How secure is my home PC setup?

Status
Not open for further replies.
wavinwayne

wavinwayne

Joined
Jan 6, 2005
Messages
8,220
Location
North Alabama
A question about the security of my home PC and network, but first, here is my setup:

1) PC running Vista, with Vista firewall ON.
2) Cable Modem
3) Belkin G Router, wired connection to PC
4) Router security set to WEP, since (for some screwy reason), 2nd generation iPod touches will not connect to non-Apple modems with WPA security.
5) iPod touch, connecting to internet via above mentioned Wifi setup
6) Nintendo Wii, connecting to internet via above mentioned Wifi setup

So, I understand WEP has been compromised for a long time, and WPA is the way to go. But, my iPod touch can't connect with WPA enabled. So I am forced to use WEP.

What exactly am I risking with my setup the way it is? It is simply a matter of a determined hacker being able to latch on to my Wifi signal, or is the information on my PC and/or iPod touch at risk of being hacked?
 
You're at a slightly higher risk because you're using older encryption (WEP vs WPA). If they're able to hack into and attach to your network, they will then be able to hack into your PC.

To have a fairly secure WIFI network do these 3 items (2 more than you're currently doing).

1. Use an encryption password (done)
2. Use a MAC address access list
3. Turn SSID broadcast off


If you do this you will be less vulnerable but not impenetrable. The way I look at it is if you're running this setup and your neighbors are not, then they will be an easier target than you are. That doesn't mean you won't be hacked.
 
Originally Posted By: wavinwayne

4) Router security set to WEP, since (for some screwy reason), 2nd generation iPod touches will not connect to non-Apple modems with WPA security.


This must be a problem with your router itself or the setup. My son has a 2nd gen iPod Touch and he connects to the internet using WPA2 on my Netgear router. The iPod shouldn't be a problem.

In my experience WPA gives better performance on new routers, but security depends on where you are at. If you are rural, don't worry about it, but if you are in a city with lots of people, I would get it fixed up right.
 
I agree that the iPod should work A-OK with WPA, my wife's 2nd gen worked fine with it.

Also, make sure you run Firefox or some non-IE browser, make sure Adobe Flash player is ALWAYS up to date as it it's the current attack vector for much malware nowadays. Use Foxit PDF reader rather than the Adobe product.
 
ctc, I don't know enough about networking (yet) to do what you've listed in steps 2 & 3. I'll do my homework.

tmorris1, the WPA/2nd-gen ipod touch debacle is a known issue. It is a problem with many of the wireless routers on the market. Apple's routers do not have the problem.
 
Just check the user guide for your router. It should be in there. If you don't have the user guide, you should be able to find it on the manufacturer's website.

Step #2 does make it a PITA if you want to let your friends come over with their WIFI capable devices because you have to add their MAC addresses to the access list or they won't be able to get on. Also, make sure you have the MAC addresses for all of your devices before you start. Don't forget the ones for your Wii and Ipod or they will lose access.
 
Last edited:
Your risk is a purely local one.

Use the MAC filter and enable the router's firewall, and your network, generally speaking, should be relatively safe from the rest of the world.

The remaining risk is a local wireless hack into the iPod and then jumping through it to the network. I've heard of folks using iPods to locally hack into networks. But incidents where the iPod are attacked as the entry point are much rarer. Alternatively, if they can remotely lift the MAC address from the iPod, they could then clone it to get to the router. As you say, WEP is then easy to crack. You would need some extremely sophisticated neighbors to remotely take over an iPod or clone its MAC. Someone smart enough to do all that would find getting past the MS firewall child's play.

If you've got neighbors like that, they're probably too busy cracking into bigger things to worry about you.
 
I have a similar setup, the thing that concerns me is the Wii. I don't know what loop holes are in it.
 
Volvohead, as far as my neighbors go, I don't think I've got anything to worry about.
grin2.gif
 
Like anything security related, it would depend on what you're trying to protect. If it's just the internet traffic, I wouldn't worry much about that. But if you have financial/business documents stored on the Vista pc I would definitely make sure any sort of sharing is turned off, and perhaps add another layer of protection to them.

There's no sense creating a bunch of work for yourself trying to get a MAC list and getting WPA working if your biggest concern is someone knowing you watch youtube videos on your ipod touch and surf BITOG. There is much, much lower hanging fruit than waiting a month of monitoring your internet connection to get a credit card number or your hotmail password!
 
bepperb, I just want to make sure that a hacker can not easily get to anything on my PC hard drive. I have tax documents and such on there, that if stolen, could give an identity thief everything they would need to know. Everything else on the computer is just fluff (pictures, games, etc.).
 
Originally Posted By: wavinwayne
ctc, I don't know enough about networking (yet) to do what you've listed in steps 2 & 3. I'll do my homework.

tmorris1, the WPA/2nd-gen ipod touch debacle is a known issue. It is a problem with many of the wireless routers on the market. Apple's routers do not have the problem.

There are 2 kinds of WPA2 encryption (TKIP and AES (I think?). Maybe try switching your router to one or the other and try again. I will check to see how mine is setup at home. I have MAC address filtering (enter iPod MAC address into the router) and WPA2 turned on in my Netgear WPN824 RangeMax router and all works.
 
Now mind you, none of these network measures will give you an ounce of protection should you click the wrong thing while surfing or e-mailing and allow malware in.

Then all bets are off, as you let them in the house, so to speak.

That's the MUCH greater risk, and your HW and encryption scheme have little to do with it. These threats are global and involve the most skilled cybercriminals.

If you don't have one, invest in some good real-time ASW and an AV with malware features, and scan often.

Don't worry about the deadhead next door. It's the criminal genius from the other side of the world that can hurt you worst.
 
I agree with volvoheads comment: you are much more likely to be hit with a threat from the outside (malware, spyware, phishing, or simply theft of your credit card data from a database) than you are to have your home network hacked. I subscribe to a security group where I get lots of information about current threats, exposures, and all of the details of the breaches. trust me, our financial and personal data is already at risk. 200+ million credit card numbers were obtained illegally this year. Did you ever sign up for Ameritrade? they were hacked. Central credit card auth clearing house hacked, TJMaxx, hacked. and on and on. most hackers of this nature are from other countries (Russia, China) and some of it is sponsored by organized crime, since they know what to do with the info once its obtained.

as far as MAC filtering, you will find a MAC address table somewhere in your router, and basically you enter the MAC address from all of your wireless devices into that table. then if anyone tries to connect with a device t
hat is not in that list, the connection will be refused. certainly MAC addresses can be spoofed, but only a few people know how to do that.

as far as turning off broadcasting your SSID, there will be a selection in the wireless configuration sections of your router that says: Broadcast SSID: Yes or No.


additional security can be had by altering the IP address of your router.
 
Good points all. I always have AV/anti malware software running, and it automatically updates, so no worries there. I also run Spybot and a few other similar programs from time to time. I have never had any sort of serious infection from viruses, malware, trojans, and such. This is probably due to mine and my wife's somewhat conservative web surfing habits. The sites we frequent are not known to harbor virii and other nastiness.
 
WW, it sounds like you have at all covered as well as is practicable.

As long as you use a computer and venture outside a wired network, there is always a security risk. Local, remote, direct, indirect, wireless, third-party attacks . . . there are about a dozen different ways the bad guys can get in.

The most troubling risk is not what steps you take, but what steps others who you give your information to take. The latter you have absolutely no control over. That's the risk that baffles the more casual consumer. Even swiping your debit card at the gas pump exposes you to it.
 
Volvohead, you couldn't be more spot-on with the credit card theft thing. In the last year, my credit union replaced my debit card due to a compromised database somewhere, and someone tried to use my AMEX card number somewhere overseas. When AMEX called to inform me about it, I hung up on them and called THEM back to see if I was being had. Turned out to be the real deal, but I certainly wasn't going to give any info to some person on the phone that just SAID they were from AMEX.
 
Here's a "cute" one: Around here last year a ring got busted who were breaking into convenience store gas pumps (which have notoriously lame locks), and installing transmitters off the card readers. Then they would park a vehicle nearby with the receiving equipment and "harvest" the card numbers all day long.

The last line of defense is a cardholder's fraud protection policy. Sadly, that one that gets used more and more anymore.
 
Good info. I rarely have my wireless router turned on because I don't use my laptop much, but I now realize it was far less secure than it could be.
 
Status
Not open for further replies.

Similar threads

JHZR2
Parental controls and gateway/access points
Replies
15
Views
292
OVERKILL
G
Connect PC directly to fibre optic modem?
2
Replies
21
Views
680
y_p_w
B
Reliability of your home "wired" wifi service.
2 3
Replies
48
Views
1K
Lepigi
92saturnsl2
New Ubiquti Wifi-6 home setup
Replies
7
Views
819
92saturnsl2
redhat
New home build network/Wi-Fi infrastructure
2
Replies
22
Views
2K
meep
Back
Top