Routers and security

I have a 6 year old Dell TM 2300 wireless router. I have enabled the
feature which only allows nominated MAC addresses to connect.

Am I right in thinking that given this, the WEP/WMA protection is
pretty much irrelevant? I know MAC addresses can be spoofed, though
someone would have to now what address to spoof...

tolgan writes:
> I have a 6 year old Dell TM 2300 wireless router. I have enabled the
> feature which only allows nominated MAC addresses to connect.
>
> Am I right in thinking that given this, the WEP/WMA protection is
> pretty much irrelevant? I know MAC addresses can be spoofed, though
> someone would have to now what address to spoof...

MAC addresses are always sent in plaintext over the air, regardless of
whether any encryption is enabled - devices need to know whether packets
are intended for them so that they know whether to bother trying to
decrypt them. It's very simple to view active MACs on *any* wifi
network.

WPA with a non-dictionary passphrase is essential.
WEP-only routers must be thrown away, unless you're using encryption on
a different layer via another device or a VPN, which 99.99% of home
users won't be.

On Sat, 20 Mar 2010 20:28:46 +0000
tolgan <(E-Mail Removed)> wrote:

> I have a 6 year old Dell TM 2300 wireless router. I have enabled the
> feature which only allows nominated MAC addresses to connect.
>
> Am I right in thinking that given this, the WEP/WMA protection is
> pretty much irrelevant? I know MAC addresses can be spoofed, though
> someone would have to now what address to spoof...

And it's easily found by sniffing packets. If you want any sort of
security you really need to use encryption, and WEP is just too easy to
crack.

Sam/Rob - thanks for the info, glad I asked! Better get shopping
then...


Do you have any particular recommendations or know of any good
comparison sites? I connect via an NTL cable modem, and have a couple
of wired desktops and a couple of wireless laptops - at least one of
which supports the new "n" standard.

From a quick surf these look like some obvious choices at around 50
quid:

Linksys WRT120N

Netgear WNR2000 Wireless-N

Belkin N150 Enhanced

Belkin F5D8235uk4 with usb (might be useful for a shared disk?)

Regards

On Sun, 21 Mar 2010 11:57:23 +0000
tolgan <(E-Mail Removed)> wrote:

> Sam/Rob - thanks for the info, glad I asked! Better get shopping
> then...
>
>
> Do you have any particular recommendations

From what I read of the TM 2300 specs it supports WPA anyway, probably
just needs a firmware upgrade if the option isn't there at the moment.
Otherwise you could use some third-party firmware like dd-wrt.

On Sun, 21 Mar 2010 12:28:12 +0000, Rob Morley <(E-Mail Removed)>
wrote:

>On Sun, 21 Mar 2010 11:57:23 +0000
>tolgan <(E-Mail Removed)> wrote:
>
>> Sam/Rob - thanks for the info, glad I asked! Better get shopping
>> then...
>>
>>
>> Do you have any particular recommendations
>
>From what I read of the TM 2300 specs it supports WPA anyway, probably
>just needs a firmware upgrade if the option isn't there at the moment.
>Otherwise you could use some third-party firmware like dd-wrt.

I was half thinking about upgrading in the not too distant anyway, to
upgrade to the "n" standard and maybe get a better range.

If I stay with the Dell a while longer, is WPA vs WPA2 an issue? (2300
is WPA only I think?)

On Sun, 21 Mar 2010 13:52:45 +0000
tolgan <(E-Mail Removed)> wrote:

> On Sun, 21 Mar 2010 12:28:12 +0000, Rob Morley <(E-Mail Removed)>
> wrote:
>
> >On Sun, 21 Mar 2010 11:57:23 +0000
> >tolgan <(E-Mail Removed)> wrote:
> >
> >> Sam/Rob - thanks for the info, glad I asked! Better get shopping
> >> then...
> >>
> >>
> >> Do you have any particular recommendations
> >
> >From what I read of the TM 2300 specs it supports WPA anyway,
> >probably just needs a firmware upgrade if the option isn't there at
> >the moment. Otherwise you could use some third-party firmware like
> >dd-wrt.
>
> I was half thinking about upgrading in the not too distant anyway, to
> upgrade to the "n" standard and maybe get a better range.
>
> If I stay with the Dell a while longer, is WPA vs WPA2 an issue? (2300
> is WPA only I think?)

WPA is a firmware kludge to get around the WEP vulnerability (and
is a significant improvement), WPA2 with AES is harder.
I wouldn't be too bothered about the difference between TKIP and AES,
but if you're going to upgrade anyway ...

Thanks all for advice.