Which router security ?

Mr_Frugal

Hi, have my router set up already on WPA-PSK(TKIP) security - which I am aware is better than WEP.

In the early hours of this morning I managed to network my PC with another in house to allow file/print sharing (thanks albertross, your help was invaluable).
Since doing that I want to maximise my security to ensure that I have no nosey neighbours.
Looking at the admin section of my router (Netgear) I see that I can set up for any of the following security measures:-

WPA-PSK(TKIP) - current setting
WPA2-PSK(AES)
WPA-PSK(TKIP)+WPA2-PSK(AES)

Which is the best (ie most secure) - I am guessing they get progressively better as you move down the list ???????

Are there any issues (ie side effects) of upping the security level (ie do things stop working, such as the file sharing or the printer) ???

Mr_Frugal

Both PC's are running Windows XP - any help ????

Bongedone

You could enable MAC address filtering. This would only allow known devices onto your network. Have a quick search.

superscaper

Bongedone wrote: »

You could enable MAC address filtering. This would only allow known devices onto your network. Have a quick search.

Although MAC filtering is about as effective as WEP encryption in terms of easily being spoofed. It's more of a deterrent rather than effective security.

superscaper

Al_Mac wrote: »

Watch out, you'll be mocked by the experts:eek:

Edit : Told you

I like to think I'm one of the ones that don't actually mock

Bongedone

You would have to have a rather nasty neighbour if he would go to the trouble of spoofing it.

superscaper

Bongedone wrote: »

You would have to have a rather nasty neighbour if he would go to the trouble of spoofing it.

That's kind of what I was thinking when the OP wanted to increase security when it's already WPA. You'd need a nasty and obssessive/dedicated neighbour to want to crack that.

Mr_Frugal

Dont really know the neighbours - only moved in a couple of weeks ago and know very little about router security at the moment. Was just alarmed to hear next door neighbours kid tell me that a few people in close vicinity that had no security (which indeed I have seen 2 people with none) and wanted to ensure that I keep out prying eyes.

superscaper

Mr_Frugal wrote: »

Dont really know the neighbours - only moved in a couple of weeks ago and know very little about router security at the moment. Was just alarmed to hear next door neighbours kid tell me that a few people in close vicinity that had no security (which indeed I have seen 2 people with none) and wanted to ensure that I keep out prying eyes.

You should be quite safe with WPA encryption and at least the neighbours without security would lure people away from even trying to crack yours. If you suspected anyone of gaining entry to your network, you could always report them to the police.

albertross_2

Having a long random password makes wpa-psk/tkip very secure:

www.grc.com/passwords

AES is better encryption, but not every piece of kit is supported, and normal wpa-psk is fine, provided you use a long key. You may also want to disable your ssid broadcast (this won't stop a hacker, but helps to hide you from everyone else)

superscaper

albertross wrote: »

You may also want to disable your ssid broadcast (this won't stop a hacker, but helps to hide you from everyone else)

Like the MAC filtering it all adds and helps remove the temptation for the undesirables.