If you are not running any services and your network topography doesn't call for #2, running a firewall is not only unneeded, but to do so would be a poor choice. By adding a firewall in this environment you actually decrease the security of your system by increasing its complexity (reduced assurances, and just another application that needs to be trusted and kept current) and surface area. For example a number of personal firewalls had/have issues of being broken my particularly agressive nmap scans.

It is important to only add counter measures in response to threats that justify them, in this instance, I don't see that being the case here.

If you are on a home network/system with no services, no firewall is required or even recommended.

Um.......

A networked system running no services, eh? If you've invented such a system, I'd suggest you patent that puppy pronto! :mrgreen:

Seriously though- While XP service pack 2 is a bit better about this than previous versions of Windows, an installation of any version of Windows will leave you with at least a few unnecessary services enabled by default. Having active network services means that you'll have open network ports, and that's a Bad Thing security-wise. In addition, on top of the normal Windows services, many users also install programs like Instant Messaging, IRC (chat), etc., and those programs open up even more ports on their computers.

While a firewall (hardware or software) certainly can be used to monitor/block/filter ports, the proper way to secure your system is to disable the services that open those ports in the first place. After all, an active port is an active port even if you've got a firewall guarding it, and firewalls can definitely be compromised. If your firewall does get breached, your open ports present an unprotected attack vector through which malicious programs and people can compromise your system.

That said though, your average user doesn't even know what services and ports are, let alone know which services should be disabled and which services are needed. Given that, a firewall can provide at least some measure of protection for such users.

For example, say that a user's firewall program suddenly starts bombarding them with warnings to the effect of "Such-and-such application is trying to connect to the Internet. Do you want to allow or deny access?". Granted, the user may not know what the messages mean or what to do about them, but if they've got half a brain in their head, chances are that they'll call up one of their computer-savy friends and ask them what the heck is going on. Sure, the "such-and-such application" might turn out to be a legit program that needs to connect to the Net, but on the other hand, it might turn out that the firewall has just brought to the user's attention the fact that they're infected by a worm.

Just as I was getting into your post DMZ, I found that you still havent posted your second half of it (about wireless security). I know its been a long time now but enouf for you to post it right?

Just as I was getting into your post DMZ, I found that you still havent posted your second half of it (about wireless security). I know its been a long time now but enouf for you to post it right?

Sorry- too many "real-life" issues that I've needed to deal with have happened since my last post; due to those, I just haven't had the time to do the write-up I promised. I definitely do want to post the rest of the info, but quite honestly that falls fairly low on my list of onlne and offline priorities right now.

"Most of the configuration is done in the router's setup utility, so open your web browser and point it to http://192.168.1.1, which is the default IP for that model of router."

What if this does not work, i.e. does not connect to the IP address? I too set mine up without security and can't figure out how to go in and set it up now.

"Most of the configuration is done in the router's setup utility, so open your web browser and point it to http://192.168.1.1, which is the default IP for that model of router."

What if this does not work, i.e. does not connect to the IP address? I too set mine up without security and can't figure out how to go in and set it up now.

Many routers don't have wireless enabled by default. When configuring your router, you should at least be tethered to an ethernet cable before trying to access your router's control panel.

Secondly, the IP address used to access the control panel differs from manufacturer to manufacturer. The easiest way to determine the IP address you need to type into your browser is to open up the command prompt and type in the following:

ipconfig /all

Look for your network adapter. It should have an address beside "Default Gateway". This is the IP address you need to type into your browser.

Wireless security is essential for any wireless network whether its at home or in the work place, if you havnt secured your wireless network then you obviously dont mind your bandwidth being stolen.

but saying that
I have recently for one reson or another had to connect to the internet through my mobile phone and dont really know what security this has is it WEP,WPA or WPA2 also since i have been connecting through my phone i have been getting regular port scans and wondered if the two are related in some way

You can certainly enable security measures after the fact.

I know it is irrelevant to the thread but you have private messages disabled... I just wanted to let you know your avatar rocks.