Yes
Yes
WEP, because I always have at least one roommate whose wireless card is unable to do anything actually worthwhile.
Haven’t bothered.
Edit: I did change the admin password.
Have you changed the default SSID?
A: Yes
B: No
C: The what?
A. Yes
Is your SSID broadcast or not?
A: Yes
B: No
A. Yes
What level of encryption are you using?
A: None
B: WEP
C: WPA
D: WPA2
This isn’t encryption, it’s authentication. I’m using WPA2. For encryption I use AES128.
Have you done anything else to secure it?
I don’t use DHCP for my wireless network, only static addresses. Firewall policies determine what IP addresses can do what.
So in order to get into my network, you need to know authentication, encryption, and my crazy-ass IP addressing scheme (I use public IP addresses internally).
**Have you changed the default SSID? **
Yes
Is your SSID broadcast or not?
Yes
What level of encryption are you using?
None.
Have you done anything else to secure it?
I use MAC address filtering, and I only allow a range of two IP addresses to access the network (desktop and laptop).
And the best security measure I have? My neighbor runs his network wide open.
Yes
Yes
WPA2
restricted access to only the MACs of my equipment (which I realize means little since MACs are trivially spoofed
Have you changed the default SSID?
A: Yes
Is your SSID broadcast or not?
A: Yes
What level of encryption are you using?
D: WPA2
Have you done anything else to secure it?
Not so far. I suppose I’ll enable MAC filtering at some point.
There is a fairly strong, completely-unsecured signal, not too far from here (shows up with 67% signal strength right now), so I’m thinking that any wardrivers will hit that first.
Have you changed the default SSID?
Yep.
**
Is your SSID broadcast or not?**
Yeah.
What level of encryption are you using?
WPA
Have you done anything else to secure it?
Yep, I named my SSID “FBI Wireless Tap”, hoping the name will scare possible hackers away.
Plus I’m a 1 computer house… just my little 'ole MacBook that’s only on when I’m using it, so I don’t worry too much about them hacking into my computer and messing stuff up. If they can figure out my WPA password and surf the internet, I don’t mind as long as they’re not getting child porn or something.
I was helping one of my wife’s friends with her network, and when I checked all the networks in range, one of them was called something like “Dirty Dirty Horse Porn Server”. Thought that was pretty funny.
**Have you changed the default SSID? **
A: Yes
Is your SSID broadcast or not?
B: No
What level of encryption are you using?
D: WPA2
Have you done anything else to secure it?
I am also using a non-standard IP range.
Have you changed the default SSID?
Yes
Is your SSID broadcast or not?
No
What level of encryption are you using?
WEP (old router)
Have you done anything else to secure it?
Restricted access by MAC address.
Have you changed the default SSID?
A: Yes
Is your SSID broadcast or not?
A: Yes
What level of encryption are you using?
C: WEP
Have you done anything else to secure it?
Changed the internal network from 192.168.1.xxx to 192.168.<somethingelse>.xxx
**Have you changed the default SSID? **
A: Yes
Is your SSID broadcast or not?
A: Yes
What level of encryption are you using?
A: None
If “none” why?
A: Don’t think it’s needed
Have you done anything else to secure it?
I did change the admin password on the router.
Like Projammer, I’m in a pretty wide open area. It’s about 200 ft from my house to the road, and there’s wetlands behind me. One side is an empty house, and the other is a single mother with 2 kids age 4 and 6. So I don’t really worry about it. I do have a NAS that has folders that are encrypted with the few personal things we have on the network, and I do occasionally scan for any devices that are hooked up to my network. But that’s about it. I’m in a pretty rural area…I got more questions about what all that cable did when I wired our house with CAT 5 that I’m not worried at all about any of my neighbors using my connection.
I seem to be in the minority here…
**Have you changed the default SSID? **
B: No
Is your SSID broadcast or not?
A: Yes
What level of encryption are you using?
A: None
If “none” why?
C: I want to provide the connection freely so anyone can use it
Have you done anything else to secure it?
I’ve changed the router password, and set it to accept admin logins from only wired connections. I’ve closed some of its ports that are open by default. I also have only a few parts of my hard drives set to shared, but I don’t know how relevant that is.
I don’t do much on-line file-sharing anymore, but if there was something that I did decide to download, and I got caught, I’d like to have the plausible deniability of having a teenage neighbor and a trailer park within wifi range and able to use my I.P.
I think home networks shouldn’t even be wireless to begin with. Seems like wireless security flaws appear faster than I have to change ISP’s, which is too often. And I know too many hacker types who drive around with laptops looking for vulnerabilities. These are people who think people who leave a network vulnerable are asking for trouble, even though they don’t wander around in other people’s yards turning their patio furniture over and leaving their gas grills on.
My network is all hardwired, and I have a router doing NAT and running a firewall between my main switch and the cable modem. Plus, all my PCs run virus and malware programs, and my fileservers are non-Windows based. And I don’t even think that’s very safe, but it’s about how much effort I feel like investing. It’s all shifting sand, anyway.
Have you changed the default SSID?
Yes.
Is your SSID broadcast or not?
No.
What level of encryption are you using?
WPA-PSK
Have you done anything else to secure it?
Updated router firmware version. Reasonably strong admin password and (different) PSK password. Laptop is patched, updated regularly, and running a mix of firewall and anti-spyware software. I tried running an intrusion detection system as well but the performance impact was irritating. Given the lack of sensitive information on my laptop I don’t believe that it warrants anything else.
Yes.
No.
WPA2
No. I haven’t changed the default IP’s or anything. I figure the WPA2 with AES encryption is sufficient, and both my router and network passwords are very strong.
Changed the default SSID, not broadcasting, using WEP and MAC filtering, and I disabled DHCP, changed the subnet to something other that 192.168.(0|1).0/24, and changed the internal address of the router to something other than .1.
I’m not doing WPA because I can’t be arsed to figure out wpa-supplicant on my Linux box. Anybody know of a good network manager for XFCE/Gnome that doesn’t require running in a panel? I don’t like panels, and I’d prefer to automagically manage all that stuff with a standalone app. I’m currently running a script that rewrites my config file when I change networks.
**Have you changed the default SSID? **
Yes, because the default SSID identified the make and model of the router, which might provide an advantage to a cracker with knowledge of device-specific vulnerabilities
Is your SSID broadcast or not?
it’s broadcast, because there’s no significant benefit in hiding it - anyone with the wherewithal to attempt to crack the encryption (as I understand it, the sun will go cold before they succeed) will also have the ability to listen passively to packets and deduce the SSID anyway. Whereas anyone who sees the SSID and tries to casually leech bandwidth will also be shut out by the encryption and will just give up.
What level of encryption are you using?
WPA2
Have you done anything else to secure it?
No. I did MAC filtering for a while, but I understand that’s as pointless as hiding the SSID. I have a long, strong WPA passphrase though.
Have you changed the default SSID?
A: Yes
Is your SSID broadcast or not?
A: Yes
What level of encryption are you using?
C: WPA
Have you done anything else to secure it?
Changed router password.
Oh, yes, I did change the default router password and username and disabled wireless admininstration - so it has to be plugged in to be configured.
Changed the default SSID, broadcast it, and on WEP security.
Basically, picked the best security I could in line with convenience and compatibility for mobile devices.
ETA: Oh, and I’m pretty sure that I’ve also utilized the DHCP option on the router of ‘only issue IP addresses to the following MAC adapters.’