[sinhead]

Please suggest a good Usb-Wifi Reciever with an antenna (assuming the reception with antenna would be better). I'm using a Belkin n 150 router.

The situation is - I've had to shift my Pc to another room temporarily which does not have the modem, router connection. And I'll be buying a laptop soon. So I want internet access from any where in the house for these. I'm currently using my phone - usb tethering.

Thanks!!

[binand]

Quote:

Originally Posted by sinhead

Please suggest a good Usb-Wifi Reciever with an antenna (assuming the reception with antenna would be better).

Depending on what you use your PC for and the signal strength at the new location, you might want to consider a PCI-X Wireless card instead. Since these hook directly to the Mobo they perform better than USB ones. Of course, USB beats them on convenience and ease of install.

Amazon has a good selection at various pricepoints.

Quote:

Originally Posted by Chetan_Rao

I've changed both the admin console username/password and SSID/password combinations. Left most other settings at default, including SSID broadcast ON. Am I secure enough or should I be doing something else?

One thing many people miss is to leave WEP as the default. Make sure you are on WPA2-PSK with AES (not TKIP - it is insecure) with a strong password.

I also don't trust WPS - press-a-button-and-I-am-on-your-wifi thingy. Disable that if you are not using it.

[Thad E Ginathom]

Quote:

Originally Posted by binand

I also don't trust WPS - press-a-button-and-I-am-on-your-wifi thingy. Disable that if you are not using it.

You have to press two buttons.

Perhaps this is the downside of having a 60-plus character wifi password: I am all too keen not to have to enter it manually! But if someone else is ready and waiting at the moment I press the button on my router, I guess I'm scuppered

[binand]

Quote:

Originally Posted by Thad E Ginathom

if someone else is ready and waiting at the moment I press the button on my router, I guess I'm scuppered

... or if someone else is able to press the button while you are not looking?

I used to have it enabled, but then the technician who came to install a broadband connection at home felt he could help himself to my Internet connectivity without asking me. After I caught him at that figured it is prudent to disable it permanently. I'd like to know who all using the connectivity for which I pay a bomb. :-)

[Thad E Ginathom]

Quote:

Originally Posted by binand

... or if someone else is able to press the button while you are not looking?

Ultimately, physical security is all.

[rdst_1]

Quote:

Originally Posted by tibby

Can you please elaborate on this.

Every device has a physical address known as a MAC address. You can configure your router (if it has support) to only allow those devices to connect whose MAC ids you have entered into the system.
This adds a second layer of security and hence even if someone has cracked your password, they won't be able to connect to your wireless network.

[Thad E Ginathom]

Quote:

Originally Posted by rdst_1

This adds a second layer of security and hence even if someone has cracked your password, they won't be able to connect to your wireless network.

If they have cracked your password, they can log into your router and see, change or add to allowed MAC addresses.

[rdst_1]

Quote:

Originally Posted by Thad E Ginathom

If they have cracked your password, they can log into your router and see, change or add to allowed MAC addresses.

The router login password and the SSID password are different. How can they login to your router if they can't even connect to your wireless network.

Yes, a proficient hacker should be able to use packet sniffing and MAC address spoofing to get on to the network. However this method still protects you from some normal guy who has come across your password by fluke or because of one having a weak password.

[Chetan_Rao]

I don't know if it's a universal feature or of much use at all, but I found an option on my router's admin console that allows me to set a particular device as authorized admin, meaning another device can't be used to access the console even if someone has my admin username/password.

@binand: I do have the correct WPA2 option selected plus a strong password.

[Thad E Ginathom]

Quote:

Originally Posted by rdst_1

The router login password and the SSID password are different. How can they login to your router if they can't even connect to your wireless network.

Yes, a proficient hacker should be able to use packet sniffing and MAC address spoofing to get on to the network. However this method still protects you from some normal guy who has come across your password by fluke or because of one having a weak password.

Yes, like chaining bags on the train: it protects against the casual thief just picking them up, but not against the guy with tools in his pocket.

Quote:

Originally Posted by Chetan_Rao

I don't know if it's a universal feature or of much use at all, but I found an option on my router's admin console that allows me to set a particular device as authorized admin, meaning another device can't be used to access the console even if someone has my admin username/password.

How do you specify that? IP address? MAC address? Must take a look at mine: I don't remember if that is there or not.. Thanks for the hint.

Another thing that would be good is administration by wired access only. Again: I don't remember if I can do that on mine, but I think not.

EDIT: only for remote management, and no.

[Chetan_Rao]

Quote:

Originally Posted by Thad E Ginathom

........
How do you specify that? IP address? MAC address? Must take a look at mine: I don't remember if that is there or not.. Thanks for the hint.

MAC Address. My TP-LINK router lets me specify upto FOUR PCs that can access the admin console, plus options to enable/disable individually as required. Pretty nifty, even if not foolproof.

Listed under Security > Local Management on my router.

Quote:

Another thing that would be good is administration by wired access only.......

No such option on mine, though it allows remote mgmt. through a specific IP address. I honestly don't need that right now, local more than meets my needs.

[binand]

Quote:

Originally Posted by rdst_1

You can configure your router (if it has support) to only allow those devices to connect whose MAC ids you have entered into the system.

The MAC is so easily changeable; that spoofing it is now an entry-level hacker task. :-)

[tibby]

Quote:

Originally Posted by rdst_1

Every device has a physical address known as a MAC address. You can configure your router (if it has support) to only allow those devices to connect whose MAC ids you have entered into the system.
This adds a second layer of security and hence even if someone has cracked your password, they won't be able to connect to your wireless network.

Quote:

Originally Posted by Thad E Ginathom

If they have cracked your password, they can log into your router and see, change or add to allowed MAC addresses.

Quote:

Originally Posted by rdst_1

The router login password and the SSID password are different. How can they login to your router if they can't even connect to your wireless network.

Yes, a proficient hacker should be able to use packet sniffing and MAC address spoofing to get on to the network. However this method still protects you from some normal guy who has come across your password by fluke or because of one having a weak password.

Thanks guys! This is good information.
Will lookup over the weekend how I can put this to use.

So every time a new device needs to connect to the WiFi Network, I will need to add its MAC address? That will make it cumbersome to give access to guests who may come home and need WiFi access.

[Rahulkool]

There is a android app which can crack wifi passwords, i am not sure how it does that. One of my neighbors told me about it that few kids downstairs were using his wifi. He told that they were not able to connect to my wifi and he wanted me to check, as airtel was not being helpful in the matter. I checked the app and it was using some WPS exploit. I disabled WPS in his router and then the app was not able to connect.

I have kept WPS and DHCP off in my router, i will suggest everyone to switch off WPS in their routers.

This app just connects to the wifi but you can not see the wifi password. There are few apps which can even display the password if the phone is rooted.

[Chetan_Rao]

Quote:

Originally Posted by tibby

.........That will make it cumbersome to give access to guests who may come home and need WiFi access.

Some routers have an option to setup a public 'Guest' network for such scenarios. Mine does.