Security risks for wireless broadband?

[yogart]

What are the security risks for using IPS Wireless Broadband like AT&T or Criket? Are they more vonderalble than wired line IPS (At&t wireleess broadband vs AT&T wired line broadband?

[redwudz]

If you set up proper security, just about any wireless connection is reasonably safe. For home wireless access I use WPA-2 personal with AES encryption on my wireless router and I'm not worried. You can also enable MAC filtering on your router where only your PC can receive the WiFi broadcast from the router.

If you are planning on doing financial transactions, you really need security. Banks and other financial transactions usually use HTTPS, where all info is encrypted both ways. Fairly safe, but you wouldn't want to do those type of transactions on a borrowed computer at a internet café where you have no idea what might have been installed on that computer. If it's your own PC, then not a big problem.

I use a good anti-virus program, Avast usually, and a firewall program. I use Comodo free for a firewall. With similar to that and some common sense, wireless can be very secure.

[yogart]

What a about IPS wireless network broadband (not a home wirless network) like AT&T or Cricket? The get a wireless modem to connect to there wireless IPS network. It like there regular IPS service but wireless. What are the security risks?

[redwudz]

Not really familiar with IPS, but one of my ISPs transmits a WiFi signal to an reciever on my roof from about half a mile away and I don't know that anyone has hacked that yet. The other ISP uses a microwave system from about three miles away with a very tight beam. If anyone intercepts it I would probably lose my signal too. Both systems use encryption that is decrpyted/encrypted at the receiver, then fed to my routers via Cat5e cable.

Probably any system can be hacked, but that's what HTTPS encyption is for. Most all financial institutions use that for transactions over the net.

And even if someone were to intercept the transmitted signal, they still would be unlikely to get access to your system or files. It's probably a lot safer than your WiFi router encryption, where all you need is the password, which is usually very simple. 'password' itself is one of the most common ones.

Here's a few tips for WiFi security: http://compnetworking.about.com/od/wirelesssecurity/tp/wifisecurity.htm

[yogart]

So if I get a gateway has wpa-2 an d mac filterling, how do you get AES? Does AES come with certain wireless routers?

[redwudz]

AES encryption should be available on most any wireless router. Just select it and use a secure password. When you identify your router on your computer wireless list, it will ask you the password when you try to access it. Type it in and then you are set up.

MAC filtering lets your router communicate with only your PC, or ones you approve, using their MAC address for ID. (The fixed address of the LAN adapter on your computer.) It's set up on the router.

[yogart]

so AES is separate from WPA-2?

[redwudz]

My wireless router gives me the choice between AES (Advanced Encryption Standard) and TKIP (Temporal Key Integrity Protocol) encryption when using WPA2-Personal protocol.

Many versions of both and I've no idea which ones my router uses. I believe AES is the more secure option as that's what the US government routinely uses. Use of a more secure key would lower the risk also. Using a long network security key with most all available characters makes it much more secure.

[mh2360]

Using a long network security key with most all available characters makes it much more secure.

This is true.

Here is a calculator which demonstrates that the longer the password is, the less chance someone has of cracking your password with a brute force attack.

With 500,000 attempts per second, a simple 5 character password could be cracked in 5 hours, compared to 4274902 years for a password with 10 ASCII characters.

Wireless hacking software probably doesn't operate at 500,000 attempts per second, so even a 5 character password would be relatively safe with WPA, but still, the longer the better.

[Nelson37]

There is much more to this.

If you really want transactions to be secure, NOBODY but NOBODY sits at that PC and uses that password but you. Not the kids, not the girlfriend, brother, wife, sister, N O B O D Y. Otherwise, your password will be on Post-it notes in plain view for any visitor, and your "ridiculously long" password will be a topic of discussion with dozens of strangers. If you find anyone else has it, change it immediately.

After you enter it once, there should not be a need for anyone else to know it. Make sure the characters are hidden. If you ever need to enter it again, you do it personally. If there is anyone else in the room, change it again after they leave.

Change your password on a regular basis. 30 days is too long. Upper and lower case, letters and numbers, no names, dates, nothing connected to you. A good password is very hard to memorize. If it is easy to remember and/or follows a formula, it is a bad password.

Never use a debit card, unless it is connected only to a low-balance account. A secured credit card with a low limit is preferrable.

Humans and/or written information is much more likely to be "hacked" than your computer itself.

[yogart]

It appears the WPA-2 has AES and CCMP built in to it, so I don't have to add it. Is that correct? Is that what the below paragraph is saying??????

See: http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access

WPA2
Main article: IEEE 802.11i-2004
WPA2 has replaced WPA; WPA2 requires testing and certification by the Wi-Fi Alliance. WPA2 implements the mandatory elements of 802.11i. In particular, it introduces a new AES-based algorithm, CCMP, which is considered fully secure. Certification began in September, 2004; from March 13, 2006, WPA2 certification is mandatory for all new devices to bear the Wi-Fi trademark.[4]