Computers - Wireless security question.

[imoldernu]

I should know the answer, but I don't.

Here's the situation. Comcast signal to wireless Motorola modem, wired to Vonage modem, and then to wireless Motorola router.

My computers are connected either wired or wireless to the router, which is WPA2 protected.

The wireless signal from the Motorola Modem, is not encrypted. I don't care if my neighbors use the signal since they only use it for occasional emails.

I have changed the Admin password on the router. I realize that a hacker with a spin program might be able to get through to my router, but other than that... (not likely to happen in a gated community) am I at risk?

[target2019]

Why not protect the wireless modem? If it's to give free service, you're breaking the terms of service. How much risk for breaking in to your other router? Can't quantify,but it is foolish, in my opinion.

[glippy]

Quote:

If it's to give free service, you're breaking the terms of service.

Not every TOS, depends on his ISP.

I think it's being a good neighbor to share your wireless. You could encrypt it and just give the password to the neighbors you trust.

Living your whole life in fear of the absolute worst case, highly unlikely scenario is what seems foolish to me. Sure, you can point to a few news stories of people conducting illegal activity on open wireless networks that leads to problems for the network owner, but compare the handful of those stories to the probably tens of millions of unencrypted wireless networks that are available. Using your judgment and being generous and trusting seems to more often lead to positive outcomes than negative ones over the long-term.

[bltkmt]

I wonder this too. I hate putting an encrypted password on my wifi router as I then have to do the same on the multitude of wireless devices in my house. My solution was to leave it unprotected, but instead "hide" it by not having the SSID broadcast. But I like your (non) solution even better and am curious what the REAL risks are in a neighborhood where you know the people in wifi distance.

[target2019]

I was referring to his ISP.

[target2019]

Quote:

Originally Posted by bltkmt I wonder this too. I hate putting an encrypted password on my wifi router as I then have to do the same on the multitude of wireless devices in my house. My solution was to leave it unprotected, but instead "hide" it by not having the SSID broadcast. But I like your (non) solution even better and am curious what the REAL risks are in a neighborhood where you know the people in wifi distance.

Hiding the SSID works when the intruder OS plays nice, and ignores your hidden device. However, the neighborhood or drive-by thief has readily-available tools that display your 'hidden' router.

[MichaelB]

Quote:

Originally Posted by target2019 Hiding the SSID works when the intruder OS plays nice, and ignores your hidden device. However, the neighborhood or drive-by thief has readily-available tools that display your 'hidden' router.

Exactly. So does the neighborhood high school kid geek, and he or she may be the bigger threat. We keep our computers and network secure not only to protect our information and assets but also to impede hackers from using it to assault others. Is this a great risk? No, but neither is the effort to keep the network secure.

[target2019]

Quote:

Originally Posted by MichaelB Exactly. So does the neighborhood high school kid geek, and he or she may be the bigger threat. We keep our computers and network secure not only to protect our information and assets but also to impede hackers from using it to assault others. Is this a great risk? No, but neither is the effort to keep the network secure.

I believe the risk is greater than commonly believed. For instance, where I live the local high-schoolers may be in the Cisco network 2-year track. In 2000 or so the neighborhood boys had to park in front of my house to get good enough wireless-by signal. Now that technology has advanced, I see more than 20 networks from my home. How many of those have a geek on the other side looking back at me?

[MichaelB]

Quote:

Originally Posted by target2019 I believe the risk is greater than commonly believed. For instance, where I live the local high-schoolers may be in the Cisco network 2-year track. In 2000 or so the neighborhood boys had to park in front of my house to get good enough wireless-by signal. Now that technology has advanced, I see more than 20 networks from my home. How many of those have a geek on the other side looking back at me?

Looking at you and feeling mischievous.

Why not use the security features? There is no out of pocket cost. When we buy insurance it is not because we feel unsafe, it is because the cost of a loss is too great a burden. Why is this different?

[steelyman]

My router only accepts connections from specific MAC addresses, which I enter (yes, a hassle).

[imoldernu]

There's a little bit more to my question, and the reason why I've left the modem unprotected.
Am a little bit geeky and teach computers both at our clubhouse, and often at my home. Also, my sons and grandsons enjoy "playing computers" when they visit, using laptops or tablets. I realize that I can use protection, but this means more aggravation for everyone... Have checked the access from outside our gated community, and the signal doesn't reach that far.
My basic question involves how, and whether... a hacker has any easy way to access the computers on the protected router.

I couldn't find a definitive explanation on the tech sites... though they point out that a savvy hacker could guess the default user name and password of the router. I've changed these.

As to TOS violations... I can find nothing in my ISP contract that requires me to secure my access, although they do provide means to protect. I have never offered access or been paid by anyone to use my connection.

Thanks to all for the input... I consider my self warned... As they say, "You can't fix stupid".

[rbmrtn]

I wasn't sure if you were trying to protect your wireless access, your LAN or your router.

You may have more devices than you need connected together. I think the vonage device can also function as a wireless router as well as providing VOIP, so you could probably eliminate the extra witreless router.

The router/firewall protects your LAN by not exposing it to the internet directly. So it's generally safe as long as you don't have open ports exposed to the internet. Most people don't need that unless you have some specific application that needs it like a web server. You can further protect the router by turning of administrator access from the internet.

You can use the port scanner at gibson research to test your compter on the lan for open ports.

https://www.grc.com/x/ne.dll?bh0bkyd2

Your cable modem of couse is exposed to the internet, nothing you can do about that. It has to be to have internet access. You could use the wireless on the cable modem as a guest access and use the wireless on the router for your internal secure use.

[imoldernu]

Quote:

Your cable modem of couse is exposed to the internet, nothing you can do about that. It has to be to have internet access. You could use the wireless on the cable modem as a guest access and use the wireless on the router for your internal secure use.

Thanks... I kinda figured that, but couldn't find anything that talked about the subject. I feel better. That IS the way I'm set up. The router is used for both wired and wireless access (4 computers)

And special thanks for the security check... I feel better now, seeing everything come up green, with no leaks, after doing all of the tests.