cancel
Showing results for 
Search instead for 
Did you mean: 

Wireless Router and laptop security

Wordsmith
Grafter
Posts: 58
Registered: 30-07-2007

Wireless Router and laptop security

Hi
I've been using an encrypted Netgear 834G router, adopting invisible mode, for some time and have always been able to use my laptop wirelessly.
Recently, however, I've realised that the laptop isn't sharing the same security as my desktop and currently shows 'Unsecured computer-to-computer network' when I log on. I'm also able to see other neighbouring networks so I'm presuming that they can also see me.
Unlike the desktop which only has the LAN connection displayed in Network Connections(Connected,Firewalled), there are 3 displayed on the laptop;Wireless Network Connection 2 (Connected, Firewalled);1394 Connection (Connected, Firewalled)
; Local Area Connection 2(Network cable unplugged, Fire...)
I'm at loss as to what to do to secure the laptop and I'm reluctant to change too much in case I make my main PC less secure.
Can anyone help please?
Many thanks if so.
Helen
14 REPLIES
N/A

Wireless Router and laptop security

Get a free copy netstumbler from http://www.netstumbler.com/

It will show you wireless in range and if its protected. Yours is saying the network cable is unplugged which is fine and the others are firewalled etc. So all seems ok.

when you say you can see others I assume you mean you can pick them up wirelessly?
what do you mean your laptop hasnt the same security as the pc?
Wordsmith
Grafter
Posts: 58
Registered: 30-07-2007

laptop security

Thanks for your response mwright.

I don't think the security of my desktop is an issue and I've disabled the feature on the router which broadcasts the name of the network so it's effectively 'cloaked' (my son's laptop couldn't find it when he visited).

However, although I'm able to wirelessly log on to the router with my laptop, I am worried about security. Viewing wireless networks on the laptop shows my network and indicates that it's broadcasting on an 'unsecured computer-to-computer wireless network'.
(My son was able to 'see' the laptop on his mobile phone btw)

There are two issues here - the security of material on the laptop, and also, whether I'm compromising the security of the desktop through the use of the laptop.
I should also point out that I've never been able to get the 'sharing' facility to work on either pc.
I feel as though this should be something relatively simple I need to do to get this right!
Helen
N/A

Wireless Router and laptop security

The security of your wireless connection is dealt with within the 'Wireless Settings" menu of your DG834G router. Are both your Desktop & Laptop connecting wirelessly? If so then either both your Desktop & Laptop have a secure connection or they are both unsecure. You can't have both.

To ensure your connection is as secure as possible you need to:

- Restrict access based on MAC address
- Turn off Broadcast of the SSID (which you appear to have done)
- Encrypt your connection using WEP or, preferably, WPA security

If all you have done is turned off the broadcast of the SSID then your network is not very secure.

When you go into your router menu and select 'Wireless Settings' which of the above options have been enabled?
Wordsmith
Grafter
Posts: 58
Registered: 30-07-2007

Wireless Router and laptop security

The only thing I haven't done is to use the restrict access option - everything else is in place including WEP.

My concern about restricting access to the laptop MAC address is that I'm then allowing a backdoor entry into my desktop via this 'unsecured computer-to-computer network'.

I don't fully understand why the LAN address on the laptop shows as 'disconnected' while I appear to be connected via the following on the laptop:
Wireless Network Connection 2 (Connected, Firewalled)
1394 Connection (Connected, Firewalled)
I am competent and reasonably comfortable with PCs but still learning!
N/A

Wireless Router and laptop security

By restricting access to the laptop MAC address you are ensuring that only your laptop can connect wirelessly to your router and no other. I am afraid I do not understand your comment with regard to 'backdoor entry'.

The LAN address on your laptop shows as disconnected as it does not have an ethernet cable connected to the network port. This would be normal for any computer connecting wirelessly.

WPA is much more secure than WEP and it would be worth changing if you are able to.

By not broadcasting your SSID your neighbours will not be able to 'see' your network. You will however still be able to 'see' any of your neighbours networks that have not switched off the broadcast.

I hope this helps in your understanding.
Community Veteran
Posts: 1,229
Thanks: 1
Registered: 30-07-2007

Wireless Router and laptop security

Using a hidden SSID is a bit of false security really -- netstumbler for instance will cheerfully find the "hidden" SSID of an active wireless AP.

As ruslyn77 says, use WPA/WPA2, and lock access to only the MACs of those machines which you want to permit to use your router. Even then bear in mind that someone who really really wants to hack you will be probably able to do so.
Wordsmith
Grafter
Posts: 58
Registered: 30-07-2007

Wireless Router and laptop security

Many thanks to both of you for all of that.
I have (again) restricted access to my laptop using the MAC address but I still don't understand why, when I view Available Wireless Networks, it shows my Network as an 'unsecured computer-to-computer Network' whereas my neighbours is shown as 'Secured' with a padlock.
Wordsmith
Grafter
Posts: 58
Registered: 30-07-2007

Wireless Router and laptop security

Should just mention that in the light of your comments, I'm going to have a stab at changing the security to WPA Smiley
N/A

Wireless Router and laptop security

Quote
I have (again) restricted access to my laptop using the MAC address but I still don't understand why, when I view Available Wireless Networks, it shows my Network as an 'unsecured computer-to-computer Network' whereas my neighbours is shown as 'Secured' with a padlock.


If it says computer-to-computer network then it looks like you've established a ad-hoc connection to another computer, and not to your router. Go to Start -> Run -> Type cmd -> Type ipconfig /all in the window that appears and post the results to verify this.

The fact that you can see your router config screens is a bit of a puzzle.

I suggest that you temporaily unhide your SSID for the router, get a copy of the WPA key and click on your router name on the Windows Zero Configuration Wireless Utility (or your wireless software). This should then prompt you to enter your WPA key. Copy and paste this into the prompt input box, click OK and you should be connected.
Wordsmith
Grafter
Posts: 58
Registered: 30-07-2007

Wireless Router and laptop security

Thank you very much for all of that lestones although I can't pretend to understand everything you've said!

Main thing is that it's suddenly become invisible as it should be while I've been online.

I'm still going to investigate WPA though.

Thanks everyone.
Helen
N/A

Wireless Router and laptop security

Steve gibson of www.grc.com fame (the dude who coined the phrase "spyware") has a series of audio podcasts that deal with security. A few are dedicated to securing your wireless network, really quite helpfull.

The ones that are relevant are

Open Wireless Access Points
Leo and I examine the security and privacy considerations of using non-encrypted (i.e. 'Open') wireless access points at home and in public locations. We discuss the various ways of protecting privacy when untrusted strangers can 'sniff' the data traffic flowing to and from your online PC.
http://media.grc.com/sn/SN-010.mp3

Bad WiFi Security (WEP and MAC address filtering)
Leo and I answer some questions arising from last week's episode, then plow into a detailed discussion of the lack of security value of MAC address filtering, the futility of disabling SSID's for security, and the extremely poor security offered by the first-generation WEP encryption system.
http://media.grc.com/sn/SN-011.mp3

Unbreakable WiFi Security
Leo and I follow-up on last week's discussion of the Sony Rootkit debacle with the distressing news of "phoning home" (spyware) behavior from the Sony DRM software, and the rootkit's exploitation by a new malicious backdoor Trojan. We then return to complete our discussion of WiFi security, demystifying the many confusing flavors of WPA encryption and presenting several critical MUST DO tips for WPA users.
http://media.grc.com/sn/SN-013.mp3

Public Key Cryptography
Having discussed symmetric (private) key ciphers during the last two weeks, this week Leo and I examine asymmetric key cryptography, commonly known as "Public Key Cryptography". We begin by examining the first public key cryptosystem, known as the Diffie-Hellman Key Exchange, invented in 1976. Then we describe the operation of general purpose public key cryptosystems such as the one invented by RSA.
http://media.grc.com/sn/SN-034.mp3

There's about 50 others relating to security in general, but the wireless ones are really good for a getting an idea of the things you need to do to become secure.

http://www.grc.com/securitynow.htm

Hope this helps. Oh don't forget to create a long strong WPA passphrase or you can have a completely random one created for you at https://www.grc.com/passwords.htm
Wordsmith
Grafter
Posts: 58
Registered: 30-07-2007

Wireless Router and laptop security

Thanks for all of that centy - lots of reading there Smiley I remember GRC from way back.

lestones - am I ok to post the ipconfig info on here? (I realise I may be becoming paranoid now!) Smiley

Many thanks
Community Veteran
Posts: 1,229
Thanks: 1
Registered: 30-07-2007

Wireless Router and laptop security

you could edit out your hostname and mac address before you hit "submit"
Wordsmith
Grafter
Posts: 58
Registered: 30-07-2007

Wireless Router and laptop security

I really don't understand what's going on with this.

When I log on to the laptop and view all available Networks, I can see my own network as an 'unsecured computer-to-computer network' as well as anyone else who's there at the time.
After a time, when I check again the message is 'no networks in range' even though I'm still logged on and connected.

lestones - this is what came up when I did as you asked but obviously my own address is actually there too.

Windows IP Configuration

Host Name . . . . . . . . . . . . : Helen2
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection #2
Physical Address. . . . . . . . . : xx-xx-xx-xx-xx-xx

Ethernet adapter Wireless Network Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/Wireless LAN 2100 3A Mini PCI Adapter #2
Physical Address. . . . . . . . . : xx-xx-xx-xx-xx-xx
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.0.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
Lease Obtained. . . . . . . . . . : 23 April 2007 07:46:33
Lease Expires . . . . . . . . . . : 26 April 2007 07:46:33


I will be taking steps to further secure my Network (if I'm able) but in the mean time, any suggestions as to what might be happening?
Many thanks if so.
Helen