Comments on: Pastor, secure thy router! http://www.tomsalzer.net/2009/02/pastor-secure-thy-router.html the digital diary of yet another carbon-based unit Mon, 22 Mar 2010 17:16:35 +0000 hourly 1 http://wordpress.org/?v=abc By: Tom http://www.tomsalzer.net/2009/02/pastor-secure-thy-router.html/comment-page-1#comment-94 Tom Wed, 11 Mar 2009 23:56:11 +0000 http://www.tomsalzer.net/?p=1379#comment-94 @Angie, I do limit access by MAC address, but this alone won't keep unauthorized folks out of your network. I think of it as one more lock on the door, but not a particularly strong lock. Why? Because in most implementations, MAC addresses are passed in the clear, i.e., not encrypted. That means they can be harvested and then used to impersonate an authorized node on your network. Note that I use WPA encryption *and* MAC address filtering. Multiple layers are better than a single layer. @Angie, I do limit access by MAC address, but this alone won’t keep unauthorized folks out of your network. I think of it as one more lock on the door, but not a particularly strong lock. Why? Because in most implementations, MAC addresses are passed in the clear, i.e., not encrypted. That means they can be harvested and then used to impersonate an authorized node on your network. Note that I use WPA encryption *and* MAC address filtering. Multiple layers are better than a single layer.

]]> By: Angie http://www.tomsalzer.net/2009/02/pastor-secure-thy-router.html/comment-page-1#comment-93 Angie Wed, 11 Mar 2009 21:57:35 +0000 http://www.tomsalzer.net/?p=1379#comment-93 Tom, What do you think of using a MAC address list to deny any station access but the ones you own? Do you feel this is more or less secure than using WPA encryption keys? Tom,

What do you think of using a MAC address list to deny any station access but the ones you own? Do you feel this is more or less secure than using WPA encryption keys?

]]> By: Tom http://www.tomsalzer.net/2009/02/pastor-secure-thy-router.html/comment-page-1#comment-73 Tom Mon, 09 Feb 2009 08:00:03 +0000 http://www.tomsalzer.net/?p=1379#comment-73 @Sandy, it's not the wireless nature of the connection that creates vulnerabilities, it is the lack of configuration and active management of the device. Transactions over wired connections can also be intercepted. Don't let my article scare you away from setting up a wireless connection at home, but do take some time to configure it, enable the firewall in the router, use a strong password/passphrase, and use WPA (preferably WPA2) to secure the wireless connection. @Sandy, it’s not the wireless nature of the connection that creates vulnerabilities, it is the lack of configuration and active management of the device. Transactions over wired connections can also be intercepted. Don’t let my article scare you away from setting up a wireless connection at home, but do take some time to configure it, enable the firewall in the router, use a strong password/passphrase, and use WPA (preferably WPA2) to secure the wireless connection.

]]> By: Sandy http://www.tomsalzer.net/2009/02/pastor-secure-thy-router.html/comment-page-1#comment-72 Sandy Mon, 09 Feb 2009 06:18:45 +0000 http://www.tomsalzer.net/?p=1379#comment-72 Timely post. Been thinking of hooking up a wireless network but I've been worried about security. Especially since we know there is at least one unsecured network nearby, and can see how easy it is to hop aboard. Timely post. Been thinking of hooking up a wireless network but I’ve been worried about security. Especially since we know there is at least one unsecured network nearby, and can see how easy it is to hop aboard.

]]>