Any benefit by changing 192.168.0.1?

I'm setting up a wireless network and wondered if it would be advisable to
change the default IP address of the LAN? It is currently 192.168.0.1.

Would it make it anymore difficult accessing the system, from an hacking
point of view if I use an alternative IP address for the LAN?

Secondly, if a network is running without WEP (or any other encryption), is
it possible for someone in range of the wireless signals to watch everything
that it going on and be able to see everything in real time? ie, if I log
into my bank account online, would the watcher be able to see everything I
see?

And finally, can anyone recommend any software that I could use on my laptop
to see what it being broadcast between my access point and home pc?

Barrie

"Barrie" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> I'm setting up a wireless network and wondered if it would be advisable
> to change the default IP address of the LAN? It is currently
> 192.168.0.1.
>
> Would it make it anymore difficult accessing the system, from an hacking
> point of view if I use an alternative IP address for the LAN?

Not really. Before you can access anything, you must be able to receive
stuff; if you can receive stuff, you can find the addresses equally easily
whatever they are.

> Secondly, if a network is running without WEP (or any other encryption),
> is it possible for someone in range of the wireless signals to watch
> everything that it going on and be able to see everything in real time?

Yes.

> ie, if I log into my bank account online, would the watcher be able to
> see everything I see?

Not in plaintext, because there is encryption (SSL) at a higher level.

> And finally, can anyone recommend any software that I could use on my
> laptop to see what it being broadcast between my access point and home
> pc?

Packet sniffers and protocol analysers are readily obtainable (eg Ethereal
plus WinPcap for Windows). I'm not sure if they'll do what you want though.

Alex

"Alex Fraser" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> "Barrie" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> I'm setting up a wireless network and wondered if it would be advisable
>> to change the default IP address of the LAN? It is currently
>> 192.168.0.1.
>>
>> Would it make it anymore difficult accessing the system, from an hacking
>> point of view if I use an alternative IP address for the LAN?
>
> Not really. Before you can access anything, you must be able to receive
> stuff; if you can receive stuff, you can find the addresses equally easily
> whatever they are.
>
>> Secondly, if a network is running without WEP (or any other encryption),
>> is it possible for someone in range of the wireless signals to watch
>> everything that it going on and be able to see everything in real time?
>
> Yes.

So can I assume that if WEP is enabled, then unless the watcher has the WEP
key,
they cannot watch what is going on?

>
>> ie, if I log into my bank account online, would the watcher be able to
>> see everything I see?
>
> Not in plaintext, because there is encryption (SSL) at a higher level.

This is the encryption put in place by the bank themselves, yes ??

>
>> And finally, can anyone recommend any software that I could use on my
>> laptop to see what it being broadcast between my access point and home
>> pc?

I have the WEP options I could implement here, 64bit, 128bit and 256bit. I
assume I should use 256bit, if I can, as I assume this would be harder to
work out the key?

>
> Packet sniffers and protocol analysers are readily obtainable (eg Ethereal
> plus WinPcap for Windows). I'm not sure if they'll do what you want
> though.

The reason I asked these questions was because a colleague of mine who runs
a shared access point, told me he doesn't use WEP on his access point, and
that he uses a non-standard IP address on the LAN, (rather than the more
common, 192.168.0.1 etc). He said that whoever was trying to make a
connection would need to know the IP address of his LAN before they could do
anything once connected. I'm just wondering how much I need to secure my
wireless network, and what the likely chances are of someone trying to get
in. Theres no shared folders or drives on my network, so I assume no-one
would be able to access any drives or files without them being shared? I
access files and folders on the LAN using Remote Administrator, and never
share any drives within windows... Is this the best way to do things?

Barrie.

Thanks Alex.


>
> Alex
>
>

"Barrie" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> "Alex Fraser" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > "Barrie" <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed)...
[snip]
> >> Secondly, if a network is running without WEP (or any other
> >> encryption), is it possible for someone in range of the wireless
> >> signals to watch everything that it going on and be able to see
> >> everything in real time?
> >
> > Yes.
>
> So can I assume that if WEP is enabled, then unless the watcher has the
> WEP key, they cannot watch what is going on?

At least not unencrypted, until/unless they crack the key.

> >> ie, if I log into my bank account online, would the watcher be able to
> >> see everything I see?
> >
> > Not in plaintext, because there is encryption (SSL) at a higher level.
>
> This is the encryption put in place by the bank themselves, yes ??

Yes, between web browser and web server.

[snip]
> I have the WEP options I could implement here, 64bit, 128bit and 256bit.
> I assume I should use 256bit, if I can, as I assume this would be harder
> to work out the key?

Yes, although I understand bandwidth suffers more with stronger encryption.
I don't know why that is the case (I have a rudimentary knowledge of
encryption in general, but know practically nothing about WEP specifically).
However, if you are only or mainly using the wireless network to share the
Internet connection, any bandwidth reduction should not matter - it should
still be (much) greater than the Internet connection bandwidth.

[snip]
> The reason I asked these questions was because a colleague of mine who
> runs a shared access point, told me he doesn't use WEP on his access
> point, and that he uses a non-standard IP address on the LAN, (rather
> than the more common, 192.168.0.1 etc). He said that whoever was trying
> to make a connection would need to know the IP address of his LAN before
> they could do anything once connected.

If you are able to connect (no problem if there's no encryption and no MAC
filtering), you will very easily be able to find out the addresses, whatever
they are.

> I'm just wondering how much I need to secure my wireless network, and
> what the likely chances are of someone trying to get in. Theres no
> shared folders or drives on my network, so I assume no-one would be able
> to access any drives or files without them being shared?

Except via operating system vulnerabilities, yes. Keeping the OS up-to-date
and using a firewall are the best defences here.

> I access files and folders on the LAN using Remote Administrator, and
> never share any drives within windows... Is this the best way to do
> things?

If you access files over the LAN, you should use encryption. I don't know of
any particular security disadvantage to using Windows' file sharing,
assuming access is suitably controlled (ie appropriate permissions and
passwords) and the OS is up-to-date.

Alex

"Alex Fraser" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> "Barrie" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> "Alex Fraser" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed)...
>> > "Barrie" <(E-Mail Removed)> wrote in message
>> > news:(E-Mail Removed)...
> [snip]
>> >> Secondly, if a network is running without WEP (or any other
>> >> encryption), is it possible for someone in range of the wireless
>> >> signals to watch everything that it going on and be able to see
>> >> everything in real time?
>> >
>> > Yes.
>>
>> So can I assume that if WEP is enabled, then unless the watcher has the
>> WEP key, they cannot watch what is going on?
>
> At least not unencrypted, until/unless they crack the key.
>
>> >> ie, if I log into my bank account online, would the watcher be able to
>> >> see everything I see?
>> >
>> > Not in plaintext, because there is encryption (SSL) at a higher level.
>>
>> This is the encryption put in place by the bank themselves, yes ??
>
> Yes, between web browser and web server.
>
> [snip]
>> I have the WEP options I could implement here, 64bit, 128bit and 256bit.
>> I assume I should use 256bit, if I can, as I assume this would be harder
>> to work out the key?
>
> Yes, although I understand bandwidth suffers more with stronger
> encryption.
> I don't know why that is the case (I have a rudimentary knowledge of
> encryption in general, but know practically nothing about WEP
> specifically).
> However, if you are only or mainly using the wireless network to share the
> Internet connection, any bandwidth reduction should not matter - it should
> still be (much) greater than the Internet connection bandwidth.
>
> [snip]
>> The reason I asked these questions was because a colleague of mine who
>> runs a shared access point, told me he doesn't use WEP on his access
>> point, and that he uses a non-standard IP address on the LAN, (rather
>> than the more common, 192.168.0.1 etc). He said that whoever was trying
>> to make a connection would need to know the IP address of his LAN before
>> they could do anything once connected.
>
> If you are able to connect (no problem if there's no encryption and no MAC
> filtering), you will very easily be able to find out the addresses,
> whatever
> they are.
>
>> I'm just wondering how much I need to secure my wireless network, and
>> what the likely chances are of someone trying to get in. Theres no
>> shared folders or drives on my network, so I assume no-one would be able
>> to access any drives or files without them being shared?
>
> Except via operating system vulnerabilities, yes. Keeping the OS
> up-to-date
> and using a firewall are the best defences here.
>
>> I access files and folders on the LAN using Remote Administrator, and
>> never share any drives within windows... Is this the best way to do
>> things?
>
> If you access files over the LAN, you should use encryption. I don't know
> of
> any particular security disadvantage to using Windows' file sharing,
> assuming access is suitably controlled (ie appropriate permissions and
> passwords) and the OS is up-to-date.

I'm not sure how to password protect access to files and folders in
WindowsXP, I`ll have to get the help files out : - )

I was recently told that Windows XP has a built in default 'Administrator'
account, do you know anything about this Alex? I can't find one, but it
might be there somewhere. If it is, and its a security issue, I would like
to get rid of it...

The good news is I have discovered that my Access Point and USB wifi
adapters both support WPA-PSK, so I have set that up WPA instead of WEP. It
might be less likely to be cracked so easily do you think???

WEP appears to get bad press on secuirty sites, and I hope this is for now,
more secure than WEP. The only reason I am setting up this network is to
share an internet connection with my brother who lives in a property at the
bottom of my garden! But I do know there are people around here with wifi
gear and also with this property being close to town and on a main town
route, we have lots of cars passing by all day and night long, so mobile
hackers might be a slight risk. : - (

Do you think I have made the right move using WPA-PSK? The key I have used
is just a load of characters split up into word sized chunks that mean
nothing, so I think the brute force and dictionary attacks would be
difficult.

Barrie....

> Alex
>
>

"Barrie" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
> "Alex Fraser" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> "Barrie" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed)...
>>> "Alex Fraser" <(E-Mail Removed)> wrote in message
>>> news:(E-Mail Removed)...
>>> > "Barrie" <(E-Mail Removed)> wrote in message
>>> > news:(E-Mail Removed)...
>> [snip]
>>> >> Secondly, if a network is running without WEP (or any other
>>> >> encryption), is it possible for someone in range of the wireless
>>> >> signals to watch everything that it going on and be able to see
>>> >> everything in real time?
>>> >
>>> > Yes.
>>>
>>> So can I assume that if WEP is enabled, then unless the watcher has the
>>> WEP key, they cannot watch what is going on?
>>
>> At least not unencrypted, until/unless they crack the key.
>>
>>> >> ie, if I log into my bank account online, would the watcher be able
>>> >> to
>>> >> see everything I see?
>>> >
>>> > Not in plaintext, because there is encryption (SSL) at a higher level.
>>>
>>> This is the encryption put in place by the bank themselves, yes ??
>>
>> Yes, between web browser and web server.
>>
>> [snip]
>>> I have the WEP options I could implement here, 64bit, 128bit and 256bit.
>>> I assume I should use 256bit, if I can, as I assume this would be harder
>>> to work out the key?
>>
>> Yes, although I understand bandwidth suffers more with stronger
>> encryption.
>> I don't know why that is the case (I have a rudimentary knowledge of
>> encryption in general, but know practically nothing about WEP
>> specifically).
>> However, if you are only or mainly using the wireless network to share
>> the
>> Internet connection, any bandwidth reduction should not matter - it
>> should
>> still be (much) greater than the Internet connection bandwidth.
>>
>> [snip]
>>> The reason I asked these questions was because a colleague of mine who
>>> runs a shared access point, told me he doesn't use WEP on his access
>>> point, and that he uses a non-standard IP address on the LAN, (rather
>>> than the more common, 192.168.0.1 etc). He said that whoever was trying
>>> to make a connection would need to know the IP address of his LAN before
>>> they could do anything once connected.
>>
>> If you are able to connect (no problem if there's no encryption and no
>> MAC
>> filtering), you will very easily be able to find out the addresses,
>> whatever
>> they are.
>>
>>> I'm just wondering how much I need to secure my wireless network, and
>>> what the likely chances are of someone trying to get in. Theres no
>>> shared folders or drives on my network, so I assume no-one would be able
>>> to access any drives or files without them being shared?
>>
>> Except via operating system vulnerabilities, yes. Keeping the OS
>> up-to-date
>> and using a firewall are the best defences here.
>>
>>> I access files and folders on the LAN using Remote Administrator, and
>>> never share any drives within windows... Is this the best way to do
>>> things?
>>
>> If you access files over the LAN, you should use encryption. I don't know
>> of
>> any particular security disadvantage to using Windows' file sharing,
>> assuming access is suitably controlled (ie appropriate permissions and
>> passwords) and the OS is up-to-date.
>
> I'm not sure how to password protect access to files and folders in
> WindowsXP, I`ll have to get the help files out : - )
>
> I was recently told that Windows XP has a built in default 'Administrator'
> account, do you know anything about this Alex? I can't find one, but it
> might be there somewhere. If it is, and its a security issue, I would
> like to get rid of it...
>
> The good news is I have discovered that my Access Point and USB wifi
> adapters both support WPA-PSK, so I have set that up WPA instead of WEP.
> It might be less likely to be cracked so easily do you think???
>
> WEP appears to get bad press on secuirty sites, and I hope this is for
> now, more secure than WEP. The only reason I am setting up this network
> is to share an internet connection with my brother who lives in a property
> at the bottom of my garden! But I do know there are people around here
> with wifi gear and also with this property being close to town and on a
> main town route, we have lots of cars passing by all day and night long,
> so mobile hackers might be a slight risk. : - (
>
> Do you think I have made the right move using WPA-PSK? The key I have
> used is just a load of characters split up into word sized chunks that
> mean nothing, so I think the brute force and dictionary attacks would be
> difficult.
>
> Barrie....
>
>> Alex

Further to my last post, I have run NetStumbler on my laptop and it is
saying my network is not secure (well there is no padlock on the
connection), I assume my version of netstumbler is either too old for WPA,
or is can't recognise it. Both sides of my connection tell me that WPA is
enabled.

Barrie

Barrie wrote:
||
|| I was recently told that Windows XP has a built in default
|| 'Administrator' account, do you know anything about this Alex? I
|| can't find one, but it might be there somewhere. If it is, and its
|| a security issue, I would like to get rid of it...

It certainly does have a default administrator account, and no you can't get
rid of it. How you access it depends on your version of XP. In HE you can
only get at it by booting up in Safe Mode. In ro, press Ctl-Alt-Del twice at
the Welcome screen and manually type in "administrator" (without the quotes)
in the User name box. use whatever password you have for the account.


--
Interim Systems and Management Accounting
Gordon Burgess-Parker
Director
www.gbpcomputing.co.uk

"Barrie" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
> "Barrie" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>>
>> "Alex Fraser" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed)...
>>> "Barrie" <(E-Mail Removed)> wrote in message
>>> news:(E-Mail Removed)...
>>>> "Alex Fraser" <(E-Mail Removed)> wrote in message
>>>> news:(E-Mail Removed)...
>>>> > "Barrie" <(E-Mail Removed)> wrote in message
>>>> > news:(E-Mail Removed)...
>>> [snip]
>>>> >> Secondly, if a network is running without WEP (or any other
>>>> >> encryption), is it possible for someone in range of the wireless
>>>> >> signals to watch everything that it going on and be able to see
>>>> >> everything in real time?
>>>> >
>>>> > Yes.
>>>>
>>>> So can I assume that if WEP is enabled, then unless the watcher has the
>>>> WEP key, they cannot watch what is going on?
>>>
>>> At least not unencrypted, until/unless they crack the key.
>>>
>>>> >> ie, if I log into my bank account online, would the watcher be able
>>>> >> to
>>>> >> see everything I see?
>>>> >
>>>> > Not in plaintext, because there is encryption (SSL) at a higher
>>>> > level.
>>>>
>>>> This is the encryption put in place by the bank themselves, yes ??
>>>
>>> Yes, between web browser and web server.
>>>
>>> [snip]
>>>> I have the WEP options I could implement here, 64bit, 128bit and
>>>> 256bit.
>>>> I assume I should use 256bit, if I can, as I assume this would be
>>>> harder
>>>> to work out the key?
>>>
>>> Yes, although I understand bandwidth suffers more with stronger
>>> encryption.
>>> I don't know why that is the case (I have a rudimentary knowledge of
>>> encryption in general, but know practically nothing about WEP
>>> specifically).
>>> However, if you are only or mainly using the wireless network to share
>>> the
>>> Internet connection, any bandwidth reduction should not matter - it
>>> should
>>> still be (much) greater than the Internet connection bandwidth.
>>>
>>> [snip]
>>>> The reason I asked these questions was because a colleague of mine who
>>>> runs a shared access point, told me he doesn't use WEP on his access
>>>> point, and that he uses a non-standard IP address on the LAN, (rather
>>>> than the more common, 192.168.0.1 etc). He said that whoever was
>>>> trying
>>>> to make a connection would need to know the IP address of his LAN
>>>> before
>>>> they could do anything once connected.
>>>
>>> If you are able to connect (no problem if there's no encryption and no
>>> MAC
>>> filtering), you will very easily be able to find out the addresses,
>>> whatever
>>> they are.
>>>
>>>> I'm just wondering how much I need to secure my wireless network, and
>>>> what the likely chances are of someone trying to get in. Theres no
>>>> shared folders or drives on my network, so I assume no-one would be
>>>> able
>>>> to access any drives or files without them being shared?
>>>
>>> Except via operating system vulnerabilities, yes. Keeping the OS
>>> up-to-date
>>> and using a firewall are the best defences here.
>>>
>>>> I access files and folders on the LAN using Remote Administrator, and
>>>> never share any drives within windows... Is this the best way to do
>>>> things?
>>>
>>> If you access files over the LAN, you should use encryption. I don't
>>> know of
>>> any particular security disadvantage to using Windows' file sharing,
>>> assuming access is suitably controlled (ie appropriate permissions and
>>> passwords) and the OS is up-to-date.
>>
>> I'm not sure how to password protect access to files and folders in
>> WindowsXP, I`ll have to get the help files out : - )
>>
>> I was recently told that Windows XP has a built in default
>> 'Administrator' account, do you know anything about this Alex? I can't
>> find one, but it might be there somewhere. If it is, and its a security
>> issue, I would like to get rid of it...
>>
>> The good news is I have discovered that my Access Point and USB wifi
>> adapters both support WPA-PSK, so I have set that up WPA instead of WEP.
>> It might be less likely to be cracked so easily do you think???
>>
>> WEP appears to get bad press on secuirty sites, and I hope this is for
>> now, more secure than WEP. The only reason I am setting up this network
>> is to share an internet connection with my brother who lives in a
>> property at the bottom of my garden! But I do know there are people
>> around here with wifi gear and also with this property being close to
>> town and on a main town route, we have lots of cars passing by all day
>> and night long, so mobile hackers might be a slight risk. : - (
>>
>> Do you think I have made the right move using WPA-PSK? The key I have
>> used is just a load of characters split up into word sized chunks that
>> mean nothing, so I think the brute force and dictionary attacks would be
>> difficult.
>>
>> Barrie....
>>
>>> Alex
>
> Further to my last post, I have run NetStumbler on my laptop and it is
> saying my network is not secure (well there is no padlock on the
> connection), I assume my version of netstumbler is either too old for WPA,
> or is can't recognise it. Both sides of my connection tell me that WPA is
> enabled.
>
> Barrie

Sure enough, the new version of Netstumbler recognises my network as secure
using WPA.
Barrie

Sorry for the separate posts Alex : - (

In article <(E-Mail Removed)>, "Gordon" gordonbp1
@yahoo.co.uk.invalid says...
> Barrie wrote:
> ||
> || I was recently told that Windows XP has a built in default
> || 'Administrator' account, do you know anything about this Alex? I
> || can't find one, but it might be there somewhere. If it is, and its
> || a security issue, I would like to get rid of it...
>
> It certainly does have a default administrator account, and no you can't get
> rid of it.

You can disable it or rename it though.

Rob Morley wrote:
|| In article <(E-Mail Removed)>, "Gordon" gordonbp1
|| @yahoo.co.uk.invalid says...
||| Barrie wrote:
|||||
||||| I was recently told that Windows XP has a built in default
||||| 'Administrator' account, do you know anything about this Alex? I
||||| can't find one, but it might be there somewhere. If it is, and
||||| its a security issue, I would like to get rid of it...
|||
||| It certainly does have a default administrator account, and no you
||| can't get rid of it.
||
|| You can disable it or rename it though.

Why would you want to? It's your EMERGENCY access to your machine. If you
disable it, then when your user login gets corrupted, you're stuffed.

--
Interim Systems and Management Accounting
Gordon Burgess-Parker
Director
www.gbpcomputing.co.uk