My Wi-Fi got hacked.. How to improve Wi-Fi security?

Davepen

Davepen

Davepen

Associate
Joined
18 Feb 2009
Posts
1,880
Location
Midlands
Hello!

Yesterday I was getting very slow internet performance, so checked my router and it seems someone had added themselves to my access list!

I promptly removed them and changed the wep key and now all is fine.

But is there anything I can do to secure my wireless connection more?

It was on wpa which has now been changed to wpa2, and I have also made the key a lot more cryptic, but is there anything more that I can do to stop people hijacking it?

Other than not use wireless that is :)
 
WPA2 with AES and a decent key and then nobody is getting in, realistically. You can do things like turn off SSID broadcast and Mac filtering but it's not helpful, just added hassle for you.
 
Hide the SSID from broadcast and restrict access by MAC address.
Thats about as secure as its going to get realy.
 
Put a better password on your router as well... The only way to 'add' someone to an access list is if you have access to the admin interface.

As everyone else said, WPA2 with a decent random key. I'd also add MAC filtering (it's only a one-off task) and use static IP addresses, with everything else locked out completely.

If they still get in after that, I'd suggest using a long cable and disabling wireless :p
 
WPA2 + AES, then use a massive password..

mine is this..

abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqrstuvwxyz1

easy to remember, but impossible to guess :D
 
bledd. said:
WPA2 + AES, then use a massive password..

mine is this..

abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqrstuvwxyz1

easy to remember, but impossible to guess :D
Click to expand...

I did pretty much this but the password isn't that simple and contains symbols too :)
 
WEP sends the key with each packet/transmission so a good hacker just has to snag a good ammount of packets to guess it.

WPA is what everyone should be using as it takes far longer to hack. Hidding your SSID is another way but anyone can still see the network with certain programs.
 
bledd. said:
WPA2 + AES, then use a massive password..

mine is this..

abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqrstuvwxyz1

easy to remember, but impossible to guess :D
Click to expand...

If thats your password it's highly likely pointing a browser at your ip will show you router login page.. (if thats your router pass anywho :p )
 
Mac's can be spoofed so filtering won't work, if the cracker can get into WPA, then Mac spoofing is most likely trivial for them. As others have said, WPA2+AES and use wired for anything that has weaker security.

Also make sure you use your own password on the router so they can't lock you out or cause you any headaches.
 
It's all about layers to help maintain security. In order of importance:

1: WPA2/WPA AES with long random complex all character type key.
2: Mac filtering
3: Static IPs for only your known equipment with no spare IPs given by DHCP
4: Do not broadcast SSID

Really, 2, 3 and 4 do not matter to a hacker. It's all about 1 primarily.
 
Venares said:
Hide the SSID from broadcast and restrict access by MAC address.
Thats about as secure as its going to get realy.
Click to expand...
:confused:

Network scanner will pick up the network SSID in seconds. Spoofing a MAC address takes about as long. Job done.

Both of those are just a huge inconvenience to the legitimate users, and no real defence. I wouldn't bother using either.
 
You must log in or register to reply here.
Back
Top Bottom