[Record10ti]

Just moved in...but anyways. Many of my neighbors have said that their WiFi does not work sometimes, then it will, then it wont. Heck, I had a neighbor who's garage door opener opened my garage (after I put a new random code into mine).

Below is a list of the WiFi Networks that I can see from my desk at home. These are all neighbors. Thirteen of the networks are all on "Channel 1", eleven are on "Channel 11", seventeen are on "Channel 6".

Even if your network is "secure", if you are on the same channel as your neighbor your internet will be effected. Three of the printers are TOTALLY UNSECURE and I could print to them all day long. The "CenturyLink" folks (as well as the Comcast) simply do not have a firewall protecting them from the outside world.

Simple solution? If you only connect to "xfinitywifi" unplug your cable modem and see if you still connect. If you do, take your modem back to Comcast and save your money. You dont know if you are connected to yours or your neighbors anyway ($120 a year). If you are on "xfinitywifi" I sure as heck would not pay my bills or do banking on the WiFi network...being, again, as you do not know what network you are even on.

Do you like your neighbor? Trust them? Known them for years? Split it and share...it is easy and even more secure than this Comcast fiasco that is going on currently.

[tuccillo]

I can guarantee that you are not getting into my network. Password protect your network.

Quote:

Originally Posted by Record10ti

Just moved in...but anyways. Many of my neighbors have said that their WiFi does not work sometimes, then it will, then it wont. Heck, I had a neighbor who's garage door opener opened my garage (after I put a new random code into mine).

Below is a list of the WiFi Networks that I can see from my desk at home. These are all neighbors. Thirteen of the networks are all on "Channel 1", eleven are on "Channel 1", seventeen are on "Channel 6".

Even if your network is "secure", if you are on the same channel as your neighbor your internet will be effected. Three of the printers are TOTALLY INSECURE and I could print to them all day long. The "CenturyLink" folks (as well as the Comcast) simply do not have a firewall protecting them from the outside world.

Simple solution? If you only connect to "xfinitywifi" unplug your cable modem and see if you still connect. If you do, take your modem back to Comcast and save your money. You dont know if you are connected to yours or your neighbors anyway ($120 a year). If you are on "xfinitywifi" I sure as heck would not pay my bills or do banking on the WiFi network...being, again, as you do not know what network you are even on.

Do you like your neighbor? Trust them? Known them for years? Split is and share...it is easy and even more secure than this Comcast fiasco that is going on currently.

[Record10ti]

Worthless really if a person has SNORT (and I do). It is common and free. But, even if you password protect YOUR SSID, if you have a Comcast modem they are generally putting out "xfinitywifi" as part of their network (yet another reason to not use their modem/wifi).

If you broadcast your SSID I have 50% of what I would need to get in. The password? Childs play (and the kids are very good at playing with this from their Androids and iPhones).

My point however more so is all of the overlapping channels that are out there - they are the cause of the issues, not the insecure world of 802.11(x)

[Record10ti]

Oh, and as a side note - you can see in this image that is a simple report from my WLC, not only do I see their SSID, I also see their MAC. So, if I was a criminal (and I am not) it would not be hard to spoof their mac, take over their internet and do as I wished.

Securing an SSID is step one. Step two is not broadcasting the SSID, then MAC level IP's on devices. NOT using 192.168.1.x and so many others...

(Note: this report is a simple tool included with all WatchGuard, Cisco, and may other higher end firewalls and Wireless LAN controllers).

[tuccillo]

I don't have Comcast and you still aren't getting into my network.

Quote:

Originally Posted by Record10ti

Worthless really if a person has SNORT (and I do). It is common and free. But, even if you password protect YOUR SSID, if you have a Comcast modem they are generally putting out "xfinitywifi" as part of their network (yet another reason to not use their modem/wifi).

If you broadcast your SSID I have 50% of what I would need to get in. The password? Childs play (and the kids are very good at playing with this from their Androids and iPhones).

My point however more so is all of the overlapping channels that are out there - they are the cause of the issues, not the insecure world of 802.11(x)

[Record10ti]

Is that a dare? Bet?

Seriously, unless you are running TACACS+ or SSL over your WiFi - or are on a licensed frequency (your not) you are very exposed. If you have your own cable modem, that is a great step one. From there, if you are not broadcasting your SSID, that is a great step two. No DHCP Server, awesome step three....

A password be it WEP or flavor of WPA you may as well use 123456 as some 128 character cypher as Snort catches either just as fast. This would be even more concerning for folks who live near the "squares" and more populated places (but people messing there will go after the merchants mostly).

That said, if you have typical consumer or SMB hardware and not running RADIUS...takes about 30 seconds to break in (or less depending on signal strength).

But, again - the issue with network latency and seemingly randomly not function is a matter of the channels.

[tuccillo]

Yeah, go for it. If I see you parked in front of my house we will have words.

Quote:

Originally Posted by Record10ti

Is that a dare? Bet?

Seriously, unless you are running TACACS+ or SSL over your WiFi - or are on a licensed frequency (your not) you are very exposed. If you have your own cable modem, that is a great step one. From there, if you are not broadcasting your SSID, that is a great step two. No DHCP Server, awesome step three....

A password be it WEP or flavor of WPA you may as well use 123456 as some 128 character cypher as Snort catches either just as fast. This would be even more concerning for folks who live near the "squares" and more populated places (but people messing there will go after the merchants mostly).

That said, if you have typical consumer or SMB hardware and not running RADIUS...takes about 30 seconds to break in (or less depending on signal strength).

But, again - the issue with network latency and seemingly randomly not function is a matter of the channels.

[Record10ti]

LOL - get over yourself.

You seem to not understand the point here...oh, and it would be someone parked a few blocks away with a Pringles can on their air card stealing your Victoria's Secret account numbers.

I frequently shoot 802.11x over 15 miles with the right antenna (site to site - with line of sight). If you live near a bank, clinic, hospital or other place required to abide by SOx or HIPAA...trust me, they have legally sniffed your network (as all 802.11x networks are subject to FCC regulations).