If you use nothing but MAC filtering and disabling SSID broadcast as your "security" then they may actually add a VERY tiny amount of security to your network - similar to closing the door to your house but not actually locking it, and just putting a note on the door that says "This door isn't locked, but please don't come in anyway." People who are honest will see that the door is closed and move on. Dishonest people will merely push on the door and get right in.
Changing the IP address scope is not a security measure in any way at all. It merely allows you to use a different address range if needed, which can be useful in some situations but really isn't necessary all that often.
Disabling uPNP can be a good idea to help block some malware from calling home and downloading additional components to your computer.
WPA2 with a strong password (not just long, but mixed characters and no words that can be found in a dictionary) is the best security most people can get for their wireless network. Adding MAC filtering and SSID broadcast to WPA2 is like locking every window and door to your house (WPA2) then putting a note on the door that says "Attention intruders! You should try to break in here. I don't really know what I'm doing so you just might get lucky and find that I have weak locks (weak WPA2 password)."
Surely there are better threads where trolling is a better fit than in technical forums, but lesson learned, don't ask a fucking question here for the trolls sitting under the bridge just looking for something to criticize.
Surely there are better threads where trolling is a better fit than in technical forums, but lesson learned, don't ask a fucking question here for the trolls sitting under the bridge just looking for something to criticize.
I guess I understand the issue of non-broadcasting SSID as per MS:
http://technet.microsoft.com/en-us/library/bb726942.aspx
and other sites, but I chose not to broadcast my SSID anyway, since I've never had an issue with it, and really, I do it because I don't want the neighbors to have my NW info. Keeps the mystery alive.
As for client issues, am I correct in assuming that the problems being referred to are that some devices (such as Kindle, printers and others) will not connect to a wireless NW without a broadcasting SSID? What other problems could arise? Security is mentioned, but my impression is that any security issues of non-broadcasting are minimal? And I've been non-broadcasting for years without incident (sans Kindle, which took about 2 mins to figure out)
Also, as far as MAC filtering, I filter simply to keep my network 'clean'. Only certain devices allowed. I know that MAC addresses are simple to obtain and spoof, but again, I dont really do this for the hackers.
Add to that that Linksys recommends using MAC filtering and disabling SSID broadcasting, and it all becomes a bit muddied.
For the hackers, I have a wireless AP that isn't plugged into my wired NW 90% of the time, uses WPA2 AES and a 63 character randomly generated passphrase with special characters (and a long admin pw to boot).
So, how does MAC filtering and a non-broadcasting SSID make my wireless less secure, given the above? Not about who is right or wrong, just informational dialog.
Here's a little more reading about why not broadcasting your SSID does nothing for you: http://blogs.technet.com/b/steriley/archive/2007/10/16/myth-vs-reality-wireless-ssids.aspx
The SSID and any MAC addresses connected to an AP are out there in the air to be sniffed. I can sniff your SSID, and I can sniff and then spoof a MAC address that you allow to connect to your AP.
These are not security features on a wireless network.
Thanks for the link. They're down for maintenance ATM, but I'll check it out later.
I know that neither are security features, but I've never experienced any 'harm' from non-broadcasting nor MAC filtering. Of course, there are those who might connect a new device that requires a broadcasting SSID, but that's not really an issue here.
However, here is an excerpt from the earlier posted MS article on Non broadcasting SSIDs:
http://technet.microsoft.com/en-us/library/bb726942.aspx
Therefore, using non-broadcast networks compromises the privacy of the wireless network configuration of a Windows XP or Windows Server 2003-based wireless client because it is periodically disclosing its set of preferred non-broadcast wireless networks. When non-broadcast networks are used to hide a vulnerable wireless networksuch as one that uses open authentication and Wired Equivalent Privacya Windows XP or Windows Server 2003-based wireless client can inadvertently aid malicious users, who can detect the wireless network SSID from the wireless client that is attempting to connect. Software that can be downloaded for free from the Internet leverages these information disclosures and targets non-broadcast networks.
Anyone have any thoughts on the risk factor there? Again, I understand that my security comes from WPA2/AES and a seriously strong passphrase. I like not broadcasting my SSID to those in the neighborhood. This is really a conversation about the mentions of risk.
I'm truly sorry that your dog/hamster/ant farm/pet rock died and put you in such a bad mood
He's just upset that he feels dumb for thinking that MAC filtering and disabling SSID broadcast actually improves security.
Naw there ain't no trolls here, just a bunch of jerks who chose to ignore that I specified I was running WPA2/AES with a strong passphrase, cause no one is allow to post a damn thing without a flock of jerk offs picking apart.Dude's whining about a modded consumer-grade wireless router exhibiting strange behavior...
Naw there ain't no trolls here, just a bunch of jerks who chose to ignore that I specified I was running WPA2/AES with a strong passphrase, cause no one is allow to post a damn thing without a flock of jerk offs picking apart.
My SSID is still not broadcasting, uPNP is still disabled, and MAC filtering is still enabled, in addition to WPA2 encryption so bite me............
OMG he's not broadcasting his SSID, lets make a big fucking deal about it..................... loons and loosers mating call?
Naw there ain't no trolls here, just a bunch of jerks who chose to ignore that I specified I was running WPA2/AES with a strong passphrase, cause no one is allow to post a damn thing without a flock of jerk offs picking apart.
My SSID is still not broadcasting, uPNP is still disabled, and MAC filtering is still enabled, in addition to WPA2 encryption so bite me............
OMG he's not broadcasting his SSID, lets make a big fucking deal about it..................... loons and loosers mating call?