securing a new dsl wi-fi home network?

[lilbandit]

Hi everyone,
DSL has reached my home town so I got a netopia wi-fi router from my supplier and everything is running smoothly. The others in the house can share the connection and all is good! The only thing I am unsure of is the security implications, I enabled WEP and secured admin and user passwords for the router, os x (panther) firewall is running too. Has anybody got any additional suggestions? Relied on dial-up for years so always ignored this end of things! If I turn filesharing on does this mean that my powermac is open to snoopers? I usually use filesharing to send files back and forth to my laptop, I'd hate to have to keep switching this on an off everytime I want to send a file.
Thanks in advance

 

[Natobasso]

Hello! Welcome to the wonderful world of non-dialup internet!

I've been advised that no wireless network is truly safe, but you've done all you can to keep it secure. File sharing does expose your computer a bit but is useful for sharing files between computers without emailing them.

Last night in fact I saw my neighbor's networks and was able to use one of them—I even got through to their router! I could have reset it so only I could use it and they wouldn't have had a clue. Scary stuff.

I also set my router to accept only one other computer, you do that by creating a computer list and the router reads what computers are connected and you can limit use to just those computers.

Hope this helps!

 

[lilbandit]

Thanks for your reply, that's all I really needed to know

 

[g/re/p]

Setting the router to accept only one other computer is a very good idea - to be even more secure, set it to accept only the computers on your network.

Also - if your router has the option, you should use WPA
Pre-shared Key and choose TKIP for the WPA algorithm
instead of just "plain vanilla" WEP, which is pretty damn
insecure if truth be told.

 

[GraphicUmp]

Yes, I have my router set to accept only certain MAC addresses - it's under MAC address filtering. That way only your WiFi enabled computers can access the router at all.

 

[lilbandit]

Thanks for the info everyone, much appreciated!!

 

[wadesworld]

If you really want to be secure, turn off filesharing and use an SFTP or scp.

Wade

 

[scruffy]

Basically, consider WEP to be nothing - it really is worthless junk crypto. Turn it on if that's all you've got, but act as though you hadn't.

If the router can to WPA, use it. TKIP is not bad, CCMP (it might refer to it as AES) is better. But make sure that your preshared key is truly random, not an easily guessable word.

I personally would treat a wi-fi router as being 'outside', not part of the internal network - don't offer any services on the wi-fi network that you wouldn't offer on the outside interface. But then I'm more paranoid than most...