Quote:
dogscoff said:
If it's wireless, change the SSID and WEP passwords (or enable WEP if it wasn't already), and set it to non-broadcast mode. Enable MAC address filtering if available.
|
Enabling WEP makes you less secure. It takes only a few minutes to crack by any number of easily available cracking tools. All it does is give you the false impression that you have another layer of security. WPA is still computationally harder to crack, IIRC, so its a better way to go. Still, don't think that your wireless encryption is going to be your strongest layer of defense.
MAC address filtering can be spoofed, once the encryption is broken. If you use filtering, assign static IP addresses to your machines, and disable DHCP, you get another layer of inconvenience. Its not going to outright stop the cracker, but it will slow him down just a bit more.
Obscuring SSID and "non-broadcast" modes don't really matter much if the cracker has appropriate tools, cause they can find the network anyways. It makes it a little harder to find with the basic Windows and NIC driver tools, but even something as innocuous as Net Stumbler can still pick up on the existence of active but non-broadcasting access points.
Doing all of this stuff is still good protection against people that don't really know what they are doing, of course. It will generally slow down a knowledgeable cracker, but there are always ways in.
Quote:
Azselendor said:
You may want to consider changing the default IP address of the router.
|
If you can get onto the network, or at least view traffic, you know where the router is via the broadcast IP (default gateway).