How secure is Wireless Networking?

SPD, WEP had two forms of authentication: open and shared.  while open authentication is considered more secure, it will allow you to "connect" to the network without the WEP key -- you should not however be getting an IP address and should not be able to get on the net (or network) for instance.

Any wireless network with WPA-PSK encryption can be considered secure.  WPA2 is an added bonus.  This is really all the security you need -- just remember, that it is based on passphrase strength.  Most people recommend that you pick a passphrase made of numbers, upper, and lowercase letters over 20 characters long to protect yourself from reverse dictionary based attacks.

Hiding your SSID, MAC filtering, and reducing transmit power should not be considered valid security measures.  WEP encyption provides a measure of security but has severe vulnerabilities that allow it to be easily hacked -- although newer WEP capable devices should mitigate this risk somewhat.  If you deploying a new network though, don't settle for anything less than WPA.

I am able to connect to the Internet, but I am not "on" the neighbor's Network as far as I know.

It is listed as "Unsecured Wireless Network" and I have it set to automatically connect when available, or I just click on it and it connects (when available).

The other wireless networks that show up from time-to-time are "Security-Enabled Wireless Networks".  They will sometimes automatically connect (my settings), but I can click on them and the page comes up about 'requires network key, WEP/WAP...type network key to connect'.  The Network Key field is blank and I leave it that way; the Confirm Network Key is grayed out.  I am able to get on the Internet via these 'security-enabled' networks as well. 

I am NOT on my own Home Network at this time as my gateway does not support wireless (just Phoneline and Ethernet). 

I know it is, but I didn't think getting a wireless signal (because someone doesn't have their network secured) was the same as "hacking" into their computer/network. I thought what I am receiving is like "hotspots"?  Can you please explain?

That's why I'm worried about going wireless myself--I don't want someone using my signal from my network, then possibly hacking into my computer(s).  My anti-virus does detect wireless intruders, but does not show any at present as my own network is not yet wireless.

Thanks, I'll make sure I use WPA when I get my network's wireless connection.  2Wire (old and new router coming) told me to use a 26-number/letter password using only 0-9 and A-F, and I'm going to change the new router to 128-bit encryption.  They also said I could disable SSID and change the network name, or even make it stealth (like my wired network).  You wouldn't believe some of the wireless network "names" I've been seeing.

Is WEP 64-bit, and WPA 128-bit?

What is the difference legally when you are connecting to a "hot spot"?

Thanks for all the help with this; I really want to learn so I'm not giving away my connection and my information. :smileywink:

WEP comes in a variety of levels -- 64bit, 128 bit, etc.  The higher the number, the more secure.  Unfortunately, WEP has some vulnerabilities that make it easy to break into (you can google it if you want the details on what specifically is wrong with it).  Given that programs now exist that claim they can crack a WEP key in under 5 minutes, this isn't the best solution.

WPA fixes the vulnerabilities of WEP ... I believe that WPA is 128 bit as well.

As for other "security" measures, such as hiding your SSID, changing its name, or MAC filtering, they are all utterly worthless.  Well, changing your SSID name is good to distinguish it from your neighbors, but it's useless for security ;-)   All such measures take about 5 seconds to work around -- and if you're using WPA, they are not needed.  If anyone can crack WPA, they won't even blink at something like masking your SSID -- and masking your SSID can create connectivity problems, especially when your neighbors are broadcasting theirs.

As for legal issues, a hotspot (say a coffee shop) generally has a policy that allows you to connect.  If you don't have their permission, it would be equally illegal ...

Thanks for all that info!  The more I'm thinking about it security-wise, I may just be better off keeping my wired (Ethernet/Phoneline) network, and just using the new router for wireless...bridging it to my old router. 

If I did that, wouldn't that be more secure as only my laptop would be possibly vulnerable?

I checked out the site you recommended and will read more--a little scary to me! 

I appreciate your patience with a wireless-newbie's questions.  :smileyhappy:

Message Edited by spddemun on 10-02-2005 04:46 PM

No, not yet, as I've been trying to decide which way to go.  The wireless adapter has already been ordered, so I was going to see how it worked that way.  Might be too late to cancel order. 

I don't want to be without my Internet over the weekend with no tech support available.  :smileysad:

I'm not clear on how to disconnect the old router and not lose all my current settings, and being able to "look directly at other computer's files" from my main host...although new 9100 is not letting me do that now.

Another problem is I don't want SBC's Yahoo portal on any of my machines, so I am trying to bypass it and just get the drivers I need for the new 2Wire gateway, but everything is on one CD now.