How secure is my wireless network? Can I increase the security?

I use the WPA2 - Personal security mode with a pass phrase that uses random capitalization and numbers. I also have mac filtering enabled.

Is the network fairly secure? Are there other things I can do to make it more secure?

Yes, it’s more than secure enough IMO. The biggest weakness in it is probably people getting a hold of your key, such as friends you’ve given it to that decide to screw around or something like that.

With the key, could they get around the MAC filtering after I remove them from the client list?

If they have some knowledge and determination, yes. MAC filtering doesn’t really improve your security. Most of the tools for Wifi sniffing and hacking can break it easily.

Hide in plain sight.

If there are other wireless networks in your immediate area, and they are less secure (e.g., no security or WEP), you will have an additional security advantage.

There are two WEP. What is WEP, and why is its security weaker?

I guess I’ll point you to this, 'cos I can’t explain it any better:

http://www.networkworld.com/research/2002/0909wepprimer.html

as for your initial question, WPA2 is fairly secure, so if your passphrase is sufficiently long and has enough random characters (no dictionary words!) you’re probably fine. MAC filtering isn’t all that useful.

After looking at that link and a couple others, it looks like if someone really wants to break into wireless network, they probably can.

You might discourage casual cracking by naming your home network something like “FBI_Surveillance_Net”.
:wink:

And, in turn, naming your wireless network to a smartass “FBI_Surveillance_Net” or similar is an open challenge to real hackers to break into your network.

Just sayin’.

:smiley:

Don’t confuse WPA and WEP. WEP is the old, fundamentally flawed encryption method. WPA can be implemented with one of two protocols, TKIP (usually called WPA1) and CCMP (usually called AES, aka WPA2). WPA-TKIP has a weakness that allows an attacker to transmit data into the network without knowing the network key. There are no publicly known flaws that would allow the attacker to recover the network key without brute force, though. CCMP uses AES for the encryption algorithm and provides stronger integrity checking to prevent forged frames from entering the network.

With both WEP and WPA-TKIP, the flaws are not within the actual encryption algorithm, RC4. WEP and WPA-TKIP use CRC32 to verify the integrity of packets, a method that cannot detect intentional tampering.

might be seeing separate entries for 40-bit and 128-bit WEP.