Page 1 of 3 123 LastLast
Results 1 to 15 of 39
  1. #1
    Joined
    Nov 2002
    Location
    In bed with one of my avatar AMD girls :D
    Age
    39
    Posts
    8,876

    Securing my new router?

    I just switched to a DLink DI-524 router from an older DLink DI-514.Main reason is cause the 514 kept on getting piggybacked by someone and no matter what I did to try and secure it,it still happened.
    Hopefully I will have better results with this new router which features superior WAP encryption compared to simple WEP encryption of previous router.
    Now what steps should I take to make this new router virtually unhackable?So far I have setup WAP-PSK encryption and turned on MAC adress filtering.Im no network guru so I would like to know what else can be done to protect this.Or should WAP-PSK encryption be enough?

  2. #2
    Joined
    Jan 2002
    Location
    South Suburbs of Chicago
    Posts
    1,613

    Re: Securing my new router?

    I think that is about as far as you can go to lock down the router.

    You could try a less popular private address range like 10.12.173.x.

    If he's good enough to get past WPA, then the oddball addresses won't throw him off for long anyway though.

    You could use a directional antenna on the old router and blast noise at him if you know what direction he is.

  3. #3
    Joined
    Dec 2003
    Location
    Obamaland
    Age
    37
    Posts
    9,532

    Re: Securing my new router?

    Quote Originally Posted by Ganj
    I just switched to a DLink DI-524 router from an older DLink DI-514.Main reason is cause the 514 kept on getting piggybacked by someone and no matter what I did to try and secure it,it still happened.
    Hopefully I will have better results with this new router which features superior WAP encryption compared to simple WEP encryption of previous router.
    Now what steps should I take to make this new router virtually unhackable?So far I have setup WAP-PSK encryption and turned on MAC adress filtering.Im no network guru so I would like to know what else can be done to protect this.Or should WAP-PSK encryption be enough?

    You could try flashing your router to a third party firmware that will allow you to use wireless channles 12, and 13.
    But you would also have to figure out how to get your WLAN cards to also access those channles.

    And like Spartacus said, if hes good enough to get past WPA, he'll probably catch on to that too.


    As another election draws near; the G.O.P. are yet again filled with a stupid confidence that the they will win the White House. What they don't realize about people like Trump, Carson, and Cruz is that their rhetoric only resonates within an echo chamber, but not the American people. They live in an illusion of falsehood and distorted truth and only seek information and opinions that confirm these beliefs and instantly reject anything that contradicts them because only their opinions matter. Their notion of freedom is freedom for themselves and those alike to them, but not the rest of the country which has changed.
    These are the reasons why the G.O.P is set to lose in 2016. And when that happens, rest assured that they will have myriad of conspiracy theories blaming everyone and everything from the liberal media, to Oprah, to welfare moms, and pretty much everyone but their own disgusting selves.



  4. #4
    Joined
    May 2002
    Location
    The Lost Continent of Atlantis
    Age
    47
    Posts
    3,694

    Re: Securing my new router?

    change the ip of the router to something other than the default 192.168.0.1

    set up your net work and set up MAC address filtering, assign specific IP addresses to the internal MACs

    set your internal ip range to include the range of the machines on your network, leave no other open slots.

    then disable DHCP

    disable SSID Broadcast

    password the router, use aphanumerical password

    for example

    set your router to 192.168.0.40

    say you have 2 wired and 1 wireless computer inside your network

    Assign the ip addresses 192.168.0.166, 167 and 168 to the three MACs seen by the router.

    set your netwrok range to 192.168.0.166-192.168.0.168

    another PC that tries to connect will not get assigned an IP address automatically on the network, 1) because there are no free slots availiable, and 2) DHCP is dissabled

    he can however specify his own and still connect, but with SSID broadcast disabled, he will probably not try to since he will not see an avialiable network to hook up to

    router password should be something long and alphanumeric

    mine for instance is my middle name, my sons birthday, my dogs name, and my wedding aniversary and consists of 10 letters and 9 numbers

    I don't use wep or wpa on mine, I hate how it messes up the wireless connectivity

    I used to have a constant piggy backer, but since i did the above, no other systems have been logged in the system logs of the router in over a year

    technically the system is still open
    Last edited by StompinRound; 02-24-2006 at 03:01 AM.

  5. #5
    Joined
    Nov 2001
    Location
    E n g l a n d
    Posts
    10,978

    Re: Securing my new router?

    I use WPA/PSK with no problems at all.

    To make it as secure as possible, use a nice long, random key. Here's a couple sites that can generate them for you.

    https://www.grc.com/passwords

    or

    http://www.kurtm.net/wpa-pskgen/
    Last edited by Enmore; 02-24-2006 at 01:48 PM.

  6. #6
    Joined
    Nov 2002
    Location
    In bed with one of my avatar AMD girls :D
    Age
    39
    Posts
    8,876

    Re: Securing my new router?

    K cool those suggestions sound good stompin round.About setting up an internal ip range ,im not sure how to do it but I guess Ill try it.To do this I should disable DHCP server and enable static DHCP?And if I disable DHCP server how do I set a network range like you said?I only see the option in DHCP server
    And If I disable SSID broadcast then how will the household laptop connect to router?
    I have 3 pcs at home 2 hardwired through ethernet to router and one laptop through wifi
    Last edited by Poci; 02-24-2006 at 01:32 PM.

  7. #7
    Joined
    Nov 2001
    Location
    I've moved.....I'm over here now.
    Age
    61
    Posts
    7,290

    Re: Securing my new router?

    @StompinRound,

    Why not just set your subnet mask to 255.255.255.248 and assign the 2 extra IP addresses to non-existent MACs? With the three you already assigned for your machines, there's no free IP addresses for anyone to hijack even if they knew the network existed.

  8. #8
    Joined
    Nov 2001
    Location
    I've moved.....I'm over here now.
    Age
    61
    Posts
    7,290

    Re: Securing my new router?

    Quote Originally Posted by Ganj
    ...And If I disable SSID broadcast then how will the household laptop connect to router?...
    Once you've connected the first time, the laptop should be set to do so automatically and the lack of SSID broadcast is irrelevant.

  9. #9
    Joined
    Nov 2001
    Location
    E n g l a n d
    Posts
    10,978

    Re: Securing my new router?

    Quote Originally Posted by Sick Willie
    Once you've connected the first time, the laptop should be set to do so automatically and the lack of SSID broadcast is irrelevant.
    I can second that. It's not an issue.

  10. #10
    Joined
    Nov 2002
    Location
    In bed with one of my avatar AMD girls :D
    Age
    39
    Posts
    8,876

    Re: Securing my new router?

    Ok I disabled SSID broadcast and laptop can still connect BUT on the laptop under view wireless networks I can still see the SSID name of the router!!Does this mean that a hacker can see it as well,wtf I turned off SSID why is it still showing up?

  11. #11
    Joined
    May 2003
    Posts
    1,237

    Re: Securing my new router?

    Quote Originally Posted by Ganj
    Ok I disabled SSID broadcast and laptop can still connect BUT on the laptop under view wireless networks I can still see the SSID name of the router!!Does this mean that a hacker can see it as well,wtf I turned off SSID why is it still showing up?
    SSID "hiding" is useless. All packets to and from the access point are prefixed with the SSID in plain text, regardless of encryption level. If I want to find your AP name, all I have to do is fire up Netstumbler and wait for something to talk to your AP.

    Use WPA-PSK or AES if your router and clients support them. Use a very complex passphrase that's alphanumeric and includes some oddball characters (!, *, &, ~, etc)


    Intel 7820X, ASRock X299 Taichi, 32GB DDR4 3200, Radeon 290X, 8TB WD Gold with 32GB Optane cache

  12. #12
    Joined
    Nov 2001
    Location
    I've moved.....I'm over here now.
    Age
    61
    Posts
    7,290

    Re: Securing my new router?

    Quote Originally Posted by GTwannabe
    SSID "hiding" is useless. All packets to and from the access point are prefixed with the SSID in plain text, regardless of encryption level. If I want to find your AP name, all I have to do is fire up Netstumbler and wait for something to talk to your AP.

    Use WPA-PSK or AES if your router and clients support them. Use a very complex passphrase that's alphanumeric and includes some oddball characters (!, *, &, ~, etc)
    1) AES is a WPA algorithm, so there's not a choice of WPA or AES. But, I do agree that encryption is a must.

    2) After disabling SSID broadcast (not technically hiding), someone would have to make an effort to see the network. Most hijacks are opportunity hijacks, not malicious hackers. Following your logic, I might as well leave the house unlocked since, even with the door locked, someone could still break a window. And, of course, they could - but it would take more of an effort on their part. Each little thing one does makes the (potential) intruder work harder to achieve his/her goal - and, in the process, changes the reflection of such a person from an opportunist to that of a criminal.

  13. #13
    Joined
    Nov 2002
    Location
    In bed with one of my avatar AMD girls :D
    Age
    39
    Posts
    8,876

    Re: Securing my new router?

    Ok so far I have WPA-PSK,MAC filtering and disabled SSID.Should I assign IPs to each MAC adress next and disable DHCP server?

  14. #14
    Joined
    Jan 2002
    Location
    South Suburbs of Chicago
    Posts
    1,613

    Re: Securing my new router?

    Quote Originally Posted by Sick Willie
    @StompinRound,

    Why not just set your subnet mask to 255.255.255.248 and assign the 2 extra IP addresses to non-existent MACs? With the three you already assigned for your machines, there's no free IP addresses for anyone to hijack even if they knew the network existed.
    Nice tip!

    I like that one.

  15. #15
    Joined
    Nov 2001
    Location
    E n g l a n d
    Posts
    10,978

    Re: Securing my new router?

    I could be wrong here, but I don't think Netstumber can actually find hidden SSIDs. I know packet sniffing programs like Kismet can though.

    Even if disabling SSID won't stop a determined hacker, it still adds another hurdle. There are also plenty on unprotected routers out there, so they're more likely to go pick on someone else.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •