Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




64 posts

Master Geek


# 45379 1-Nov-2009 11:12
Send private message

Hello to all.  My iPhone doesn't play nicely with WEP security - its connection to my wireless router drops in and out.  It works perfectly if I disable encryption on my router.  I would obviously like some protection to keep hackers/thieves out.  Is MAC address filtering sufficient as basic home wireless router protection?  (I plan to limit access to my router to the iPhone only).  My understanding is that "spoofing" a MAC address is easy enough to do.  How likely is it that someone could be bothered?  If they were able to spoof, presumably all they would be able to do is steal my bandwidth?

Comments are welcome.

Create new topic
2366 posts

Uber Geek

Trusted
Spark

  # 268975 1-Nov-2009 11:27
Send private message

Does your router not support WPA?

nzbnw







1708 posts

Uber Geek

Subscriber

  # 268996 1-Nov-2009 13:27
Send private message

WPA is the standard now and you should see if your router supports it! If you were going to do what you say generally it would be quite safe as yes MAC spoofing is easy but the users would have to find out what MAC addresses you have in you OK list (impossible really).

Hacking wireless routers not encrypted is possible but happens close to 0% in NZ. Most people that war drive will look for routers that have no security on them!!

 
 
 
 


2113 posts

Uber Geek


  # 269010 1-Nov-2009 14:01
Send private message

Perhaps you could also change the default SSID and then disable it, on top of your MAC filtering.

I asked my neighbours across the road who can pick up my network to see if they can hack it.. No go.




- Telstra HTC Touch Pro2 - Energy ROM WM6.5.5 20 Oct/Cyanogen Mod Froyo 2.2 - R.I.P
- AT&T Galaxy S Captivate 16GB on XT (now with brother)
- Samsung Galaxy S2 on XT- Runs ICS 4.0.3 Resurrection Remix 9.2
- Business Hours - Work In The Electricity Industry, After Hours - DJ/Turntablist - Will Scratch Vinyl For Free'
- What's next??? S3?



64 posts

Master Geek


  # 269017 1-Nov-2009 14:20
Send private message

Thanks, have changed to EPA and all good.



64 posts

Master Geek


  # 269018 1-Nov-2009 14:21
Send private message

That should read EPA.



64 posts

Master Geek


  # 269019 1-Nov-2009 14:21
Send private message

Wpa

3309 posts

Uber Geek

Trusted

  # 269047 1-Nov-2009 15:52
Send private message

itxtme: WPA is the standard now and you should see if your router supports it! If you were going to do what you say generally it would be quite safe as yes MAC spoofing is easy but the users would have to find out what MAC addresses you have in you OK list (impossible really).

Hacking wireless routers not encrypted is possible but happens close to 0% in NZ. Most people that war drive will look for routers that have no security on them!!

That's not true is it?  Can't the packets be inspected with a wireless sniffer to determine authorised MACs/unencrypted data?

 
 
 
 


1708 posts

Uber Geek

Subscriber

  # 269050 1-Nov-2009 16:00
Send private message

bazzer:
itxtme: WPA is the standard now and you should see if your router supports it! If you were going to do what you say generally it would be quite safe as yes MAC spoofing is easy but the users would have to find out what MAC addresses you have in you OK list (impossible really).

Hacking wireless routers not encrypted is possible but happens close to 0% in NZ. Most people that war drive will look for routers that have no security on them!!

That's not true is it?  Can't the packets be inspected with a wireless sniffer to determine authorised MACs/unencrypted data?

3309 posts

Uber Geek

Trusted

  # 269080 1-Nov-2009 18:04
Send private message

itxtme:
bazzer:
itxtme: WPA is the standard now and you should see if your router supports it! If you were going to do what you say generally it would be quite safe as yes MAC spoofing is easy but the users would have to find out what MAC addresses you have in you OK list (impossible really).

Hacking wireless routers not encrypted is possible but happens close to 0% in NZ. Most people that war drive will look for routers that have no security on them!!

That's not true is it?  Can't the packets be inspected with a wireless sniffer to determine authorised MACs/unencrypted data?

You don't say?

1708 posts

Uber Geek

Subscriber

  # 269155 2-Nov-2009 07:45
Send private message

thanks for that, now point out the literature where this happens regularly?

507 posts

Ultimate Geek


  # 269176 2-Nov-2009 09:36
Send private message

As stated above, MAC address filtering with a hidden SSID "can" be broken if you have to tools to do so.

Whether anyone would have the motivation to bother to try and crack your home network is the main question.

Your general,run of the mill pimply 15 year old wouldnt have the knowledge and those who do have the knowledge and are inclined to misue that knowledge would probably be trying to crack something worthwhile!

In short, MAC address filtering with hidden SSID is enough in NZ, and its what i use!




 


The force is strong with this one!

69 posts

Master Geek


  # 269231 2-Nov-2009 11:38
Send private message

Here's a link I always point people to when discussing Wireless security

http://blogs.zdnet.com/Ou/?p=43


3309 posts

Uber Geek

Trusted

  # 269239 2-Nov-2009 11:55
Send private message

itxtme: thanks for that, now point out the literature where this happens regularly?

All I'm saying is that you stated it's hard (impossible really) to find the MAC address to spoof, but in fact it's more or less trivial.  Whether or not it is commonplace is beside my point.  The fact that it's so easy to defeat makes me uncomfortable in using or recommending it.  Ditto for hiding SSID.

Furthermore, all traffic from the router will be subject to interception if that's a concern to you, so it's not just stealing bandwidth.  Moral of the story, encrypt your router!

8035 posts

Uber Geek

Trusted

  # 269265 2-Nov-2009 13:37
Send private message

Best practice is:

WPA2 with AES encryption

Also make sure that your pre shared key (aka password) is at least 10+ digits long and not something that can be broken with a dictionary of common words attack (ie: use something alphanumeric and mixed case and mixed characters).

If you have some older devices with a network adapaters that do not support WPA2 then you can use WPA (WPA1) with AES encryption.

If you have a device that doesn't do AES encryption you should consider replacing it (it's like $20 for a USB wireless that can do WPA2 and AES) as TKIP encryption can be cracked in under 1min.



Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Vodafone integrates eSIM into device and wearable roadmap
Posted 17-Jan-2020 09:45


Do you need this camera app? Group investigates privacy implications
Posted 16-Jan-2020 03:30


JBL launches headphones range designed for gaming
Posted 13-Jan-2020 09:59


Withings introduces ScanWatch wearable combining ECG and sleep apnea detection
Posted 9-Jan-2020 18:34


NZ Police releases public app
Posted 8-Jan-2020 11:43


Suunto 7 combine sports and smart features on new smartwatch generation
Posted 7-Jan-2020 16:06


Intel brings innovation with technology spanning the cloud, network, edge and PC
Posted 7-Jan-2020 15:54


AMD announces high performance desktop and ultrathin laptop processors
Posted 7-Jan-2020 15:42


AMD unveils four new desktop and mobile GPUs including AMD Radeon RX 5600
Posted 7-Jan-2020 15:32


Consolidation in video streaming market with Spark selling Lightbox to Sky
Posted 19-Dec-2019 09:09


Intel introduces cryogenic control chip to enable quantum computers
Posted 10-Dec-2019 21:32


Vodafone 5G service live in four cities
Posted 10-Dec-2019 08:30


Samsung Galaxy Fold now available in New Zealand
Posted 6-Dec-2019 00:01


NZ company oDocs awarded US$ 100,000 Dubai World Expo grant
Posted 5-Dec-2019 16:00


New Zealand Rugby Selects AWS-Powered Analytics for Deeper Game Insights
Posted 5-Dec-2019 11:33



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.