Check Your Network!

Discussion in 'Mac OS X Server, Xserve, and Networking' started by Akira1980, Jan 2, 2009.

  1. Akira1980 macrumors 6502

    Akira1980

    Joined:
    May 27, 2007
    Location:
    San Diego
    #1
    So I noticed that my MBP's internet connection was really slow for past few days. But I didn't think nothing of it. Then today it was at the point where I couldn't even open a webpage without waiting for few minutes.

    I decided to check my airport utility to see what's up. When I checked the MAC address of connected user, I noticed one MAC address that I didn't recognize. At this point I changed the password and tweaked the access control so that only the MAC address of my MBP, PS3, and iPhone can access my network.

    When I restarted the Airport, everything was fine. Internet connection was super fast. Conclusion? Someone was downloading big files using my network causing the slow down. :mad:

    My advice to all, check your network and change the password at least. It is new year after all, and it is good time to fine tune your network.
    :cool:
     
  2. VideoFreek macrumors 6502

    VideoFreek

    Joined:
    May 12, 2007
    Location:
    Philly
    #2
    Great advice, thanks. What is disturbing, however, is how someone managed to crack your wireless network. Were you using WPA/ WPA2? If so, did you use a strong password?

    The measures you've implemented (MAC access control, changed password) will work for a while, but unless you've hardened your security profile, you can be cracked again. MAC addresses can be spoofed, and weak passwords can be cracked via dictionary-style attacks (this is in fact how WPA-PSK can be easily cracked--security depends on the strength of your password). My advice--use WPA (or better WPA2 if all your devices support it), and use a strong password consisting of at least 20 random characters (bare minimum), using uppercase, lowercase, numeric and special characters. Better yet, use Steve Gibson's ultra-high security password generator to generate a random 63-character password.
     
  3. bruinsrme macrumors 601

    bruinsrme

    Joined:
    Oct 26, 2008
    #3
    MAC control access is a little pain when you need to add something but it is very effective.
     
  4. VideoFreek macrumors 6502

    VideoFreek

    Joined:
    May 12, 2007
    Location:
    Philly
    #4
    It is not very effective. At best, it is an additional layer of protection (think of it as an extra deadbolt on a door) that will discourage the casual intruder, but it can be easily overcome via MAC spoofing. It should by no means be used as the primary security measure on a wireless network.

    I stand by my above statement...the only reliable security for a home network today is WPA-PSK (or better WPA2) secured by a very strong password. In my own setup, I have not even implemented MAC address filtering, because in my view the limited extra protection it affords is not worth the hassle of updating the MAC list in my router every time I need to add a wireless client to my network.

    Until recently, WPA had not been meaningfully cracked (except for dictionary-type attacks against weak passwords), but it appears those days will soon come to an end. The next step will be WPA2, but this is inevitable--the computer security game is always about the good guys staying one step ahead of the bad guys.
     
  5. VoR macrumors 6502a

    Joined:
    Sep 8, 2008
    Location:
    UK
    #5
    What he said (twice) - although he meant "It is not at all effective :)
     
  6. Akira1980 thread starter macrumors 6502

    Akira1980

    Joined:
    May 27, 2007
    Location:
    San Diego
    #6
    I was using WEP before, now I am using WPA2 like you said. I think if someone really wanted to crack your code, they will. I just want them to work very very very hard for it at least. Thanks for the advice.
     
  7. VideoFreek macrumors 6502

    VideoFreek

    Joined:
    May 12, 2007
    Location:
    Philly
    #7
    Ah, that explains it. WEP ... a 12-year old could crack WEP :rolleyes:, you're safe with WPA2 as long as you use a strong password as I've outlined.
     
  8. Sayer macrumors 6502a

    Sayer

    Joined:
    Jan 4, 2002
    Location:
    Austin, TX
    #8
    Uhm, a 12 year old with a third-party external WiFi adapter, customized hacker-friendly drivers and a program to blast the router with extra packets, collect keys and then computationally attack the keys, sure.
     
  9. Solemony macrumors 6502

    Solemony

    Joined:
    Nov 26, 2008
    Location:
    Wonderland
    #9
    Thanks but so far mine is fine and I don't think anyone's trying to hack into my network since not a lot of people live in my neighborhood..So I should be fine but it is good to change the security password once in a while :).
     
  10. VoR macrumors 6502a

    Joined:
    Sep 8, 2008
    Location:
    UK
    #10
    I think Sayer's forum account has been compromised by a teen aged neighbour. Either that or he's posting irresponsible rubbish.
     
  11. Primejimbo macrumors 68040

    Joined:
    Aug 10, 2008
    Location:
    Around
    #11
    How do you find out what Mac address use your network?
     
  12. iMouse macrumors regular

    Joined:
    Jul 23, 2002
    Location:
    Boardman, Ohio
    #12
    Wireless Security

    Keep in mind that while encryption is necessary, some cheaper routers with slow processors take a serious performance hit when enabling WPA or WPA2 when multiple users are transmitting data on the WiFi network. Buy a good router with a fast processor and a decent amount of RAM. Most of this information can be found on messageboards or the manufacturer's website.

    WEP is useless nowadays and is more likely to just keep grandma and grandpa in the next house over from accidentally connecting to your network. Any kid with a WLAN card and access to KisMAC, Kismet, AirSnort, etc would have a field day on your wireless security.

    I highly recommend securing systems even within your network to ensure that if the wireless security is compromised, your workstations are still somewhat safe. Do not leave open shares with r-w-x privs or shares with weak passwords running on your internal network. Be sure to also secure devices that are accessible by IP such as a network printer, your router, or other media devices.
     
  13. Akira1980 thread starter macrumors 6502

    Akira1980

    Joined:
    May 27, 2007
    Location:
    San Diego
    #13
    I don't know about other routers but if you use Airport, you can find out by opening airport utility, manual setup, and on summary screen click on wireless clients. You should now see activity of network and MAC address of users using your network.
     
  14. Primejimbo macrumors 68040

    Joined:
    Aug 10, 2008
    Location:
    Around
    #14
    Thanks and yes I have an Apple Airport
     

Share This Page