Who didn’t know this?
12% of consumers are leeching wireless from unsecured wireless networks.
Hello!? How can you possibly hop on the internet and not realize that people do this? There’s a very simple solution to this problem. It’s called “Network Filtering”. I’m not the huge network geek that my husband and friends are, but Network Filtering is really easy to do and from what I’ve seen, any wireless router has this feature available in its setup.
What you do is tell the wireless router to only accept connections from the mac addresses that belong to individual machines in your house (or your Nintendo DS, or your PSP… or your iPhone.) You do have to enter in new mac addresses when you replace old machines or devices, but it takes maybe ten minutes and is a great precaution against unwanted intruders on your home network. Not to mention, it’s just plain smart. Who knows what leechers are doing while pretending to look like you?
Network filtering. Learn it. Know it. Use it.
April 17, 2008 12:35 pm 
Subscribe
By tsykoduk, April 17, 2008 @ 5:30 pm
On the gripping hand, leaving your wireless network can been seen as neighborly. What if joe down the street looses his internet for a day? If you are open, you just made his week.
Bruce has this to say:
Of course, he also goes on to talk about the risks of not using point to point encryption of some sort (esp. over wireless, and esp. over other people’s wireless). If you have that part of it down, then it’s no more unsafe then connecting from anywhere else.
Here is my take on it.
1) Have your wired network behind a firewall.
2) Have your wireless network open
3) With the correct sniffer, it is trivial to find and masquerade as a valid MAC address. So, MAC filtering is a good idea, but it’s not a panacea for proper WPA pass-phrases and good tight VPN’s.
4) Make sure that your wireless devices always use a secure VPN to connect to resources. In fact, it’s a good idea to redirect _all_ of your traffic thru a VPN into your secure network and then back out. After all, how much of your email uses POP? Yeah… POP passes passwords in plain text.
So, (in an related topic) at the airport a few weeks ago, I saw a open wireless called ‘Free Wireless’. I tightened down the firewall, opened the log file, and connected. Wham. If I had been a windows box, I would have been rooted right then.
That was in SF. I also saw it at SeaTac. Not the same one, but the same idea. I also noticed that when I was connected to the AT&T network at SeaTac, I was under constant assault.
So – VPN back home, and then traffic out to the internet from there with HUGE firewalls on the roaming device seem like a great idea to me.
By Random Gemini, April 18, 2008 @ 11:24 am
I really appreciate your comment, because the point of this post was to get people thinking about security on their home systems and the more information there is available for them to look at, the better off everyone is.
You’re really a wealth of knowledge though! VPN is still a very new term to me, and as far as I knew (until about 10 minutes ago) VPN was just how people logged into their computers at work from home. *chuckle* I had to have my husband explain to me how it worked.
For me, it’s like this, just over a decade ago, I helped my husband run all the home networking stuff and I was current on security and securing our servers from the outside world. Today, I’ve become so attached to windows that it has crippled my memory of network security and caused all of my once really cool ability to geek with my husband to completely atrophy.
What I do remember though, is that there are always some very simple things that you can do that will make it that much harder for people to take advantage of you. This is true in life, and the internet. It doesn’t make sense not to do them, even if some schmoe can easily work his way around mac filtering, there will be some other schmoe that can’t figure out why your network doesn’t work for him anymore. And while you may be right, that those people who are trying to get on your network without knowing how to get around mac filtering likely have good intentions, the road to hell is still paved with them.
It just makes sense to do what you can, even if it’s simple and not necessarily the most effective means. Besides, Joe Neighbor could always come over and ask if you had a wireless network, and if you’d mind sharing some bandwidth. I know I’d be glad to let Joe Neighbor share some bandwidth if he hit a bad patch.
Still, I love your suggestions and am now going to spend the remainder of the day reading about how VPN works, so I can get a more refined understanding beyond “Well, it encrypts everything over your wireless, plus everything goes through one point so that it can be firewalled/proxied/filtered.”
By tsykoduk, April 18, 2008 @ 1:05 pm
lol…
Windows will do that to you if you are not careful
Here is a quick article on using SSH to build a ‘poor mans’ vpn back to a home server… windows? I dunno if it will work. Windows SSH is… problematic at best. Works like a charm with *nix and macs.
Have you checked out the latest Ubuntu Linux? It pretty much rocked my socks off. I think that if it’s not at grandma level, it’s darn close. It even has a live-cd so you can try it with out totally destroying Winders.
By tsykoduk, April 18, 2008 @ 1:07 pm
uh.. yeah. Here is the article.
By Random Gemini, April 18, 2008 @ 3:09 pm
I’ve thought about slapping Ubuntu on my laptop after my HP warranty is up… but then there is that temptation of OSX. The guys down at the local mac store offered to throw OSX on here for me but it was a bit pricey, so I’m not sure that’s the route I want to go. Hearing that there’s a live cd option for ubuntu warms my heart though. If I do decide to go that way, then I could play around with it before my warranty is up and not have HP gripe at me about voiding the warranty with its use. That would be sweet.
Thanks for the article link, I’m not sure if I want to attempt setting this up on my own, but you’ve given me great fodder for dinner table conversation with hubby tonight!