Is my wireless laptop secure?

If you don't already, get Zone Alarm free firewall.

If you only have the one machine ensure your folders/drives are not shared.

Ensure you have changed the password logon for your router. Ideally mixture of numbers and letters - try not to make it obvious i.e Kids names.

This should keep you safe.

The WPA encryption is the strongest method of encryption for home wireless networks.

If you like your neighbour you may want to advise them to switch on their router security, or if they have a faster connection - use theirs.

The last part was a joke.


Ben

Mr GizmoLeeds, could you confirm whether or not your wireless router is a wireless firewall router? The recent ones almost invariably are. Phrases like "stateful packet inspection" will appear on the specs.

If the router is a (hardware) firewall, congratulate yourself on having the most fundamental and essential protection against naughty persons attempting to hack in to your PCs. You can add software firewalls to all the PCs if you want, but you may have problems where you have to enable various ports for various programs, which can be a major pain, or if you want to share files between the PCs.

If ther router isn't a (hardware) firewall, you really, really, need a (single) software firewall active on EACH of your PCs. The Windows XP firewall is turned on automatically in SP2. It is better than nothing, but not much better, since if you become infected it does not prevent outgoing attacks from your machine, only incoming ones. If you install a better firewall, turn off the Windows XP one to prevent clashes.

The question about network security has already been answered, so use WPA2 if you can, otherwise WPA, otherwise, if nothing better, WEP. Non-broadcasting of the network SSID is another way of foiling the casual hacker. There's lots of stuff found when you Google for "wireless network security", and you could spend many happy days being baffled by the complexities!

John

gizmoleeds wrote:

Although the only options seem to be "Enable" and "Disable" - doesn't sound very advanced! Is this good?

It should be fine. It'll basically block any inbound attacks. It's definitely worth getting a software firewall. It'll provide outbound protection and blocks on a per program basis. I'd recommend Kerio Personall Firewall, which is free.

gizmoleeds wrote:

If I disable broadcasting the SSID, I can still connect to the network - right, even if I take the laptop away and bring it back?

Yep, you just need to give the router an SSID like "My Router" and in Windows XP (with Service Pack 2) tell it what SSID to look for. It's not difficult to do (there's a Wizard). If you right click on the Wireless Adapter in My Network Places, and select View Available Wireless Networks, you can set it up in the following screen.

gizmoleeds wrote:

It is currently using WEP. The options are:

WEP
WPA Pre-Shared Key
WPA RADIUS
RADIUS

Which is best??

You'll want to use WPA Pre-Shared Key. You'll need to come up with a hexidecimal key, 26 characters in length (should be enough). Hexidecimal means 0-9 and a-f. So something like: "391b1b99864c4ddb90b2e74cb1"

https://www.grc.com/passwords - generates a unique WPA-PSK, secure as you're gonna get key..

Short keys especially words/names are not a good idea if you wan't to make it secure. Using 63 Random characters is better.

Technically the answer to your question is that a radius server using WPA is the most secure of your available options, but that is beyond most home network setups, WPA-PSK with a long 63 character key is good enough.