I think MAC filter is less safe, for example if an intruder sniff your MAC
when you are talking the router on the air, then he can spoof it over his
wireless card, most wireless cards device driver allow user to configure his
own MAC address.
I'd like to think that instead of preventing people to access our wireless
unit, we should welcome guests to use our wireless but they have to pay. In
every wireless routers, there should be a payment server built-in connecting
to credit card charger services. Then ppl should be willing to let others
use their wireless, and the wireless network will grow super fast throughout
the globe.
-kem
On 12/11/06, Matthew Bristol <bristolm@xxxxxxxxxxxxx> wrote:
>
>
> I definitely agree that the set-up, at the very least, should be done
> over a wired connection. Security reasons aside, it's a bit frustrating
> to be locked out of a router as you continually mistype a newly created
> WPA2 key!
>
> BTW, don't bother with WEP encryption. It may keep people from randomly
> accessing your network, but it is trivial to crack. I run with MAC
> filtering to prevent unwanted access and WPA2 to help stop snooping on
> traffic. MAC filtering is another thing that's worlds easier to set up
> over a wired connection.
>
> -----Original Message-----
> From: olympus-owner@xxxxxxxxxx [mailto:olympus-owner@xxxxxxxxxx] On
> Behalf Of Allan Mee
> Sent: Saturday, December 09, 2006 9:27 PM
> To: olympus@xxxxxxxxxx
> Subject: [OM] Re: Wireless router (and PC security generally)
>
>
> So you are as directly linked to the router as possible when accessing
> it's
> setup - for things like alowing/disallowing MAC addresses etc.
> If you use 'wireless' for the connection during setup/modifications to
> the
> setup, how does the router know that it's your machine and not some
> [spoofed
> even] mac address from somebody else (who may be across the street, sat
> in a
> car with a wireless laptop, or wherever)?
> And I'd certainly NEVER set up a router from scratch using wireless -
> routers don't have proximity detectors.
> The first thing I did when setting up my router was make the ethernet
> connection and disabled the wireless. Then I checked the connected MAC
> addresses (to ensure that only my machine was connected to the router) -
>
> then I checked that the h/w firewall was on. Then I connected the other
> PCs
> to my switch and allowed their MAC addresses (and told it to block all
> others) and then I finally set it up fully for Internet Access. All the
> PCs
> were also running software firewalls before I even started setting up
> the
> router.
> Even now, when making changes to the setup - I only have my PC running
> and
> that is directly connected to the router and I check the MAC addresses
> to
> double-check before I make any changes.
> I take my pc security seriously! I'm fully stealthed behind h/w and s/w
> firewalls and no wireless but still occasionally get my ports scanned
> (not
> that it will do whoever is trying to scan my ports any good). I
> religiously
> check for spyware and viruses (I run updates and full scans daily) - and
> I
> never let anyone else use my computer - and I do check my logs often,
> delete
> all cookies when done on the Internet, turn of my router when I'm not
> using
> it, use strong passwords and NTFS, etc. etc.
> To the best of my knowledge I've only been possibly hacked once - a few
> years ago. I don't d/l pirate software from the net or visit software
> 'crack' sites or porno sites or any other dodgy sites.
> If I do d/l *ANY* files from the Net - no matter what format or source,
> they
> are automatically scanned for viruses and spyware. That includes
> anything
> that close friends and family send via IMs. I use 'web-based' mail
> accounts
> that automatically do virus checks etc. before I get to see the emails.
> I
> never d/l attachments. I don't do online banking. I don't open emails
> unless
> I know the source. I have a 'spam-mail' account which I give as my email
>
> address whenever I sign up to something - and that account gets more 90%
> of
> the spam I get leaving my other accounts virtually spam free. I don't
> use
> P2P software (at least not on my PC). I don't have file and printer
> sharing
> enabled on my PC.
> I have specific accounts set aside for friends and family to email me. I
> use
> this account for, and only for, all my group mail - and filters are set
> to
> put mail not from listed groups (or certain members from said groups)
> into
> junk mail. Those are just some of the security measures I take. Your
> security is of course up to you. Just airing my opinions.
> Allan
>
>
> PS No trees were harmed in the sending of this message and a very large
> number of electrons were asked their permission to be terribly
> inconvenienced. (And threw a party for them afterwards for being really
> cool
> about it).
>
> Disrupting the unnatural balance that you, as a conscious human being
> and a
> confused mass of energy, have created.
> -Disturb the mind -
>
>
>
>
>
> >From: "Tom Scales" <tom@xxxxxxxxxxxxxxxx>
> >Reply-To: olympus@xxxxxxxxxx
> >To: <olympus@xxxxxxxxxx>
> >Subject: [OM] Re: Wireless router
> >Date: Sat, 9 Dec 2006 21:33:46 -0500
> >
> >
> >Uh, what 'security reasons' would require a PC connected via wire?
> >----- Original Message -----
> >From: "Allan Mee" <bigalsgroups@xxxxxxxxxxx>
> >To: <olympus@xxxxxxxxxx>
> >Sent: Saturday, December 09, 2006 9:28 PM
> >Subject: [OM] Re: Wireless router
> >
> >
> > >
> > > All you need for a wired conncetion is one ethernet cable going to
> > > wherever
> > > your router is. You should have at least one PC directly wired to
> the
> > > router
> > > (for security reasons).
> > > I personally use an intelligent 16 port switch (which is more secure
>
> >than
> > > a
> > > mindless hub) to connect up to 15 pcs at once (if need be) and have
> > > disabled
> > > wireless - I have less faith in wireless security than I do in
> security
> >on
> > > a
> > > hard-wired LAN.
> > > Allan
> > >
> > >
> > >
> > > PS No trees were harmed in the sending of this message and a very
> large
> > > number of electrons were asked their permission to be terribly
> > > inconvenienced. (And threw a party for them afterwards for being
> really
> > > cool
> > > about it).
> > >
> > > Disrupting the unnatural balance that you, as a conscious human
> being
> >and
> > > a
> > > confused mass of energy, have created.
> > > -Disturb the mind -
> > >
> > >
> > >
> > >
> > >
> > >>From: Moose <olymoose@xxxxxxxxx>
> > >>Reply-To: olympus@xxxxxxxxxx
> > >>To: olympus@xxxxxxxxxx
> > >>Subject: [OM] Re: Wireless router
> > >>Date: Sat, 09 Dec 2006 17:45:56 -0800
> > >>
> > >>Phil wrote:
> > >> > Joel
> > >> > Only one mobile, but I want to be able to move my PC into another
>
> >room
> > >> > without the wiring that goes with it.
> > >> >
> > >>My wireless router needs to be hard wired to a PC for
> > >>set-up/configuration, but not for operation after that.
> > >>
> > >>I do the reverse of what you plan to do. The desktop is connected to
> so
> > >>many things that moving it would be a major project. On the other
> hand,
> > >>I have a second wire connected to the router so I can bring the
> notebook
> > >>in and connect it directly when I want to move a lot of data between
> the
> > >>boxes. The wired connection is way faster than wireless.
> > >>
> > >>Moose
> > >>
> > >>==============================================
> > >>List usage info: http://www.zuikoholic.com
> > >>List nannies: olympusadmin@xxxxxxxxxx
> > >>==============================================
> > >
> > > _________________________________________________________________
> > > It's Hotmail's 10th Birthday! Come and play Pass the Parcel
> > > http://www.msnpasstheparcel.com
> > >
> > >
> > > ==============================================
> > > List usage info: http://www.zuikoholic.com
> > > List nannies: olympusadmin@xxxxxxxxxx
> > > ==============================================
> > >
> > >
> > >
> > > --
> > > No virus found in this incoming message.
> > > Checked by AVG Free Edition.
> > > Version: 7.5.432 / Virus Database: 268.15.15/580 - Release Date:
> >12/8/2006
> > > 12:53 PM
> > >
> > >
> >
> >
> >==============================================
> >List usage info: http://www.zuikoholic.com
> >List nannies: olympusadmin@xxxxxxxxxx
> >==============================================
>
> _________________________________________________________________
> It's Hotmail's 10th Birthday! Come and play Pass the Parcel
> http://www.msnpasstheparcel.com
>
>
> ==============================================
> List usage info: http://www.zuikoholic.com
> List nannies: olympusadmin@xxxxxxxxxx
> ==============================================
> This message (and any associated files) is intended only for the use of
> the individual or entity to which it is addressed, and may contain
> information that is confidential, subject to copyright or constitutes a
> trade secret. If you are not the intended recipient, you are hereby notified
> that any dissemination, copying or distribution of this message or files
> associated with the message are strictly prohibited. If you have received
> this message in error, kindly notify us immediately by replying to the
> message and deleting it from your computer
> ==============================================
> List usage info: http://www.zuikoholic.com
> List nannies: olympusadmin@xxxxxxxxxx
> ==============================================
>
--
when you were born, a problem was solved
==============================================
List usage info: http://www.zuikoholic.com
List nannies: olympusadmin@xxxxxxxxxx
==============================================
|