ad: k1jek

I have wireless internet at home. How can I tell how secure the encryption is?

Discussion in 'Computers, Hardware, and Operating Systems' started by WA3LKN, Jun 16, 2019.

ad: L-HROutlet
ad: l-rl
ad: L-MFJ
ad: Left-3
ad: MessiPaoloni-1
ad: Subscribe
ad: Left-2
  1. WA3LKN

    WA3LKN Ham Member QRZ Page

    Question please:

    I live in a fiberoptic neighborhood for phone, internet and TV all supplied by ATT and have one of the off-the-shelf Pace 5268AC 'gateway' routers supplied by them.

    It was installed by 'the guy' from ATT when I moved in recently.

    How do I determine what kind of internet encryption I have and if it's adequate. I'm aware there's WPA2 which is the most secure consumer encryption for general use and older WPA and WEP versions that are more vulnerable.
     
  2. KV6O

    KV6O Ham Member QRZ Page

    There are really 2 main ways to do this. Check the router/access point that was installed, or check the client that is connecting. I have no idea the hardware they left you, but hopefully they gave you the address of the router with login info. If you login, hopefully you can see the status of the WiFi access point and what it's set to. Or, from a client machine, check to see how you are connected. On the Mac I am currently using, I can click on the WiFi symbol at the top and select "Open Network Preferences" and from there I can click "Advanced" and see the preferred networks and their security.

    You milage may vary...
     
  3. W6TAB

    W6TAB Premium Subscriber QRZ Page

    KB0MNM likes this.
  4. WF7A

    WF7A Subscriber QRZ Page

    Also, disable the SSID beacon for added security--the beacon broadcasts the name/ID of your wireless router, giving bad guys a leg-up on targeting your router for hacking.

    When you have guests over, you can either turn it on so their devices can "see" your and router, or have them manually enter the router's login credentials so they can get in.
     
    KA9JLM likes this.
  5. KB0MNM

    KB0MNM Ham Member QRZ Page

    FYI- A T & T has recently been trying to upgrade their authentication of users of e-mail ( through Yahoo or not ). If you check your billing account messages, you are not in e-mail and will find information about the use of either OAuth or Outlook. While both are licensed products, you may wish to consider this: OAuth is in two versions and has had some security concerns ( you should check this statement for yourself, because the situation may be improved by now )- and requires a GNU/GPL type of license ( yet no money per se for non-commercial use ). Outlook is in the Office 2016 which can be purchased on a one-time basis, or for max dinero ( lotsa bucks ) as an Office 2019 component. Fastopen and Atlantic may be able to sell you the Outlook products, if you can not find them through a Microsoft store. Online Microsoft seems to favor the 2019 Office. Ignore my byline below, because I moved into an area where Comcast ( Xfinity ) is unavailable. The new suffix for my mail is @att.net. If you also get cellular service through A T & T, be aware that they have been working on some of their towers ( maybe a FirstNet rollout? ).
     
  6. KT1F

    KT1F Ham Member QRZ Page

    According to general opinion if you search around, that's pretty much a futile effort and not worth the inconvenience. In some cases it can even make it less secure.

    https://lifehacker.com/is-hiding-your-wireless-ssid-really-more-secure-5636856

    https://www.pcworld.com/article/2052158/5-wi-fi-security-myths-you-must-abandon-now.html

    https://docs.microsoft.com/en-us/previous-versions/tn-archive/bb726942(v=technet.10)
     
    Last edited: Jun 17, 2019
    KA2CZU and N0TZU like this.
  7. K6CLS

    K6CLS Ham Member QRZ Page

    oh sheesh, that is an old one, does not help at all. Airspy and wireshark, done!

    to WA3LKN,

    We have one of those. That router is great piece of gear. It only does WPA2, AT&T configured everything correctly out of the box. The wifi radios work really well. No worries. Enjoy it.

    By the way, "Internet security" is a complex topic. WPA2 only provides security on the air, the content may be in plain text. Web security is called TLS, and the little lock con in tthe address bar of the browser shows a secure connection. For other Internet services, security may be provided by TLS/SSL or something else, say IPSec..
     
    N0TZU likes this.
  8. WB5UAA

    WB5UAA Ham Member QRZ Page

    There are several levels of encryption used on the internet today.

    The most common "end to end" encryption is "HTTPS://..." in your web browser address. And there are actually dozens of encryption algorithms that could be used as decided by the handshaking between your client and the server you're connecting to. Some are more secure than others. A couple are totally useless.

    As for your wireless security, if you're not using WPA2, you're might as well not be using any encryption at all. And there are currently two encryption algorithms that could be used within WPA2. AES is more secure than TKIP. Your older devices may not be compatible with AES.

    Disabling your SSID keeps honest people honest.

    Aside from your most secure wireless settings, don't forget about your wired security settings. Most important is make sure there are no holes in your firewall.

    I checked my firewall log a few days ago, imported it to a spreadsheet, sorted and counted 187 specific attacks in the last 7 days.

    Just check now and I was hit by 136.243.60.85 (Falkenstein or Sachsen Germany) with an RST scan just moments ago.

    Make sure everything initiated from the outside is BLOCKED. Except, of course, if you have a security camera, dark web site, file server or something else you want to provide access to anyone in the world.

    Most residential routers can be accessed from inside your LAN with a web browser pointed to 10.0.0.1 or 192.168.0.1 or 192.168.1.1. Login: "admin" followed by the password you *hopefully* changed. And if you really want to secure it a bit more, change the default login.
     
  9. WF7A

    WF7A Subscriber QRZ Page

  10. WA3LKN

    WA3LKN Ham Member QRZ Page

    Thanks very much for all the info, gents. I think I'm safe!
     

Share This Page