Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Airport Network Security
- Thread starter jbrown
- Start date
- Sort by reaction score
What wireless router are you running?
If it's Airport based, download the Airport Management Tools and run the Client Monitor to see which other MAC addresses are on the network.
If you're really concerned, then if you hide your SSID and turn on MAC filtering, there's very little chance of someone managing to get onto it.
If it's Airport based, download the Airport Management Tools and run the Client Monitor to see which other MAC addresses are on the network.
If you're really concerned, then if you hide your SSID and turn on MAC filtering, there's very little chance of someone managing to get onto it.
Thanx.
What is SSID, and how do I hide it? And turn on Mac filtering?
I'm on a reg Airport Extreme setup.
I don't really mind if someone just uses my internet connection - but if they get on my network, just how much mischief can they get up too??
What is SSID, and how do I hide it? And turn on Mac filtering?
I'm on a reg Airport Extreme setup.
I don't really mind if someone just uses my internet connection - but if they get on my network, just how much mischief can they get up too??
jbrown said:Thanx.
What is SSID, and how do I hide it? And turn on Mac filtering?
I'm on a reg Airport Extreme setup.
I don't really mind if someone just uses my internet connection - but if they get on my network, just how much mischief can they get up too??
Since your using an Airport Ex Station the instructions follow:
In your Utilities folder you will have an Airport Admin Utility that you might have used already to alter settings on the base station, find your station in the list and when you access it a new window will pop up showing configuration settings
SSID is the ID which the network broadcasts for people to know that its there, turn it off and the network won't be on display for others to see, that fuction on Airport is called Closed networking and there will be a simple checkbox to work that
Going to the Access part you can add your MAC no. (a uniqie no. for each network hardware, ethernet, Airport etc) click add and there then click the button that says "This computer"
Of course there is always the "make sure you have passwords for both base Station and network" speech but the Admin Utility is pretty straight forward so that shouldn't be a problem to do
The amount of trouble might depend on what sharing permissions you have set and what they might be downloading. If they're using your connection for downloading music/movies from P2P networks, you might wake up one day to a summons from the BPI for lots of cash. If you think someone's just hopping on to check their webmail, then you might be happy to do that. If you're on a limited bandwidth broadband service, you might also want to limit people's ability to use your account.
Do you have WPA or WEP security set up on it at the moment?
To stop your Airport Base broadcasting your SSID (which is the name of your network as it appears in your Airport bar in the menu bar), open up the Airport Admin Utility, select the network, choose configure and tick the box that says 'Create a closed network'. This will mean that anyone wanting to join your network would need to know both the name of the network and the password to be able to join it.
To filter the MAC addresses that can use your network, stay in the Admin Utility and click on Access Control. You'll see a + sign next to the box at the top, click on that and enter your Mac's MAC address (or Airport ID) and a description. Whenever any other computer/router wants to join your network, you'd have to go in there and update the Access Control list with the new MAC address. That includes things like Airport Expresses. You can find your MAC (Airport ID) in System Preferences, Network under the Airport tab of Configure or in the System Profiler under Network
Do you have WPA or WEP security set up on it at the moment?
To stop your Airport Base broadcasting your SSID (which is the name of your network as it appears in your Airport bar in the menu bar), open up the Airport Admin Utility, select the network, choose configure and tick the box that says 'Create a closed network'. This will mean that anyone wanting to join your network would need to know both the name of the network and the password to be able to join it.
To filter the MAC addresses that can use your network, stay in the Admin Utility and click on Access Control. You'll see a + sign next to the box at the top, click on that and enter your Mac's MAC address (or Airport ID) and a description. Whenever any other computer/router wants to join your network, you'd have to go in there and update the Access Control list with the new MAC address. That includes things like Airport Expresses. You can find your MAC (Airport ID) in System Preferences, Network under the Airport tab of Configure or in the System Profiler under Network
Use WPA security. WEP can be cracked very easily.Applespider said:
In order of importance:
- WPA Security
- Restrict to registered MAC addresses.
- Do not broadcast your SSID.
I think all of this is over reacting, especially when people talk about packet cracking, at least if your network consists of only a link to the internet. If your really worried, hard line it. All the advice above is good.
Also use strong random passwords. This little app helps generate strong keys. Also, change passwords from time to time.
You can further improve security, at least from passing snooping by reducing the power output of your wireless base station so that it covers a minimum area.
Lastly, use the file vault feature of OSX. Also, anything that is truly sensitive, you should encrypt anyway. You don't have to use OSX, but don't rely on MS words password protection scheme, or many other programs.
Also use strong random passwords. This little app helps generate strong keys. Also, change passwords from time to time.
You can further improve security, at least from passing snooping by reducing the power output of your wireless base station so that it covers a minimum area.
Lastly, use the file vault feature of OSX. Also, anything that is truly sensitive, you should encrypt anyway. You don't have to use OSX, but don't rely on MS words password protection scheme, or many other programs.
What about restricting the number of IP addresses to the number of computers on your LAN? I've done this as well as assign certain IP addresses to each computer on the LAN, which leaves no open IP addresses to use.
I also use WEP and will start using WPA when I take the time to look into it.
. . . just curious if limiting IP addresses is effective
I also use WEP and will start using WPA when I take the time to look into it.
. . . just curious if limiting IP addresses is effective
swindmill said:
I have also done this, I've set 10 IPs aside for my home network but its easy to go beyond that range by seting up a computer for a manual address