Wireless Routers

ErikP.Bass · #1 11-24-2009, 10:40 AM

I am just beginning to research for a wireless router purchase. So much information out there to read and so many choices. I figured I'd ask here to see who has a wireless setup at home and what router are you using. Pros/Cons?

MJ5150 · #2 11-24-2009, 10:47 AM

I like Linksys products. If you're into customizing your router, there are many options with the consumer level Linksys routers.

-Mike

ErikP.Bass · #3 11-24-2009, 10:58 AM

Thanks Mike. Linksys definitely seems to be one of the top manufacturers out there along with D-Link and Netgear.

I should have mentioned that my home network will need to be compatible with both PC and Mac. So I am also considering the Apple Airport Extreme.

TrooperFarva · #4 11-24-2009, 11:18 AM

Go with Linksys. It's the consumer division of Cisco, it's top quality.

geeza · #5 11-24-2009, 11:21 AM

Quote:

Originally Posted by ErikP.Bass

I should have mentioned that my home network will need to be compatible with both PC and Mac. So I am also considering the Apple Airport Extreme.

I'm pretty sure you can use any router. I have a D-Link and use both Windows and Mac machines with it with no problems.

NJL · #6 11-24-2009, 12:21 PM

also, when setting up the router, don't forget to set it to WPA2 and NOT WEP! if you're geeky enough, use WPA2 with a Radius Server

use an SSID that has random characters such as:

qk@jY#Qpq8 - you can hide your SSID, but airmon-ng can still see it.

and use a 63 character password such as:

aY)<6~Y%2tR~el|,Qj!NH&<gJ3ise<_@G^zh^GNq$`-KiTkcUO-,SA[5F\Tq_FX

visit grc.com/passwords for cryptographically-strong pseudo random number generated passwords if you don't have your own password generator or password manager application.

ThisisCraigP · #7 11-24-2009, 12:30 PM

Linksys works good, but when I got mine there wasn't any Macintosh instructions so I had to wing it.

MJ5150 · #8 11-24-2009, 12:41 PM

Quote:

Originally Posted by NJL

....visit grc.com/passwords for cryptographically-strong pseudo random number generated passwords...

NJL owns this website. He has a tool set up on the website that will e-mail him every password generated and the IP address it was generated from.

Just so you know.....

-Mike

TrooperFarva · #9 11-24-2009, 12:46 PM

WPA2 is good, use it, but definitely use MAC Authentication. It makes it more of a pain if a friend of yours wants to use your wireless, but it also locks down your system really tight.

ErikP.Bass · #10 11-24-2009, 01:18 PM

Thanks for the input guys. What specific models are you using?

adammazza · #11 11-24-2009, 01:30 PM

Quote:

Originally Posted by TrooperFarva

WPA2 is good, use it, but definitely use MAC Authentication. It makes it more of a pain if a friend of yours wants to use your wireless, but it also locks down your system really tight.

or.....

Step 1) Install 3rd party firmware (openwrt, dd-wrt, etc)
Step 2) Setup additional wide open wifi connection
Step 3) Setup honeypot (optional)
Step 4) Profit!

MJ5150 · #12 11-24-2009, 01:34 PM

Quote:

Originally Posted by ErikP.Bass

Thanks for the input guys. What specific models are you using?

Linksys WRT110.

-Mike

NJL · #13 11-24-2009, 07:09 PM

Quote:

Originally Posted by TrooperFarva

WPA2 is good, use it, but definitely use MAC Authentication. It makes it more of a pain if a friend of yours wants to use your wireless, but it also locks down your system really tight.

and for spoofed MAC addys?

NJL · #14 11-24-2009, 07:11 PM

Quote:

Originally Posted by adammazza

or.....

Step 1) Install 3rd party firmware (openwrt, dd-wrt, etc)
Step 2) Setup additional wide open wifi connection
Step 3) Setup honeypot (optional)
Step 4) Profit!

add a "pineapple" or karma.. throw in karmetasploit if you really want to be an arse!

i used to have my wifi open.. anyone dumb enough to use it got what they deserved.

NJL · #15 11-24-2009, 07:13 PM

Quote:

Originally Posted by MJ5150

NJL owns this website. He has a tool set up on the website that will e-mail him every password generated and the IP address it was generated from.

Just so you know.....

-Mike

i wish i were as brilliant as Steve Gibson!!

if any of you are interested, check out the "Security Now!" podcast from that site or from iTunes.. really cool stuff. he was explaining last week how SSL3/TLS1 is officially zero day exploitable now (in addition to moxie's sslstrip WIN)..

TrooperFarva · #16 11-24-2009, 11:40 PM

Quote:

Originally Posted by NJL

and for spoofed MAC addys?

I've never known anyone diligent enough to spoof a MAC address and crack a WPA passkey just to get into a residential router. And I've known some unsavory characters.

NJL · #17 11-24-2009, 11:48 PM

it's not hard to do, don't get me wrong, so go ahead and set up MAC auth, but it's not going to hold someone back from getting in, if they really want to..

adammazza · #18 11-24-2009, 11:55 PM

Quote:

Originally Posted by NJL

it's not hard to do, don't get me wrong, so go ahead and set up MAC auth, but it's not going to hold someone back from getting in, if they really want to..

If someone wants to get in they'll get it. Not 100% safe but still best to never trust your transport, you ipsec tunnels on top, ssh where you can, ssl, etc.

Adam

NJL · #19 11-24-2009, 11:59 PM

ErikP.Bass · #20 11-25-2009, 07:23 AM

Anyone else care to share the router model they are using?