Protect Your Computer At WiFi (Wireless) Hotspots

August 22, 2008

When you use a Wireless Hotspot, you have more to worry about than viruses. Hackers are notoriously known for “sniffing” wireless “traffic” going through the air, searching for logins and passwords and such.

As Leo Laporte has pointed out, you need to follow safe computing practices. These include not running as an Administrator unless you absolutely need to. Also, download and install updates as soon as they are released via Windows Update.

Some hotspots use WPA encryption to help secure and protect users, though places like Starbucks don’t. Either way, you should run an antivirus, firewall, and antispyware products, if for no other reason than to protect your computer.

As Leo points out, “have the attitude that someone is watching you and only do stuff you don’t mind being watched doing. Use encrypted email. Use SSL email (https://gmail.com). Or, just don’t check it. But the best way is to work through a VPN. Hotspot VPN is a good one. $10 a month.”

Advertisements

WEP, WPA, and WPA2

July 2, 2008

According to Webopedia.com,

WEP

Short for Wired Equivalent Privacy, a security protocol for wireless local area networks (WLANs) defined in the 802.11b standard. WEP is designed to provide the same level of security as that of a wired LAN. LANs are inherently more secure than WLANs because LANs are somewhat protected by the physicalities of their structure, having some or all part of the network inside a building that can be protected from unauthorized access. WLANs, which are over radio waves, do not have the same physical structure and therefore are more vulnerable to tampering. WEP aims to provide security by encrypting data over radio waves so that it is protected as it is transmitted from one end point to another. However, it has been found that WEP is not as secure as once believed. WEP is used at the two lowest layers of the OSI model – the data link and physical layers; it therefore does not offer end-to-end security.

The problem with WEP is that it’s wireless security has been cracked, and it is well documented on how to break it. It’s ok if you don’t have nosy neighbours, but one never knows

WPA

Short for Wi-Fi Protected Access, a Wi-Fi standard that was designed to improve upon the security features of WEP. The technology is designed to work with existing Wi-Fi products that have been enabled with WEP (i.e., as a software upgrade to existing hardware), but the technology includes two improvements over WEP:

  • Improved data encryption through the temporal key integrity protocol (TKIP). TKIP scrambles the keys using a hashing algorithm and, by adding an integrity-checking feature, ensures that the keys haven’t been tampered with.
  • User authentication, which is generally missing in WEP, through the extensible authentication protocol (EAP). WEP regulates access to a wireless network based on a computer’s hardware-specific MAC address, which isrelatively simple to be sniffed out and stolen. EAP is built on a more secure public-key encryption system to ensure that only authorized network users can access the network.

It should be noted that WPA is an interim standard that will be replaced with the IEEE’s 802.11i standard upon its completion.

WPA2

Short for Wi-Fi Protected Access 2, the follow on security method to WPA for wireless networks that provides stronger data protection and network access control. It provides enterprise and consumer Wi-Fi users with a high level of assurance that only authorized users can access their wireless networks. Based on the IEEE 802.11i standard, WPA2 provides government grade security by implementing the National Institute of Standards and Technology (NIST) FIPS 140-2 compliant AES encryption algorithm and 802.1x-based authentication.  [Adapted from Wi-Fi.org]

There are two versions of WPA2: WPA2-Personal, and WPA2-Enterprise. WPA2-Personal protects unauthorized network access by utilizing a set-up password. WPA2-Enterprise verifies network users through a server. WPA2 is backward compatible with WPA.


How to Boost a Router Signal

May 12, 2008
  1. Check for interference
    • Replace devices in your home that can interfere with network traffic on the 2.4GHz frequency range. These devices include many cordless phones, microwave ovens, and the like.
    • Check your signal strength with these devices on and off to determine if they are the cause of your signal problems.
    • Buy a wireless network analyzer to track down the source of interference.
  2. Change your signal channel
    • Routers can broadcast on a series of channels, between one and eleven. Change to a channel that will allow your router a clear signal between other wireless networks.
    • Use a software utility to analyze which networks are using which channel.
    • Configure your system for an unused channel.
  3. Reposition your Router.
    • Raise the router up as far as possible to increase the effective broadcast range.
    • Move the router away from any metal including metal shelving, filing cabinets and similar common objects.
    • Move the router closer to the receivers, if possible.
  4. Raise your transmit power.
    • Check your router’s documentation and configuration utility for the ability to change the Xmit power of your router: the amount of power it uses to transmit the signal. generally you can boost this number by up to 50mW, however you do risk overheating or damaging your router.
  5. Replace the Antenna.
    • Unscrew and replace the broadcast antenna on your router with a model that delivers more power. Not all routers allow for new antenna to be attached, but many do.
  6. Install a Repeater.
    • Purchase a repeater. A repeater is a piece of hardware that acts like a wireless network expander. The repeater takes the signal from your router and boosts it to increase the range.
    • Wireless repeaters are increasingly common and affordable and will probably be available in your local computer store, or on the Internet.
  7. Install a Wireless Amplifier
    • Purchase and attach a wireless amplifier, also known as a booster, directly to your router. A booster can be more affordable than a repeater as they only increase the strength of your existing signal, rather than the strength and range.

source: http://www.wikihow.com/Boost-a-Router-Signal


Securing Your Wireless (Wifi) Network

August 23, 2007

-Interference is a big issue as well (metal in the walls – signal will bounce right off it) 
-You can get a wireless repeater(s) to increase signal strength 
-buy hardware that uses WDS [WDS may also be referred to as repeater mode because it appears to bridge and accept wireless clients at the same time]
-Need to find a repeater compatible with your router [same brand name, uses same wifi standards]
-For maximum network compatibility, use all of the same brand-name products
-If it’s a wireless router, turn on WPA encryption [improved data encryption and user authentication]
-Hide your broadcast ID or MAC address filtering [identifies your specific computer, network card, or network’s internet address]
-Turn off Universal Plug and Play (UPnP) [allows software to change router settings without user interaction]
-Change the default name of the router [in router settings]
-change default router password [something not easily guessed or in the dictionary]

-Turn off WAN administration [refer to user manual]

-access your wired or wirless router by typing 192.168.0.1 or 192.168.1.1 in your internet browser

more info: http://www.wirelessnetworkproducts.com/index.asp?PageAction=Custom&ID=21

partial source: techguylabs.com


Securing Wi-Fi

March 3, 2007

One thing that’s worth remembering is that if you’re doing the setup for your wireless router’s encryption settings FROM a wireless computer, the moment you apply the new settings, you’ll lose your connection to the router — essentially your router will be encrypting the connection, but your wireless computer is still running unencrypted.

If this is the case, you can go to your network connection settings (usually there’s a small icon in the System Tray on the lower-right-hand corner of your screen that shows the status of your network connection, but if you don’t see it there you can get to the networking component by going to the Start Menu and selecting the Control Panel). From there, disconnect your current connection if necessary by right-clicking and selecting the disconnect option. There should also be a “View Available Networks” option — select that, and look for your network in the list.

When you try connecting to it, it should ask you for your new WEP password. Once you enter it in and hit enter, you should get your connection back.
Make absolutely sure that you write down your password and copy it exactly. If you’re entering a Hexadecimal key manually, remember that you can only choose 0–9 and A- F. And remember if you’re choosing the passphrase option, you have to type the phrase exactly the same on both machines, including capitalization and punctuation. And lastly, make sure the number of bits is set to the same number on both sides (most give you the choice between 64 bit and 128 bit keys).

One last note: If you’re choosing WPA on the router, you MUST have a computer/notebook that also has WPA onboard (some older machines don’t), otherwise there will be no connection made. In this case, you should step down to WEP on both sides of the equation…it’s less secure than WPA (which we recommend) but it’s better than nothing at all.

source: callforhelptv.com


How To Extend The Range Of A Wi-Fi Enabled Laptop

September 9, 2006

The best way to do this is to extend the range of the access point. There are two ways to do this: passive and active. You can add a passive antenna to the WAP but the better solution is WDS. With compatible equipment you can add a second WAP and double your range.

Regarding the Issue of WiFi PC cards and external antenna ports. Very few do because of FCC certification of their built-in antenna. I’ve been pursuing this issue for more than two years, because even my hand(s) on the keyboard actually attenuate (reduce) the signal strength the PC Card gets. Yes, the Lucent-Orinoco/(now) Proxim cards have a port as do SMC cards. However, D-Link, LinkSys and others at trade shows refuse to address the issue of external antenna connectors.

The problem for vendors is that they get FCC certification without external connectors and antennas and many of them are reluctant to risk trouble with the FCC about interference, even though WiFi operates in “Part 15? of the unregulated-regulated spectrum. I have found that my new Toshiba notebook with built-in Centrino 802.11b, has no noticeable interference from my hands on the keyboard as is STILL the case with my older Toshiba with an external Lucent-Orinoco card. I have an external, ca. 6? magnetic antenna for that card for use in my van. That makes a HUGE difference in finding and connecting to public WiFi signals. In a coffee shop this is not much of an issue, but if one tries to use a laptop computer in their vehicle, the antenna integrated into the PCMCIA card is usually below the level of the metal body, which SIGNIFICANTLY reduces or eliminates any WiFi signal. If the laptop/notebook is on the dashboard of the vehicle, you will usually see a significant increase in signal strength. The answer is simply to use PC Cards which support an external antenna that you can magnetically stick to the roof of your vehicle. If you would like a card that has a port for an antenna check this link: http://www.netnimble.net/netnimblestore/ and buy the add on antenna. If you use this card you will need to disable your on board Wi-Fi card.


Is Wi-Fi fast enough for streaming video

September 7, 2006

It’s not ideal – even 802.11g can suffer from stuttering and dropout if you’re sending a video signal. 802.11a works better, mostly because it is on a less trafficked frequency, but wired is best.