Do I actually need wireless security?

[dreamshark]

I keep reading various dire warnings about how dreadful it is that nobody secures their wireless networks, and I have wondered if it actually matters. I don't care if my neighbors use my network to get to the Internet. Is there an actual security threat to leaving a wireless network unsecured, other than poachers using up your bandwidth? If so, what is it?

Comments

[barondave.livejournal.com]

As B mentioned a while back, there's a danger that your router could be taken over and used for DoS attacks and/or made useless by a change in pw. You should at least change the default admin pw.

As far as security, I'm no expert, but I've turned mine off. It's not so much the poaching I mind (though it would bug me) but the possibility that someone would do something bad and it would be traced to my ip. Probably a minor worry, but I still err on the side of caution.

[dreamshark.livejournal.com]

"As far as security, I'm no expert, but I've turned mine off."

You've turned your WHAT off? Your expert?

[barondave.livejournal.com]

Turned off my wireless network. In theory, I could have two: The airport card on the Mac or through the router. Neither is active, and both are very off (turned off in several ways).

I'm mildly curious to see which networks I have access to, if I turn on the wireless aspect, but less so than it would take to get me to do it.

[joelrosenberg.livejournal.com]

Well, among others there's:

1. The stuff on your own machines being available to anybody with the skills and interests to look at it, including -- in more than theory -- your online transactions; banking, say. (The key transactions themselves are encrypted, but a keystroke logger could capture your credit card information, passwords, etc.)

2. Your bandwidth being used for the distribution of, err, naughty bits of various sorts, via an (unlikely) evil neighbor wanting to use it for such or a (much more common) compromised neibhbor's computer. There's all sorts of reasons why you wouldn't want a DDOS attack going out from your IP address or pictures of various things in which you aren't interested.

Given that reasonable security on a wireless network is pretty easy, I don't see a lot of reason to trust your neighbors to have computers free of various malware that might take advantage of your open network; YMMV.

[dreamshark.livejournal.com]

"Given that reasonable security on a wireless network is pretty easy..."

I can see how to set up various security options from the wireless router, but it isn't immediately obvious to me what one has to do on the computer client.

It kinda looks like WEP (the only immediately obvious option on the client computers) requires typing as many as four cryptic key strings into the client computer. I hope you only have to do that once, not every time you connect. Assuming you only have to do that once, it's not too hard to do that for the two computers in my household that would be using the wireless. However, it's a big pain in the neck for guests with laptops that would like to use the wireless network to check email and such.

People talk about using choosing passwords for wireless security. Where can you use a password? I just see these long ungainly keys.

[minnehaha.livejournal.com]

I keep an open wireless network at home. And -- oddly enough -- I am writing an article on this right now; it will be published next week.

B

[nancymcc.livejournal.com]

Martin has set up our home wireless network so that
(a) the bandwidth is shareable
(b) the computers (and drives) are invisible to the wireless (they're only on the Ethernet LAN)

He did this because we rarely get a houseguest who doesn't have a laptop and a compulsion to check email, etc, frequently. And if our neighbors (who are farther from our house than your neighbors are from yours) want to use some, OK.

I expect it's pretty secure, since he's a Schneier fan and did an elaborate security analysis when he set up a file server for the two of us to share.

I can find out more from him about How, if you wish.

[nancymcc.livejournal.com]

Also, I'm pretty sure that, in this scenario, baddies can't "send" using your wireless without having their own computer in physical range. Most DDOS attacks are made by taking over YOUR computer (which I've just said is prevented).

[laurel]

I think it's a cool thing when people leave their wireless open so people can use it.

But one should still take some precautions: change the default password on the router, change the name of the router (you wouldn't want to be "linksys" or something dumb like that anyway), set up the firewalls on your computers if you haven't already (safest thing is to make it so your systems themselves are invisible, that's usually do-able in firewall or network config).

And if you notice you aren't getting the kind of bandwidth you like, you might want to password protect your network after all, but otherwise I see no reason to keep it closed.

[dreamshark.livejournal.com]

Well, I changed the default password on my wireless router, but I think the router name is something like "Netgear." Why does it matter what the router name is?

Not sure what you mean by firewalling to make your systems invisible. My primary computer (the only one with potentially sensitive information on it) is on Ethernet only and its real IP address is hidden behind NAT on the DSL router. Is that what you mean by "invisible?" I think that's probably what Nancy meant.

Thanks for the alternative viewpoint on this issue, btw.

[minnehaha.livejournal.com]

I keep my wireless network open.

B