lazy wireless security

[Oliver1]

Have just been trying to wade through my new wireless router manual.
Is it sufficent security just not to broadcast my ssid, so then only clients who know it can connect to my wireless network.
Or do I really have to set up encryption, and if I do set up encryption, before any client can connect do they have to know the ssid and a 13 digit encryption key?
Basically what should I do

[dglienna]

My laptop wouldn't see my router when I turned off SSID. Set up WEP with the highest encryption level available.
The easiest way to set up a laptop is to plug it into a wired port on the router, go to the setup page using the laptop, type in a passphrase to generate a key, and then Copy and Paste the Key into the laptop card where it asks for the encryption key. This way, you can make no mistakes.
Then, cycle the power on both the router and the laptop, to make sure that you won't have to do it again, and pull the lan cable out of the laptop.

You should be connected. Anyone else that connects will have to know that key and they can only get it from the laptop or the router. I've never had a problem with unwelcome guests, and I've had my router for about 3 years.

[demotivater]

I set mine up the same as dglienna (for the most part). My neighbors on the other hand, muahahaha.

[ducky]

Yes, disable SSID broadcast, but rather than enable encryption you could alternately filter wireless connections by MAC. Therefore only wireless components within your house (specified by MAC address) can connect via the wireless. Its not a perfect solution, but a reasonable non-paranoid solution.

[dglienna]

My old router will block by MAC address, but not ALLOW by MAC address. I don't understand why I'd close the front door after someone gets in. Go Figure....

[Oliver1]

Thanks will hopefully look at the router this afternoon and see what I can figure out, am sure I'll have to get back to you as all seems very complicated.

[dj4uk]

Not broadcasting SSID removes the casual hijacker but only that really.

MAC address filtering adds another level but again this can be faked very easily.

Does your router support WPA or WPA2? - it's a hell of a lot more secure than WEP which just takes a quick download off the net to bypass - not any more difficult to setup either. If it does support WPA then all that is required is a KEY PHRASE that is setup on every client machine. If they are PCs with Windows SP2 the Wireless connection wizard will get you setup quickly.

It really depends how secure you need to be - but people jumping on to unprotected wireless connections is more common than you would think.

HTH

DJ

[System_Error]

Here's what I did, and I've never had any security problems:

1) changed IP address from the default
2) added encryption
3) disabled SSID broadcasting
4) MAC filtering