I have spent a while re-setting my router to factory defaults as I'd forgotten my user name & password - DUH!
Anyway - it's up and running again and I've changed the router default user name & password, changed the network SSID, changed the WPA password and set up both our laptops & the wireless printer on the new network.
I'm considering limiting the wireless access to devices with specific MAC addresses, i.e the two laptops & the printer.
All that should pretty much make it difficult, if not impossible (maybe!) for "drive-by" access to our wireless network, but the question is - Is restricting by MAC address a bit OTT?
It will be a faff when family visitors want to use our wireless facility, as I'll have to get their devices MAC addresses and enter them into our router.
(A LOT, if 2X kids are here with a laptop each, my daughter & her husband are here with their iPhones and laptops)
|
>> to our wireless network, but the question is - Is restricting by MAC address a
>> bit OTT?
Yes. Given all the rest it is.
|
As an aside, you can trivially spoof a mac address - the first Google hit reveals a free bit of software to do it. Roger's setup would not however, be immediately open to that (but if mac address authentication was all you had then you would be open to it).
There are many of course, who deliberately leave their wifi open anyway, in some kind political statement about freedom of the internet and personal choice. Not sure I would do it, but some do.
|
I used to do it, don't bother now.
It should just be a once off job to enter each device, not so onerous really.
My Virgin router has guest modes but I've never explored what they are for... guess it's something like that
|
My old Linksys router had MAC address filtering and I enabled it.... And then when I got a new work laptop it took me a while to remember I'd turned on MAC address filtering! Doh.
The BT Homehub I then got didn't support MAC filtering. I now have a different Linksys router (BT Homehub caused issues with access to Sky+ HD box via Android app) which I didn't bother enabling MAC filtering on.
|
It would be more secure if you swapped your wireless from WPA to WPA2. WPA was pre-standard, WPA2 is 802.11i (in plain English the actual standard for wireless security)
I thought about using MAC addresses but decided it was too much bother and another thing I'd have to remember when family visited.
|
WPA-PSK/WPA2-PSK is what is showing as the standard chosen in the router settings
On a drop down menu are other options Open, WEP, WPA-PSK & WPA2-PSK, so I am assuming that what is showing is what is set.
|
From the three options you've described yes, that's the one to go for.
That sounds like it is the security mode, do you have an authentication box too or is it all controlled from the single router setting?
If you have only seen a single selection option no worries, it will only be the difference between routers. Some routers will do it all for you, some will allow you more control.
|
This is a TalkTalk supplied fibre router/gateway made by Huwaei, so there are concerns with the thing!
It connects via a separate unit - an OpenReach fibre enabled modem, so there isn't much room behind my TV!
Anyway - the router is not as easy to understand, or set up, as the Linksys I bought in Spain to replace Telefonica's awful thing.
Port opening & forwarding, pus MAC addressing, alternate DNS server settings and other security options were much more easily accessed & usable on the Linksy, but while the Huwaei router is working I do not feel justified in buying a replacement.
|
|
I also use Open DNS and there IS a helpful guide on their site on how to set up most router makes, including the Huwaei Echo-Life Gateway, so that is all tickety-boo.
Last edited by: Roger. on Sat 30 Aug 14 at 14:24
|
>> This is a TalkTalk supplied fibre router/gateway made by Huwaei
You don't need to use the supplied router from TalkTalk you know. It has nothing to do with BT Openreach's VDSL fibre to the cabinet product. It's just a router - people with cable broadband often had a separate router (referred to as a cable router because there was no ADSL modem) and a cable modem.
I have BT Infinity but found the Homehub (v3 I think) was not compatible with the Sky+ app. I proved this by swapping in my old Linksys router for a while. I then bought a newer Linksys router supporting Wireless N etc.
What you will have to do is setup the router to login to the VDSL service using the PPPoE protocol. For BT Infinity the username for everyone is bthomehub@btbroadband.com with no password. Must be settings on the Huawei already (they were hidden from users on the BT Homehub).
|
>> This is a TalkTalk supplied fibre router/gateway made by Huwaei, so there are concerns with
>> the thing!
Do you really think that the Chinese military have put a back door in your router to spy on you?
To a potential hacker, you are a waste of space time and effort.
Ordinary WPA2 WiFi security is all you need.
Last edited by: Zero on Sat 30 Aug 14 at 17:14
|
|
Easy to become paranoid about internet security but forget to lock the back door when you go out.
|
Router & wireless security - Zero
