Security

[Guest]

yes. the average joe would not see your wifi network on his iGalaxus handheld.

only somebody with the right know-how could sniff it out using special software.

Okay, so then how I would I let devices connect to a hidden network if I for example were to be the owner of it or whatever 

[Sunshine1868]

when you go to add a network, usually there is a "Add Other" option where you type in the SSID (name of network that is hidden) and the authentication method and password

[Sunshine1868]

@Blade of Grass, I think for his purposes (based on the conversation) security through obscurity will be ok. I don't think he's trying to secure a data center or anything...

[Guest]

To clarify what I was saying, they do not make a network more secure. A common misconception is that it makes it more secure, but it doesn't. Security through obfuscation is not real security.

This can be debatable I think, for example if you take something out of someone's view it gets rid of the idea - curiosity killed the cat, but I still do understand and agree that it doesn't really change the fact that breaking in could still be done if the user has the experience of doing so

[Sunshine1868]

This can be debatable I think, for example if you take something out of someone's view it gets rid of the idea - curiosity killed the cat, but I still do understand and agree that it doesn't really change the fact that breaking in could still be done if the user has the experience of doing so

He's saying it isn't real security because it isn't.... its like those fake security cameras. its more of a deterrent. Like I said, your average joe won't try to get in. but the people who know to scan and try to brute-force passwords won't really ever be stopped (except by a big-ass password)

[Guest]

He's saying it isn't real security because it isn't.... its like those fake security cameras. its more of a deterrent. Like I said, your average joe won't try to get in. but the people who know to scan and try to brute-force passwords won't really ever be stopped (except by a big-ass password)

I am planning on securing my data at home, I mean that's just a start but let's say if I were to plan on going into something like a datacenter, where would be a good start? 

[Sunshine1868]

depends on what you mean by "securing"

 

if you want to stop people getting in, don't have any ports open and set your router to not reply to pings. Also change your router's default username/password

[Guest]

depends on what you mean by "securing"

 

if you want to stop people getting in, don't have any ports open and set your router to not reply to pings. Also change your router's default username/password

what is a port? and are ping settings easy to change? Would you need a separate router from the rest of the connections in this case?

[Sunshine1868]

a port is like a channel that traffic flows through. certain types of traffic flow on different channels

if you close them, (which they should all be closed by default) outside traffic cannot flow into your LAN. perfect, done.

 

pings are just computers saying "hey!" to another computer and the other computer replying.

 

like I said. Change your router's default username and password right away. make a strong WiFi password. Hide your network.

 

No offense, but judging by this conversation, this is all you need.

however, if you have other things in mind (hosting a server of some kind) then there are other steps to take, and I will be happy to assist in those.

[Guest]

a port is like a channel that traffic flows through. certain types of traffic flow on different channels

if you close them, (which they should all be closed by default) outside traffic cannot flow into your LAN. perfect, done.

 

pings are just computers saying "hey!" to another computer and the other computer replying.

 

like I said. Change your router's default username and password right away. make a strong WiFi password. Hide your network.

 

No offense, but judging by this conversation, this is all you need.

however, if you have other things in mind (hosting a server of some kind) then there are other steps to take, and I will be happy to assist in those.

I have one in mind, I'll take it to PM 

[Sunshine1868]

@Yames, sounds good, I'm here all day.

[Guest]

I would mark solved for a lot of people on this thread, but because that's not how it works, I'll just mark as solved so people can skip over it and go to other people's topics that they need help with. Thank you everyone! 

[Security]

@Security maybe?

 

You rang?

[leadeater]

@Yames Just like to add some input in to this topic for you as well, some of it has already been said by others too.

 

System Security, Network Security and even Wireless Security are all different specialist fields within IT. There is crossover between them, particularly between network and wireless. You should become well versed in the basics of all of them before specialising in one area, this is very important. However for home networks etc the basics is all you will really need.

 

I would strongly advise starting with learning the fundamentals of networking as this is the foundation of everything. A course such as CCNA is lowest I would recommend before I would say someone has a good grasp on proper networking. Also make sure you actually truly understand the material in CCNA and can apply it in practice, I have meet too many people with the certification that know hardly anything about networking let alone what was in the course. You don't have to sit the exam if you don't want to or want to pay for it, the material alone is good enough. Do sit it if you want to enter a networking career.

 

Decent wireless security requires a wireless controller. This can be as simple as open source software all the way through to hardware devices from the likes of Aruba, Ruckus and Cisco. Ubiquiti is probably the cheapest business grade solution. 

 

A wireless controller is used for access point management and configuration, authentication, authorisation and firewalling. You can configure things like guest access with captive portal which mark sure they are on the correct VLAN and IP range, important for the network firewall. Good controllers will give you information on how many devices are connected, signal quality, device type etc and will blacklist anyone trying to brute force their way on to the wireless or once in around any security/firewall rules.