Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Tue 28 Jul 2015, 18:04
All times are UTC - 4
 Forum index » Off-Topic Area » Security
How do you secure your (wireless) router?
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 2 [30 Posts]   Goto page: 1, 2 Next
Author Message
wboz

Joined: 20 Nov 2013
Posts: 222

PostPosted: Mon 22 Dec 2014, 21:41    Post subject:  How do you secure your (wireless) router?  

Not asking: what should one do, but more: What do YOU do ... or at least, recommend people do.

For years I have been, shall we say, lukewarm. OK, kinda lax. Yes, I secure the Wifi with a password, like all non-idiots. I went the extra step for security by unintentionally misspelling the word, leading most guests to the house to spend many minutes retyping correctly-spelled but wrong passwords.

But beyond that ... I run WPA, but probably only because it was the best available for the firmware at the time. Until today my router login was the admin (which admittedly is only good if you can get on the wifi, but still). I update the firmware but only every year or so. I broadcast SSID. And I use the default public ID "NETGEAR" which does nothing to make the router technically more vulnerable, but does demonstrate that 1) the user doesn't care very much about security.

If I stop doing any of the above (like, if I move to WPA+WPA2), am I going to knock my (many) older devices off the network until I repair them? Is there anything else I should be doing? Note I am not very fearful of a local wifi snooper - my low-power wifi-g hardly reaches to the next house - but more so remote attackers who care nothing about the individual target.

Of course the entire background behind me lax approach is that, quite frankly, I have very little of value around these (electronic) parts ... Smile
Back to top
View user's profile Send private message 
bark_bark_bark

Joined: 05 Jun 2012
Posts: 1303
Location: Wisconsin USA

PostPosted: Mon 22 Dec 2014, 21:49    Post subject:  

If a 3rd party open source router firmware exists that is compatible with your router, then absolutely use that.
_________________
The DeLorean is the best car, Period!
Back to top
View user's profile Send private message 
mikeb


Joined: 23 Nov 2006
Posts: 11068

PostPosted: Tue 23 Dec 2014, 05:12    Post subject:  

WPA2 and changed password.... firmware is locked to the isp so never been an upgrade.

been ok since 2008 that way and there are plenty of other computer users in range.

Only failure was the guinea pig ate the wire from the psu recently. He had a wild child moment...

Mike
Back to top
View user's profile Send private message 
neerajkolte


Joined: 10 Feb 2014
Posts: 517
Location: Pune, India.

PostPosted: Tue 23 Dec 2014, 07:27    Post subject:  

I don't have a wireless outer But I found these posts
http://www.howtogeek.com/173921/secure-your-wireless-router-8-things-you-can-do-right-now/
http://www.howtogeek.com/205299/how-to-ensure-your-home-router-has-the-latest-security-updates/
Also see "RELATED ARTICLES" inside them.

Seems helpful.

Thanks.

- Neeraj.

_________________
"One of my most productive days was throwing away 1000 lines of code."
- Ken Thompson

“We tend to overestimate the effect of a technology in the short run and underestimate the effect in the long run.”
- Amara’s Law.
Back to top
View user's profile Send private message 
Burn_IT


Joined: 12 Aug 2006
Posts: 1604
Location: Tamworth UK

PostPosted: Tue 23 Dec 2014, 09:32    Post subject:  

I only use the 5Ghz band and disable the 2.4Ghz one.
I refuse to buy any device that NEEDS constant network access and doesn't support this band.

I do turn it on occasionally for those devices that need it for updates.

_________________
"Just think of it as leaving early to avoid the rush" - T Pratchett
Back to top
View user's profile Send private message 
wboz

Joined: 20 Nov 2013
Posts: 222

PostPosted: Tue 23 Dec 2014, 10:44    Post subject:  

Thanks everyone.
1) I actually only partially agree with the advice to get 3rd party firmware. I think if your device has limited capabilities in the stock firmware, absolutely. But the Netgear firmware included is actually quite good, there are a lot of options you don't normally see like upload limiting, blocked sites and services, QoS, guest networking etc. I have looked at DD-WRT before and not found any additional capabilities I wanted - it's one of the things I appreciate about this not-very-flashy router.
2) I don't have a 5GHz band Razz ... and I would say the majority of my devices don't support 5GHz anyway. The only device that needs constant connectivity is the Nest smoke alarm.

Does the router constrain download speeds if the ISP speed is the primary constraint? If the g band is giving 54MB/sec and the ISP download tier is 20MB/sec ... would there be ANY benefit in upgrading the router? I have no NAS or in-network streaming need.
Back to top
View user's profile Send private message 
Burn_IT


Joined: 12 Aug 2006
Posts: 1604
Location: Tamworth UK

PostPosted: Tue 23 Dec 2014, 11:12    Post subject:  

The download speed is only a restriction from the internet.
Inter-device speed may be important, that is where the local frequency/channel range is important and the biggest factor there is contention. If you live somewhere where most of your neighbours use wireless devices, you may struggle to get decent reception in the 2.4Ghz band.
I just this second looked at InSSider and I have 25 nearby networks in the 2.4Ghz band and my guest one is by no means the strongest.
Mine is the only one in the 5Ghz band.

_________________
"Just think of it as leaving early to avoid the rush" - T Pratchett
Back to top
View user's profile Send private message 
bigpup


Joined: 11 Oct 2009
Posts: 6371
Location: Charleston S.C. USA

PostPosted: Tue 23 Dec 2014, 11:34    Post subject:  

The routers default password is easily found.
If you do not change it you leave it wide open to access by others.
http://www.routerpasswords.com/
This is the password used to access the internal working of the router.
It's internal software and setup settings.

This is not the same as the wireless network password, most people setup, used to connect to the router.
But if you did not setup that password. The default manufactures password would probably work for that one also.

_________________
I have found, in trying to help people, that the things they do not tell you, are usually the clue to solving the problem.
When I was a kid I wanted to be older.... This is not what I expected Shocked
Back to top
View user's profile Send private message 
fuelish

Joined: 15 Mar 2013
Posts: 79

PostPosted: Tue 23 Dec 2014, 15:20    Post subject:  

bigpup wrote:
The routers default password is easily found.
If you do not change it you leave it wide open to access by others.
http://www.routerpasswords.com/
This is the password used to access the internal working of the router.
It's internal software and setup settings.

This is not the same as the wireless network password, most people setup, used to connect to the router.
But if you did not setup that password. The default manufactures password would probably work for that one also.


Wouldn't you first have to have the wireless network password and be connected before you could access the router admin page?
Back to top
View user's profile Send private message 
Burn_IT


Joined: 12 Aug 2006
Posts: 1604
Location: Tamworth UK

PostPosted: Tue 23 Dec 2014, 16:02    Post subject:  

The Wireless access hacking is fairly easy with most routers as the default WEP password is dead easy to break even if it has been changed..
_________________
"Just think of it as leaving early to avoid the rush" - T Pratchett
Back to top
View user's profile Send private message 
fuelish

Joined: 15 Mar 2013
Posts: 79

PostPosted: Tue 23 Dec 2014, 16:10    Post subject:  

Burn_IT wrote:
The Wireless access hacking is fairly easy with most routers as the default WEP password is dead easy to break even if it has been changed..


I have heard that WEP can be hacked. Which is why WPA is recommended.

Then IIUC the answer to my question is that you must know the wireless password and be connected to the wireless network before you can access the router admin page.
Back to top
View user's profile Send private message 
Burn_IT


Joined: 12 Aug 2006
Posts: 1604
Location: Tamworth UK

PostPosted: Tue 23 Dec 2014, 17:52    Post subject:  

Well that DOES assume that you aren't Ethernet connected!!
_________________
"Just think of it as leaving early to avoid the rush" - T Pratchett
Back to top
View user's profile Send private message 
fuelish

Joined: 15 Mar 2013
Posts: 79

PostPosted: Tue 23 Dec 2014, 18:01    Post subject:  

Burn_IT wrote:
Well that DOES assume that you aren't Ethernet connected!!


Ethernet? You’re having me on. I don’t know why I talk to you.
Back to top
View user's profile Send private message 
Burn_IT


Joined: 12 Aug 2006
Posts: 1604
Location: Tamworth UK

PostPosted: Tue 23 Dec 2014, 19:27    Post subject:  

Of course I was being ironic.
But we have been having this deep? discussion about router security, but completely ignoring the fact that the physical box has to be in a secure location and without such obvious back doors as an ethernet connection into it.
I've been into a small company before now where they were locked out of their own router and didn't know how to get into it.
One paper clip and a look at the bottom of the box and that was solved.
Of course, the first thing I did was turn off wireless access altogether until I'd changed the passwords and all the default access settings.
It took them a while to get used to having long and complicated WAP2 keys and to change them when someone left.

_________________
"Just think of it as leaving early to avoid the rush" - T Pratchett
Back to top
View user's profile Send private message 
bigpup


Joined: 11 Oct 2009
Posts: 6371
Location: Charleston S.C. USA

PostPosted: Tue 23 Dec 2014, 21:58    Post subject:  

Quote:
Wouldn't you first have to have the wireless network password and be connected before you could access the router admin page?

Normally, in initial setup, you connect with a wired connection and set everything up.

After that you do it by way of your wireless connection.

However,
The router is already and always connected to the Internet by way of it's connection to the ISP provided modem. The Internet can already see it and access it.

The wireless part is for computers in the area around the router.
If you set one up to begin with the wireless network password allows only you to connect to the router.
The password prevents someone else, around you, picking up the wireless signal, and also connecting to the router. They do not know the password.

Remember the connection path.
Internet
ISP (Internet service provider)
ISP Modem
Router
Wireless signal
Your computer.

_________________
I have found, in trying to help people, that the things they do not tell you, are usually the clue to solving the problem.
When I was a kid I wanted to be older.... This is not what I expected Shocked
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 2 [30 Posts]   Goto page: 1, 2 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1195s ][ Queries: 11 (0.0103s) ][ GZIP on ]