Comments on: How To Secure Your D-Link Wireless Router

By: UmmYea...

UmmYea... — Tue, 10 Nov 2009 16:55:27 +0000

Anyone that potentially that could break into network would know how to get your ssid and mac address. The “security” those things provide is not worth configuring. Turning your router off at night will not prevent someone from “hacking” your router during the day. Only 1 WPA-handshake is required to begin a dictionary attack. Once the handshake has been acquired, it can be cracked offline(meaning no access to the access point is required). WPA2-AES is the most secure option for home use. Adding a radius server would be even more secure. Turning off your router, MAC Filtering, and hidding your ssid are useless. People that think these do anything are fooling themselves and obviously have never done any pen-testing themselves.

By: Bolomkxxviii

Bolomkxxviii — Tue, 10 Nov 2009 16:26:33 +0000

Relying on any one method is not wise. MAC filtering, turning off the SSID and using the strongest encryption possible should all be done. Anothe method I use that has not been discussed is the use of an appliance timer. If your router is not powered while you are asleep or at work it is impossible to hack.

By: Ken

Ken — Tue, 10 Nov 2009 13:52:17 +0000

True, but MAC address filtering in addition to the measures described in the article just adds another layer of deterrence. Each layer of security that a hacker needs to go through to gain access just makes your network a little less appealing and might deter them to move on to a less secure one.

In the world of security, there is no such thing as hack-proof. The goal is to be just secure enough so that you are more secure than the rest in your area.

By: UmmYea...

UmmYea... — Tue, 10 Nov 2009 11:13:07 +0000

Hiding the SSID is useless as is MACs Filtering. Airodump-ng can detect your machines that are associated with your AP and shortly decipher your ssid. MACs Filtering is easily bypassed because with Airodump-ng you can see the MACs associated with your access point. Security through obscurity does not work! The author is wise to use WPA2-AES as WPA-TKIP and WPA2-TKIP are vulnerable and have been cracked in under a minute. It is only a matter of time before tools are released targeting this exploit. See here: http://arstechnica.com/tech-policy/news/2009/08/one-minute-wifi-crack-puts-further-pressure-on-wpa.ars

By: Sam

Sam — Tue, 10 Nov 2009 09:04:33 +0000

Mac Address filtering is not secure too. Hacker could change his MAC Address and then get in.

By: Les

Les — Mon, 09 Nov 2009 17:20:20 +0000

I use MAC Address filtering on my router too. Never had an unauthorized user on my network.

By: vcarazo

vcarazo — Mon, 09 Nov 2009 17:02:08 +0000

I protect my router with a list of granted MAC addresses.

I know my MAC and my wife’s MAC address so these are just the ones granted to connect with router.