Author Topic: Wireless Network Security - Looking for instruction  (Read 2525 times)

Offline Deanpaul

  • Jedi Apprentice
  • *
  • Posts: 1123
  • open for interpretation
    • View Profile
Wireless Network Security - Looking for instruction
« on: February 27, 2005, 10:43 AM »
I've got a Linksys wireless router that let's me connect two laptops to the internet and other computers in our home.

I never set it up securely in the install, because when I tried to add MAC (not Macintosh, just the web MAC acronym) addresses I had trouble accessing the network, so I just yanked the security settings.

Over the last week, I've noticed someone (a neighbor, no doubt) has been accessing our wifi. I can tell when they're on, because the Windows networking options come up in my network browser. Typically, I only see those when visiting a client who has that type of network.

So I'd like to lock this baby down and kick them the hell out.

I want to add my two MAC addresses in, but I'm not sure how to find them. I'd also like authorized "guests" to be able to use the network (probably by WEP) with a password.

I did a google search, and I looked through the Linksys site, and a few other forums I visit - but couldn't find a clear set of instructions. Does anyone here know of a resource online that explains this set up well, step by step, preferably with screen caps of the interface window?

Just had to shop this around here. Thanks in advance and stuff. Help me Obi-Wan Kenobi. You're my only hope.
"Regime change, like charity, begins at home." - Ira Glass, This American Life

Online Chris

  • Founder
  • Administrator
  • Jedi Knight
  • *
  • Posts: 4652
    • View Profile
    • JediDefender.com
Re: Wireless Network Security - Looking for instruction
« Reply #1 on: February 27, 2005, 01:34 PM »
Alrighty.

I'd love to help, but first are we trying to find the MAC addys on Windows or "MAC" computers?

Also, if you use MAC address filtering, you will have to input the MAC of your authorized guests as well, WEP or no WEP.

I prefer using MAC filtering because I have personally cracked WEP keys and find that if someone wants in, they will get in. With MAC addy filtering things become a bit harder to take care of.

Offline Deanpaul

  • Jedi Apprentice
  • *
  • Posts: 1123
  • open for interpretation
    • View Profile
Re: Wireless Network Security - Looking for instruction
« Reply #2 on: February 27, 2005, 02:01 PM »
Thanks, Chris. I was hoping someone here would know about thios stuff. Interesting to hear that WEP isn't all that secure. Not surprising, I suppose.

Yeah, I'm on Macintosh here. I'm looking for the MAC addy on 2 Apple Powerbooks and an "Airport Express" that acts as a network extender and allows us to stream iTunes music to our stereo. I'm sure I can poke around the Apple site to find these numbers, and I've also noted them in the wifi set up seen below. I just need to figure out which 3 of the 4 sets shown are me, and which is the "intruder".

Here's what I'm looking at on a Linksys BEFW11S4, V.2, these are my settings in the set up panel:











I don't mind having to set up a password for my wife and I to use - I've been in office environments with those and remember that once the pass was set it would automatically log in - so that's not too big of a hassle.
"Regime change, like charity, begins at home." - Ira Glass, This American Life

Online Chris

  • Founder
  • Administrator
  • Jedi Knight
  • *
  • Posts: 4652
    • View Profile
    • JediDefender.com
Re: Wireless Network Security - Looking for instruction
« Reply #3 on: February 27, 2005, 05:54 PM »
The media access point should have the MAC printed on it somewhere.

Follow this to find the MAC addys on your machines...

(Pre-OSX)
Click the Apple Menu.
Click on "Control Panels" to open your control panels folder.
Open the "TCP/IP" control panel
Go to the Edit Menu
Click on User Mode
Change the mode to "Advanced" and click "OK".
Click on the "Info" button
The Hardware address is your MAC address

(OSX)
From the dock, select "System Preferences".
Select the "Network" Pane
With the TCP/IP tab selected, the number next to Ethernet Address is you MAC address

Offline Deanpaul

  • Jedi Apprentice
  • *
  • Posts: 1123
  • open for interpretation
    • View Profile
Re: Wireless Network Security - Looking for instruction
« Reply #4 on: February 27, 2005, 11:37 PM »
Awesome Chris, thanks.

Here's where I'm at so far - I may have even solved it.

I figured out which of the MAC addresses were in my home using the process you outlined - thanks. I found it in network ---> airport. Duh on me - one of those things I haven't had to find since switching to OSX 3 years ago...

So I set the "station MAC filter" in this window below to "enable" - and then entered in the offending MAC address from the neighbor's computer and checked the box beside it. Put in my MAC addresses with no check beside them.



Now instead of a grey box like shown in my post above in the active MAC pop up, all my authorized machines show a green highlight, like shown here. When I experimented with removing one of my addys, it showed the MAC address with a red highlight, and my machine couldn't access the wireless. In fact a nasty message stating that the network was locked, and that I should contact the administrator poped up. Sweet.

So, is that it? Are they locked out now? What about war drivers or other MAC address not entered into my filtered list?
« Last Edit: February 27, 2005, 11:41 PM by Deanpaul »
"Regime change, like charity, begins at home." - Ira Glass, This American Life

Online Chris

  • Founder
  • Administrator
  • Jedi Knight
  • *
  • Posts: 4652
    • View Profile
    • JediDefender.com
Re: Wireless Network Security - Looking for instruction
« Reply #5 on: February 27, 2005, 11:45 PM »
Well, if you want to add another layer of security, apply a WEP key as well. That's what I do. My access point allows for me to allow only certain MAC addresses, and block all not listed. Perhaps you have that feature too?

Offline Deanpaul

  • Jedi Apprentice
  • *
  • Posts: 1123
  • open for interpretation
    • View Profile
Re: Wireless Network Security - Looking for instruction
« Reply #6 on: February 27, 2005, 11:59 PM »
I think that's what I accomplished - I blocked all MAC addreses not listed. When I take my laptop out of the list, it shows red. When it's in the list, but checked, it's yellow (and I can't connect), when it's in the list and not checked it is green.

I tried a WEP earlier today - still can't figure that out. I selected the "enable" radio button as seen in my second post, first picture. I tried both 64 and 128 bit, entered the password and saw it conver to numbers - took a screen grab and moved to the laptop.

There, I tried to access the linksys for network and was given a prompt for a WEP password. I tried my uncoded password as well as enterg the "coded" versions, but was told something to the effect of "having trouble connecting to the Linksys".

Any idea of where to "authorize" which computers can use WEP based on the screen grabs I uploaded? That "Private MAC Filter" in post two, image two is still a mystery. I used the station MAC setting to get started.

Good news is that my MAC stumbler shows improved signal strength now that my freeloading PHD student neighbors are out of my active table. I went from 28-32 to 42-46!
"Regime change, like charity, begins at home." - Ira Glass, This American Life

Online Chris

  • Founder
  • Administrator
  • Jedi Knight
  • *
  • Posts: 4652
    • View Profile
    • JediDefender.com
Re: Wireless Network Security - Looking for instruction
« Reply #7 on: February 28, 2005, 12:05 AM »
Well, there should be somewhere in each of your computers wireless configurations that have you input the WEP key, at least that is how Windows works. If you have the WEP key, you are authorized, if you don't, you're not. It appears as if your MAC filtering is all set and working properly. Perhaps you typed the WEP key in wrong, it has happened to me before being that they are 128 bit HEX characters. Other than that, I'd have to make a house call.

Offline JoshEEE

  • Jedi Apprentice
  • *
  • Posts: 1094
    • View Profile
    • My Star Wars collection
Re: Wireless Network Security - Looking for instruction
« Reply #8 on: February 28, 2005, 04:29 PM »
My guess is you are entering the WEP key wrong.   Or not wrong, but you're just trying to do it with an Apple computer, so you have to enter the spaces (which you wouldn't on a PC).

If your WEP code is 123456zacb for example, it's probably 64 bit Hex....so enter it in your Mac as:

12 34 56 za cb  WITH the spaces, and you should be fine.
Got Clones?

Offline Deanpaul

  • Jedi Apprentice
  • *
  • Posts: 1123
  • open for interpretation
    • View Profile
Re: Wireless Network Security - Looking for instruction
« Reply #9 on: February 28, 2005, 06:44 PM »
Great info guys!

Josh, I'm on a Macintosh and had no idea about entering spaces. I'm pretty certain that is what I was missing, I'll try again tonight.

When I entered the password, say "airport", it provided three or four sets of coded numbers. Does each wireless device need it's own unique number? or can I use one number across all three devices?

When I was trying this yesterday I usually got a screen asking for just the WEP # when trying to log on with it enabled. Once, I got a screen asking for username and WEP password - which is usually what I see in office environments I visit. I need to poke around those options more tonight.

I'll also have to check the AirportExpress we have to see where to enter the WEP pass for it - probably in the Airport Admin utility, just have not noticed it there. The Powerbooks will ask for it automatically when I try to join the network with WEP enabled.

Seriously now, am I the only one here with an open network? If I am, I am really surprised!
"Regime change, like charity, begins at home." - Ira Glass, This American Life

Offline Deanpaul

  • Jedi Apprentice
  • *
  • Posts: 1123
  • open for interpretation
    • View Profile
Re: Wireless Network Security - Looking for instruction
« Reply #10 on: March 1, 2005, 02:18 AM »
Didn't have a chance to mess around with the WEP tonight, but I did find this interesting... Looks like Macintosh does need special WEP encryption.
"Regime change, like charity, begins at home." - Ira Glass, This American Life

Offline JoshEEE

  • Jedi Apprentice
  • *
  • Posts: 1094
    • View Profile
    • My Star Wars collection
Re: Wireless Network Security - Looking for instruction
« Reply #11 on: March 1, 2005, 01:38 PM »
Quote
Josh, I'm on a Macintosh and had no idea about entering spaces. I'm pretty certain that is what I was missing, I'll try again tonight.

Yeah, I only know this because my friend comes over to my house with her little iBook all the time, and the first time we had a little trouble getting her authenticated on my network.

Quote
Seriously now, am I the only one here with an open network? If I am, I am really surprised!

I had an open network the first time I had a wireless router. But that was back when the technology cost 6 or 7 times what it does now and I knew no one else had the cards.   These days, you can pick up cards for less than 30 bucks and routers for 50.  As far as I can tell, we're the youngest people in my neighborhood, but my wireless cards pick up 3 different networks (only one secure one).

I use WEP, but I also don't leave my computers on anymore either. I have them on when I'm using them and the rest of the time, they are off.  I think leaving things on all day long is sort of asking for trouble in this day and age.
Got Clones?