dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
7904
share rss forum feed

ctggzg
Premium
join:2005-02-11
USA
kudos:2

1 recommendation

reply to slajoh01

Re: How often do you change your Wi-Fi SSID/Passphrase?

said by slajoh01:

Suppose you do banking online at home, I would switch off wireless and use LAN cabled network instead.

Sorry, but that's ridiculous. If you don't trust WPA + SSL, you'd better not use a computer at all.


antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
United State
kudos:4
Reviews:
·Time Warner Cable
reply to Link Logger

said by Link Logger:

I have an open network here and what happens to your computer when you connected to it is 'your' fault for connecting to it. I'd never connect to that festering pit of oozing malware as I know whats in there.

Blake
Sometimes even the hunters get hunted

So an infected honeypot?
--
Ant @ AQFL.net and AntFarm.ma.cx. Please do not IM/e-mail me for technical support. Use this forum or better, »community.norton.com ! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer.


norwegian
Premium
join:2005-02-15
Outback

1 recommendation

reply to ctggzg

said by ctggzg:

said by slajoh01:

Suppose you do banking online at home, I would switch off wireless and use LAN cabled network instead.

Sorry, but that's ridiculous. If you don't trust WPA + SSL, you'd better not use a computer at all.

I don't know, SSL implementation of late has had a big hit against it.
I prefer to walk into the bank myself....little ol' fashioned.

As for wireless, isn't it always been recommended for better security to use a hardline......regardless of the fact the sniffed air traffic is encrypted, it can be still looked at and stored elsewhere even if they don't know the key. Bit far fetched and I understand your thoughts still, but hardwired for years has always been recommended for best security. Maybe wireless encryption is that good now, I can't say yes or no, but I'm willing to learn or try to keep up with technology.
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke



darcilicious
Cyber Librarian
Premium
join:2001-01-02
Forest Grove, OR
kudos:4

Re: SSL -- what hit is that exactly?
--
♬ Music is life ♬



norwegian
Premium
join:2005-02-15
Outback

Without getting off topic - remember we are not being specific to a singular protocol here for the implementation of SSL, so I will generalize:

»technet.microsoft.com/en-us/secu···ms12-006
»arstechnica.com/business/2012/04···rs-find/
»arstechnica.com/security/2012/09···ts-warn/
»www.filetransferconsulting.com/f···ability/
»arstechnica.com/security/2012/09···essions/
»www.mozilla.org/projects/securit···cbc.html
»Google disables SSL compression in Chrome against new attack
»kb.juniper.net/InfoCenter/index?···=SSL_VPN
»www-01.ibm.com/support/docview.w···21609029
»blog.rafaeltorrales.info/2012/10···alation/
»threatpost.com/en_us/blogs/ssl-v···s-102512
»threatpost.com/en_us/blogs/ssl-d···e-091912
»www.securitybistro.com/blog/?p=3178
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke



darcilicious
Cyber Librarian
Premium
join:2001-01-02
Forest Grove, OR
kudos:4

Thanks!



TheTechGuru

join:2004-03-25
TEXAS
kudos:2
Reviews:
·HughesNet Satell..
·WesTex Connect
reply to StuartMW

I actually have not changed mine in years.

But I'm using a HEX key generated at: »www.grc.com/passwords.htm

Using WPA2 AES and a key like 3FAE6F72EF109FB59F15F264A613E618B80F795C2EF0B734F7AE2A38F081886F I really don't think even Kevin Mitnik could get in.

Not to mention I'm using channel 13 and "n" only mode.
--
CompTIA Network+ Certified



norwegian
Premium
join:2005-02-15
Outback

True, but now anyone who might want to hack your airwaves knows the key does not use the letters "G - Z" or "g - f" now.



TheTechGuru

join:2004-03-25
TEXAS
kudos:2
Reviews:
·HughesNet Satell..
·WesTex Connect

1 edit

said by norwegian:

True, but now anyone who might want to hack your airwaves knows the key does not use the letters "G - Z" or "g - f" now.

The key would not contain them either way. ASCII keys are converted to HEX before they get transmitted over the air anyway.
--
CompTIA Network+ Certified

TheMG
Premium
join:2007-09-04
Canada
kudos:2

1 recommendation

reply to StuartMW

I never change my wifi SSID and key.

'Cause my wifi AP has been sitting in a box the last few months. Have not needed it.



antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
United State
kudos:4
Reviews:
·Time Warner Cable

said by TheMG:

I never change my wifi SSID and key.

'Cause my wifi AP has been sitting in a box the last few months. Have not needed it.

So you have network cables everywhere, eh?

TheMG
Premium
join:2007-09-04
Canada
kudos:2
Reviews:
·NorthWest Tel

said by antdude:

So you have network cables everywhere, eh?

Yes. I have CAT5e in the walls. Works great.

My HTPC was the only thing wireless but I got fed up with interference which would cause the occasional stuttering of streaming video, so I ran CAT5e there too.

If I have guests who want to connect their wireless devices to the internet, I'll fire up the AP, but otherwise I don't use it.


TheTechGuru

join:2004-03-25
TEXAS
kudos:2
reply to StuartMW

I have all CAT5 too, wireless is just for my cell phone and when I want to use my laptop away from my desk.

I need the gigabit connections.
--
CompTIA Network+ Certified



jcliff

join:2012-10-09
reply to StuartMW

I don't change mine that regularly because as others have pointed out, there are easier targets. In the area I live just a drive down the street finds you 4 or 5 residential wireless routers that have no security that you can log into.

Cracking a password is a time intensive process and the only people that could do it without me noticing (a white van in front of your house is pretty obvious) would be my neighbours, and my neighbours aren't really that way inclined.

If you can it's best to angle your WIFI so that your home gets most of the signal, the lower the quality it is by the time it hits the street the harder it is to bruteforce. You can also block the signal with certain materials to help "Guide" it into your house more than the street.

The guys from thepiratebay had an interview a few years ago where they said they don't trust WIFI and only used wired networking. So if you're being hunted by governments for some reason it's probably a good idea to stay away from WIFI and such.

--
Vendor: TinyMem - No bloat, energy efficient security and system software



ashrc4
Premium
join:2009-02-06
australia

1 edit
reply to TheTechGuru

said by TheTechGuru:

I actually have not changed mine in years.

Does that mean you have not done any firmware upgrades?

said by TheTechGuru:

Not to mention I'm using channel 13 and "n" only mode.

Not sure the exact reason why but channel 13 is not an allowed frequency in the U.S.

from wiki;

Spectrum assignments and operational limitations are not consistent worldwide: most of Europe allows for an additional two channels beyond those permitted in the US for the 2.4 GHz band (1–13 vs. 1–11),

EDIT;
Giving the parameters of your choice for a pass phrase seriously increases the chance of the pass phrase being resolved.


TheTechGuru

join:2004-03-25
TEXAS
kudos:2
Reviews:
·HughesNet Satell..
·WesTex Connect

1 edit

said by ashrc4:

said by TheTechGuru:

I actually have not changed mine in years.

said by ashrc4:

Does that mean you have not done any firmware upgrades?

No it does not, I keep my firmware upgraded. My router model does not require reprogramming when upgrading the firmware.

said by TheTechGuru:

Not to mention I'm using channel 13 and "n" only mode.

said by ashrc4:

Not sure the exact reason why but channel 13 is not an allowed frequency in the U.S.

from wiki;

Spectrum assignments and operational limitations are not consistent worldwide: most of Europe allows for an additional two channels beyond those permitted in the US for the 2.4 GHz band (1–13 vs. 1–11),

That is incomplete information. The truth is: "In the USA, 802.11 operation in the channels 12 and 13 is actually allowed under low powered conditions. The 2.4 GHz Part 15 band in the US allows spread-spectrum operation as long as the 50-dB bandwidth of the signal is within the range of 2,400–2,483.5 MHz which wholly encompasses both channels 12 and 13. A Federal Communications Commission (FCC) document clarifies that only channel 14 is forbidden and furthermore low-power transmitters with low-gain antennas may legally operate in channels 12 and 13."

said by ashrc4:

EDIT;
Giving the parameters of your choice for a pass phrase seriously increases the chance of the pass phrase being resolved.

That is incorrect because ASCII pass phrases are converted into HEX keys by the device. All keys are HEX.

»jorisvr.nl/wpapsk.html

TWObEzglZZTH53Z1nxYyoWQL2TWfdfVw2QR7Qxsa1oQ7NANEXm0Z2oyj1k9RKSA is no more secure than 5908F30733441D98E18E31DD690762B3E4493C807A1A9C30D4270D0652639930

TWObEzglZZTH53Z1nxYyoWQL2TWfdfVw2QR7Qxsa1oQ7NANEXm0Z2oyj1k9RKSA with a SSID of NETGEAR would actually have a key of 99E3EFB15AC60ECD94F178FC3BD26E9EBAB30FFD303CFF6B7E1AE890123FFEAF
--
CompTIA Network+ Certified


ashrc4
Premium
join:2009-02-06
australia

Thanks for clarifying your points.
When exactly did the FCC change it's rules?
Not something easily found.

I agree that you do update your firmware and that the rules governing the extra channels have been revised but why/how do you think that the last point is wrong.
Hex Smexs, this can be calculated as fast as key's generated.
why do you think any different there?
--
Paradigm Shift beta test pilot. "Dying to defend one's small piece of suburb...Give me something global...STAT!



TheTechGuru

join:2004-03-25
TEXAS
kudos:2
Reviews:
·HughesNet Satell..
·WesTex Connect

said by ashrc4:

Hex Smexs, this can be calculated as fast as key's generated.
why do you think any different there?

Simply put. Passphrases are converted into 64 HEX characters behind the scenes when entered, so using a 64 HEX key is no less secure. and that pass generator I use is the most random you can get without using a Lotto ping pong ball machine.
--
CompTIA Network+ Certified


ashrc4
Premium
join:2009-02-06
australia

The more obscure the method of generation (not more random) the HEX value is greater increases the size of the pool. Not the other way around.
If you imagine 3 circles intersecting only the overlap of the 3 circles is the size of the pool with random generators from the total pool.
it's ruffly only 10-14 %.
If you gave me the no. of bits that would make a huge difference as well. Say 64. But you then did give an example of 63. That makes a huge difference also to the pool.

By providing any parameters the pool can be reduced.
once the final pool is decided other factors such as generating GRC's formular billions of times then ordering on it on most likely decreases further.
I think bob and anyone else that has an interest in this has already vastly considered an already engaged in this practice.

The first example you used was perhaps the best as the no's "8188" came up. A slightly more complex conundrum that was less probable.
Yet far from the whole pool of no's, word/letters, special charactors and any combination there of.
--
Paradigm Shift beta test pilot. "Dying to defend one's small piece of suburb...Give me something global...STAT!


TheMG
Premium
join:2007-09-04
Canada
kudos:2
Reviews:
·NorthWest Tel
reply to jcliff

said by jcliff:

the only people that could do it without me noticing (a white van in front of your house is pretty obvious) would be my neighbours, and my neighbours aren't really that way inclined.

You'd be surprised what a good parabolic antenna can do.

But you're right, the chances of someone going through that amount of trouble when there are so many completely open networks is very low.