Shoutbox

I have a Linksys WRT110.

If I disable the SSID broadcast, is it safe to disable the WPA stuff?

Depends on what you call 'safe'.
If you disable the SSID broadcast, then the chances of finding your wireless connection gets very very slim (but probably not impossible).

But still, if someone happened to remember your SSID, he would still be able to connect to it. And if you don't have other security features enabled (like WPA) they would still be able to use the wireless connection.

So, it is 'safer' to disable the broadcast than if you wouldn't.
But it would be even more 'safe' if you would also enable the WPA encryption.

PS: the model of router doesn't matter for this though. This goes for all routers...

quote:

---

Originally posted by roflmao456
If I disable the SSID broadcast, is it safe to disable the WPA stuff?

---

No

Disabling WPA means no encryption, which means *everyone* will be able to pick up your traffic from the air and spy on whatever you are doing. It also mean everyone can connect to your accesspoint and abuse your connection.

Disabling SSID broadcast doesn't mean you are invisible, just makes it a tiny bit harder for novice users to notice you.

Always enable WPA(2) encryption on any accesspoint. Don't chicken out on using WEP either as it is as bad as having no encryption. Neither does a MAC filter (without adding encyption) protect you from anything.

Alright thanks for the info.

Personally I would recommend using EAP-TLS if your router supports it, but for most home users, this might be a bit overkill

quote:

---

Originally posted by Menthix

quote:

---

Originally posted by roflmao456
If I disable the SSID broadcast, is it safe to disable the WPA stuff?

---

No

Disabling WPA means no encryption, which means *everyone* will be able to pick up your traffic from the air and spy on whatever you are doing. It also mean everyone can connect to your accesspoint and abuse your connection.

Disabling SSID broadcast doesn't mean you are invisible, just makes it a tiny bit harder for novice users to notice you.

Always enable WPA(2) encryption on any accesspoint. Don't chicken out on using WEP either as it is as bad as having no encryption. Neither does a MAC filter (without adding encyption) protect you from anything.

---

That's a new kind of paranoid... 99.9 % of the population have no clue how to even begin sniffing packets... WEP encryption is just fine for home users... And if you are this paranoid, what good will WPA do? Or what good will WPA2-psk do?
In your flow only WPA2 psk-aes is safe...

quote:

---

Originally posted by foaly
In your flow only WPA2 psk-aes is safe

---

Correct, and what's wrong with that?

Why would anyone ever use WEP? Unless you have devices in your network which only support WEP. It is the same process to connect, so might as well use the technology which keeps you the safest.

quote:

---

Originally posted by foaly
99.9 % of the population have no clue how to even begin sniffing packets

---

Even if that were true (a simple google search is all it takes), you only need 1 person to get screwed, and you won't even know when it happened.

Might as well keep my key to the front door under the doormat outside, because 99.9% of the people won't look there and it will be convenient should I eve lock myself out . Most people with common sense just wouldn't want to take the risk when it is just as easy to apply better security.

quote:

---

Originally posted by foaly
That's a new kind of paranoid... 99.9 % of the population have no clue how to even begin sniffing packets...

---

I do agree completely with this...

quote:

---

Originally posted by Menthix
Most people with common sense just wouldn't want to take the risk when it is just as easy to apply better security.

---

Common sense isn't enough though, you also need to have the knowledge. And that is the most common problem...

On top of what foaly said, I dare to state that 99.9% of the people having a wireless connection don't have a clue how to secure it. Let alone know what the difference is between WEP, WPA, etc, or know what SSID broadcasting is, MAC address, etc.

Nevertheless, for those who are security-aware, and know how-to secure their Wifi, using basic security wont hurt I guess. But you don't need to have military graded encryption turned on either for everyday use though.

Security is one thing, but being paranoid won't help anything.

To continue the house analogy......it's like locking the door, having a burglar alarm, etc......all they are are deterants....something to slow people down or put them off the idea.

If they want whatever it is, they'll get it anyway, somehow.  But I would imagine that for the "casual" hacker, seeing any kind of security will put them off and get them to move onto something else.  And I doubt that a more "advanced" hacker would be targeting a personal environment anyway......there's far easier ways of getting someone's credit card details (as realistically that's what any hacker is going to be after)

I'm not blaming regular people for not knowing the terms and using defaults. But if people ask for advise I tell them they might as well use the most secure settings by hitting the WPA radio button instead of the WEP one. It doesn't take any extra effort or any extra time.

If that is being paranoid to you, fine .