Jump to content

Making My Wlan Secure With Wpa2


periva
 Share

Recommended Posts

If I make a password 20chars long with random chars so that it's no way the word is in any dictionary, can I feel safe that no one can hack my wlan unless someone is trying every possible combination of chars that have the length from 8-62?

Link to comment
Share on other sites

I'd same the same thing, it is fairly safe to use, at home I use WP2 and a very long phrase with special characters.

Now if you want to make it more challenging for someone across the street, you could use WP2-Enterprise which uses a Radius system for a second authentication.

Link to comment
Share on other sites

If someone was determined enough, and had a CUDA based WPA cracking machine, they could probably crack it to get in, they just need to capture the 4way handshake.

Personally, I detest wireless, and never trust it, including my own. Change the passwords often, even with a long password. If you use WPA2 with AES and a long ass password, you should be fine though. Just be sure to check your network from time to time if you plan to use it with wifi on a permanent basis. I only enable the wireless when I need it.

Some routers offer the option to separate the Wired nodes from the Wireless ones onto separate subnets, as well as make it so the wireless devices can't see each other once connected(AP Isolation), so if your router has any of these options, be sure to implement them along with MAC address filtering and small DHCP pools only enough for your needed clients on the network, although that isn't full proof and can be spoofed. If you only have 5 machines, then set DHCP to only hand out 5 addresses. In my house, we hard code the IP's and disable DHCP on the router all together.

Also, use an odd subnet, don't stick with the default private lan 10.x.x.x, 192.168.x.x and 172.16.x.x-172.32.x.x networks. You're using NAT, so you can use pretty much any subnet you want really. Make it more difficult for anyone who did manage to figure out the password, to not be able to figure out the subnet in use while having DHCP turned off. My home router is on a non standard private Class A /29 (mask is 255.255.255.248) subnet. This only gives room for 5 nodes on the network. If someone got on and wasn't in the same subnet range, they can't reach the internet without knowing the address of the gateway.

Link to comment
Share on other sites

If you wireless router doesn't have the option to separate the networks. You could create two network segments with a router in between, blocking any incoming/outgoing traffic that comes from either networks.

That would be one way to keep the traffic isolated to one network only.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...