#256037 - 01/30/13 10:19 PM
Re: Home Network Security
[Re: Eugene]
|
Geezer
Registered: 06/02/06
Posts: 5357
Loc: SOCAL
|
We switched to Ethernet and try to stay away from wireless.
_________________________
Better is the Enemy of Good Enough. Okay, what’s your point??
|
Top
|
|
|
|
#256054 - 01/31/13 03:33 PM
Re: Home Network Security
[Re: Am_Fear_Liath_Mor]
|
Enthusiast
Registered: 08/03/12
Posts: 264
Loc: Missouri
|
Russ, could you explain the difference between ethernet and wireless. Short words please, I'm 63 and not too knowledgeable of electronics.
|
Top
|
|
|
|
#256055 - 01/31/13 04:05 PM
Re: Home Network Security
[Re: Am_Fear_Liath_Mor]
|
Member
Registered: 03/29/12
Posts: 189
Loc: California
|
JPickett,
Ethernet is a wired local area network. Each device is connected to the network by a wire. The upside to this is that outsiders cannot connect to your wired network. The downside of this is that some devices such as smartphones and tablets cannot be connected since they only have wireless connection capabilities. It also limits where you can connect notebook computers.
|
Top
|
|
|
|
#256056 - 01/31/13 04:06 PM
Re: Home Network Security
[Re: JPickett]
|
Old Hand
Registered: 08/18/07
Posts: 831
Loc: Anne Arundel County, Maryland
|
Russ, could you explain the difference between ethernet and wireless. Short words please, I'm 63 and not too knowledgeable of electronics. I'll jump in with a quick answer---hope Russ doesn't mind. Ethernet runs on wire, usually a wire cable that looks something like a telephone cable, except that it has 8 wires when the telephone cable has (usually) 4. Wireless is simply using a 2 way radio, usually from a "router" back and forth to the computer. The data going back and forth over each of these systems is in different formats and speeds, but in the end you will see the same data on your computer. Because wireless is a radio, someone can intercept and decode the signals and see what you are doing. The radio signal in encrypted, but there are ways to break the codes, some easier than others. Ethernet, because it is a physical wire, can't be intercepted unless someone physically gets access to the wire. Now, the router is usually is attached to a modem. The modem is the box that hooks up (in a home setting) to the wire/cable that gets you to your internet provider. The purpose of the router is to provide the radio access to the internet through your home. If you only have 1 device (e.g. the computer) that needs internet access, typically you can cable the computer directly into the modem using the ethernet cable. At that point your done and secure. OTOH, if (like me) you have a couple of computers, smartphone, and a disk-player that want internet access, you probably want to use the router and have access all through your home without running cables all over the place. But you now run the risk of having the radio signals intercepted, decoded, and your information compromised. Hope this helps.
_________________________
"Better is the enemy of good enough."
|
Top
|
|
|
|
#256057 - 01/31/13 04:57 PM
Re: Home Network Security
[Re: Am_Fear_Liath_Mor]
|
Addict
Registered: 01/09/09
Posts: 631
Loc: Calgary, AB
|
Then again, for a password that I seldom have to use, like my router at home, I personally wouldn't have any problem with using one of those random, nonesensical passwords and putting it on a sticky on the bottom of it. Currently have, I think, 10 wireless devices to manage in my home (laptops, printer, smart phones, etc.) and occasionally have family or guests that would like to access it when they are over. Having a network password that is easy to remember is a definite advantage for me. The length, complexity and unguessability of a wireless key has a significant impact on the chances of an attack against WPA-PSK being successful. I guess my question is what the necessity for mixed case, numbers & letters, and special characters really is. For example, to a password cracking program, is correcthorsebatterystaple (the example from the xkcd comic) any more or less hard to guess than any other 25 character long string? A cracking program wouldn't know not to check for mixed case, etc, would it? My understanding of this approach to using long, but easy to remember, passwords (I've had other IT professionals recommend it as well) is that the length alone is what makes password cracking unlikely due to the sheer length of time needed to find the right combination of characters.
_________________________
Victory awaits him who has everything in order — luck, people call it. Defeat is certain for him who has neglected to take the necessary precautions in time; this is called bad luck. Roald Amundsen
|
Top
|
|
|
|
#256058 - 01/31/13 06:06 PM
Re: Home Network Security
[Re: JPickett]
|
Geezer
Registered: 06/02/06
Posts: 5357
Loc: SOCAL
|
JPickett -- Treeseeker & bws48 covered it. Since we do have multiple PC's, we use a D-Link splitter on the Ethernet connection to get multiple Ethernet connections into a single connection to the router. Works good.
Another advantage is that Ethernet has a higher download speed than the wireless connections I've seen.
The iPad and iPhone do use the wireless connection, but I don't do sensitive stuff on them.
_________________________
Better is the Enemy of Good Enough. Okay, what’s your point??
|
Top
|
|
|
|
#256059 - 01/31/13 06:26 PM
Re: Home Network Security
[Re: Am_Fear_Liath_Mor]
|
2
Enthusiast
Registered: 08/31/09
Posts: 201
Loc: Nebraska
|
Dennis, length is a very useful tool, as long as the system itself is secure. Problem with home wireless is that most of the security types on most routers are already cracked; If a real live hacker is trying to get in, they can.
Going back to original article, they had open wireless. That would be the equivalent of leaving your garage door and front door open all the time.
ANY security at least gives you a door. Better protocols improve the locks.
Also, security is important from the outside in- Having one PC hooked up directly to a modem does indeed, remove risk of wireless hacking.
It opens you up COMPLETELY to ONLINE hacking. Your computer is then a wide open target from the internet side. Even a cheap old router has a minimal effect as a firewall from the internet side. Again, internally, a modem to PC connect is a wide open door. a router closes the door, newer firmware in the router improves the locks.
Another simple, obvious step in security is to limit password ATTEMPTS. Set your PC with a good password, then make it time out after 3 attempts. You don't need a permanent shut down or lock out, just a 5 minute time out. Why? simple- all brute force attacks need to make many attempts. So if your 8 letter password would take ~100,000 tries to guess, but your PC will only let them try 3 times ever 5 minutes.... that is 115 days to try them all.
Not worth the time for a drive by attempt, move on to the neighbor with open wireless, or no router.....
Quick append- length is good. length plus more characters is better. there are 10 numbers- so using just numbers password complexity = length times 10. 8 digit give 99,999,999 combos there are are 26 letters, 36 letter plus numbers- same 8 digit is 36 to the 8th power (36*36*36*36*36*36*36*36)- with special characters you go from 36 characters to over 50 now (50*50*50*50*50*50*50*50)
Edited by LCranston (01/31/13 06:39 PM)
|
Top
|
|
|
|
#256060 - 01/31/13 06:49 PM
Re: Home Network Security
[Re: Denis]
|
Pooh-Bah
Registered: 09/15/05
Posts: 2485
Loc: California
|
My understanding of this approach to using long, but easy to remember, passwords (I've had other IT professionals recommend it as well) is that the length alone is what makes password cracking unlikely due to the sheer length of time needed to find the right combination of characters. I'm assuming that this was already an assumption of yours, but "long" really needs to be combined with some form of "random". Case in point, people may use a snippet of some famous quotation, e.g. "...four score and seven years ago...". Going by length, that's a decent amount of entropy for many situations, in theory, but not the best choice in practice. Password cracking routines can check for famous quotes, and if someone knows you're, say, a history or Civil War buff, then maybe that's something rather easily guessed. That's the strength of a system like Diceware--it takes the personal bias/preferences out of the equation. You end up with a string of words that don't necessarily have any connection to you at all or any other quote or popular phrase, making it much harder to make educated guesses. Gosh, what was I watching just the other night on TV, where some woman is trying to get access to the "witness protection" database, so she finds a US Marshal at a bar, flirts with him and chats him up for personal info about himself, and then gets into the database by figuring out that his password is his boyhood dog's name, Guiness. Actually, that's another fine point. That password in the TV show was guessed (by a person). The other way is to do it automatically with some password cracking software. Maybe it's semantics, but software doesn't "guess" passwords, it simply tries a whole bunch of them very, very quickly, usually in some systematic order.
|
Top
|
|
|
|
#256061 - 01/31/13 06:56 PM
Re: Home Network Security
[Re: Arney]
|
2
Enthusiast
Registered: 08/31/09
Posts: 201
Loc: Nebraska
|
|
Top
|
|
|
|
#256065 - 01/31/13 11:52 PM
Re: Home Network Security
[Re: Denis]
|
Sheriff
Carpal Tunnel
Registered: 12/03/09
Posts: 3842
Loc: USA
|
I guess my question is what the necessity for mixed case, numbers & letters, and special characters really is.
For example, to a password cracking program, is correcthorsebatterystaple (the example from the xkcd comic) any more or less hard to guess than any other 25 character long string? A cracking program wouldn't know not to check for mixed case, etc, would it?
My understanding of this approach to using long, but easy to remember, passwords (I've had other IT professionals recommend it as well) is that the length alone is what makes password cracking unlikely due to the sheer length of time needed to find the right combination of characters. With respect to XKCD (a highly admired source of information as well as humor) it's not just the keyspace that matters. A dictionary attack against a wireless key of that form would succeed within a day at the most on my work laptop. Add in numerals and special characters and you have to stop using a dictionary attack and work a brute force attack, which at that length of key would take an infeasibly long time to complete.
|
Top
|
|
|
|
|
|
|
|
|
|
1
|
2
|
3
|
4
|
5
|
6
|
7
|
8
|
9
|
10
|
11
|
12
|
13
|
14
|
15
|
16
|
17
|
18
|
19
|
20
|
21
|
22
|
23
|
24
|
25
|
26
|
27
|
28
|
29
|
30
|
|
0 registered (),
812
Guests and
14
Spiders online. |
Key:
Admin,
Global Mod,
Mod
|
|
|