how do you secure your airport network?

Discussion in 'Mac Basics and Help' started by proverbs, Dec 20, 2005.

  1. proverbs macrumors 6502

    Joined:
    Mar 15, 2005
    #1
    i have a wireless network but noticed that i did not secure it, with a password, etc. can anyone help me with this process? i heard that other people can hack and use your network if you don't secure it. TIA.
     
  2. tjwett macrumors 68000

    tjwett

    Joined:
    May 6, 2002
    Location:
    Brooklyn, NYC
    #2
    i have an Airport Extreme base and some Expresses. i use WPA2 along with limiting the access to only specifically listed MAC addresses, which include only the computers we own. it is also a closed network so it doesn't display the name. you can set this all from Airport Admin Utility or from the interface on your wireless router (usually web based).
     
  3. proverbs thread starter macrumors 6502

    Joined:
    Mar 15, 2005
    #3
    actually, sorry. i don't have an actualy airport, but a d-link router. we have a G4 desktop, a powerbook, and a PC. is there a way i can limit it to these compter only? or maybe a password to use the network somehow?
     
  4. .Andy macrumors 68030

    .Andy

    Joined:
    Jul 18, 2004
    Location:
    The Mergui Archipelago
    #4
    Your router should have come with an off-line web-page configuration tool. The URL will be in the instructions. It's usually on the first page as it's what your router uses to initiate itself as your network. It is that URL that prompted you for your username and password when you first set it up. You'll be able to log in there and select the security that you'd like to use :).
     
  5. semaja2 macrumors 6502a

    Joined:
    Dec 12, 2005
    Location:
    Adelaide
    #5
    on my linksys router ive got wpa-radius setup with the non broadcast of ssid and a mac filter so it would be extremly hard to get into my network :p
     
  6. ipwitch macrumors member

    Joined:
    Oct 20, 2005
    #6
    Well, not really. MAC's can easily be forged, your SSID and MAC addresses can be found easily with passive scanning. WPA is more secure than WEP, but not secure enough for me. Go with ipsec to be safe...
     
  7. semaja2 macrumors 6502a

    Joined:
    Dec 12, 2005
    Location:
    Adelaide
    #7

    lol well i think you under estimate the wpa-raidus only way to get in on that is to get a computer certificate from my server and a user account on the network, after that when you reach the network you need to vpn into the server which also requires a user certificate then after you vpn your finally on the network

    PS i know its alot of security but im a paranoid man :p
     
  8. ipwitch macrumors member

    Joined:
    Oct 20, 2005
    #8
    Oh, my bad - misread you post. thought you wrote wpa-radius...
     
  9. grapes911 Moderator emeritus

    grapes911

    Joined:
    Jul 28, 2003
    Location:
    Citizens Bank Park
    #9
    For all intents and purposes, WPA is unbreakable.
     
  10. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #10
    What are you using as a Radius server?
     
  11. retasi macrumors member

    Joined:
    Dec 10, 2005
    #11
    MAC address filtering it does not slow the network down!!!
     
  12. semaja2 macrumors 6502a

    Joined:
    Dec 12, 2005
    Location:
    Adelaide
    #12
    i use microsoft IAS on a windows server and i use ISA 2004 vpn and firewall


    PS WPA is breakable but WPA-RADIUS makes its almost unbreakable becuase of the radius server doing the authication and encryption

    PSS the encryption over this whole link is very very tight due to about 3 layers of encryption
     
  13. grapes911 Moderator emeritus

    grapes911

    Joined:
    Jul 28, 2003
    Location:
    Citizens Bank Park
    #13
    No it doesn't. But it is unnecessary and an inconvenience when you have a powerful encryption. The most annoying thing is going to someone's house and connecting to their internet and they have to add you MAC first.
     
  14. grapes911 Moderator emeritus

    grapes911

    Joined:
    Jul 28, 2003
    Location:
    Citizens Bank Park
    #14
    It pretty much only breakable by brute-force and bad passwords. Use non-dictionary words. Add numbers. Add caps. Make the password long. I just use random characters that mean absolutely nothing. Virtually unbreakable.

    EDIT: By the way. WPA is said to be breakable with 4-5 Million packets. The problem is that the shared key changes often in WPA. No key will ever be used more than a few thousand times. Unbreakable.
     
  15. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #15
    Yes, use words that don't mean nuthin', like loopid. But don't use "loopid," because Humpty Hump thought of that one first. :)
     
  16. semaja2 macrumors 6502a

    Joined:
    Dec 12, 2005
    Location:
    Adelaide
    #16
    grapes MAC filtering is good and a basic but helpful security and if you only ever expect your laptops to be on there, then theres no trouble
     
  17. Les Kern macrumors 68040

    Les Kern

    Joined:
    Apr 26, 2002
    Location:
    Alabama
    #17
    Nah. I have 60+ Airports at work. Since there is no "real" security with wireless, it's wide open, come one comae all. BTW, that's how Apple's campus in Cupertino operates.
     
  18. grapes911 Moderator emeritus

    grapes911

    Joined:
    Jul 28, 2003
    Location:
    Citizens Bank Park
    #18
    Actually, it sucks. Besides WEP, it's the easiest to crack. There is no need to even turn it, especially if you have a good encryption like WPA.
     
  19. semaja2 macrumors 6502a

    Joined:
    Dec 12, 2005
    Location:
    Adelaide
    #19
    well its also just as easy to run the wireless with no security at all, makes life so much easier. but if you do that you should have secodary secuirty like i also have with a firewall blocking eveerything except vpn connections
     

Share This Page