Securing Wifi router

[nilanko]

Securing Wifi router [URGENT HELP NEEDED]

I bought a Wifi router from BSNL along with their 900ULF Unlimited plan. The BSNL guys said that whoever receives signal from this modem can access Internet. To prevent misuse by my neighbours, this is what I did:

1. Logged in to 192.168.1.1 to access Router settings.
2. Went to Configuration->Wireless Network.
3. Under security settings, I selected "WPA Mixed mode" for 'Select security option'.
4. I selected the authentication method as "PSK(Pre Shared Key)".
5. In "WPA Pass Phrase:" field I entered a password/security key.

Now whenever I try to access Internet from my father's laptop, I am asked the SSID first (because it is set to be hidden). Then it asks for the security key, which is the password that I set. So, now, is it possible for any person who doesn't know the password, to access internet through is modem using Wifi?

Some additional info: My neighbours too have Wifi router whose signal I can receive. Their SSID isn't hidden. I can connect to it but I can't access internet. But their connection is shown as Unsecured. Can you tell me what did they do to prevent misuse?

Another ques: I see a field called "TxPower" on the Wireless Network configuration page. What is it used for? It was initially set to 20% but I set it to 100%. Can you give some info on this?
---------------------------------------------------------------------

Hey guys HELP ME!!

Here's what I did:
1. I logged in to access the router settings of my neighbour.
2. In Mac address filtering, I added the Mac address of my wifi router in Whitelist and saved the setting.

*i.imgur.com/NPMYR.png
(I copied my router's Mac address from here)

3. Now I am not able to even connect to their wifi router.

*i.imgur.com/hlFlr.png
(I am shown this)

Now I am worried whether any problem would arise....for example if they access their settings, they will be able to get my router's Mac address. Can they misuse it anyway or use it to misuse my internet connection?

 

[thetechfreak]

So, now, is it possible for any person who doesn't know the password, to access internet through is modem using Wifi?

As long as the password is not known by the person he cant do anything with it.
That is the connection will be received but he wont be able to access the internet

 

[Anorion]

The power is how strong the signal is. 20% means you will be able to access it from places close to the router. If you push it to 100% you can access it from much farther away. You may not be able to access your neighbour's wifi as it may not be set in PPoE mode, although it may be something else.
there is a process known as packet sniffing, that decrypts the wifi password once it can collect enough packets of data. This only affects some types of WPA security, WPA2 is far more secure.

 

[Ishu Gupta]

Some additional info: My neighbours too have Wifi router whose signal I can receive. Their SSID isn't hidden. I can connect to it but I can't access internet. But their connection is shown as Unsecured. Can you tell me what did they do to prevent misuse?

Could be MAC Address Filtering.

I would say you set this up as well. Use the whitelist/allow access mode and enter the MACs of all your wifi devices.

Disable Hidden SSID. Its pointless. Puts your computer on risk (If you enable autoconnect) and its a PITA if you have to enter SSIDs everytime.

Switch to WPA2 if you can.

 

[asingh]

1. Keep SSID exposed.
2. Use WPA2 and set a password.
3. Set your transmitters strength level to 100%.

Also you can go to the router settings and DHP Server, and see all the MACs hooked in. It should only show what you are aware off.

 

[mrintech]

Securing WiFi is quite easy:

1. Hide SSID
2. Set a Strong Password
3. Enable MAC Address Filtering
4. Go for encryption WPA2-PSK [AES] OR WPA-PSK [TKIP] + WPA2-PSK [AES]

Additional Steps:

* Change the Default username and password of Router/Modem
* Set the Tx Power (Transmission Power, as far as I can tell) to the value sufficient for your Home, Balcony etc.

 

[nilanko]

Thanks everybody for all your suggestions/info.

@Ishu Gupta: I checked my neighbours' router's settings (I can access those because they didn't change the default ID/pass given by BSNL, though I have NO intention to use misuse their connection, I just logged in to check their settings). They have Mac Address filtering disabled. And they have also turned off encryption. Though I can connect, I can't access the internet. This is what I want. Can you tell me any other possibility which makes me unable to access the internet through their modem? Waht might have they done?

Hey guys HELP ME!!

Here's what I did:
1. I logged in to access the router settings of my neighbour.
2. In Mac address filtering, I added the Mac address of my wifi router in Whitelist and saved the setting.

*i.imgur.com/NPMYR.png
(I copied my router's Mac address from here)

3. Now I am not able to even connect to their wifi router.

*i.imgur.com/hlFlr.png
(I am shown this)

Now I am worried whether any problem would arise....for example if they access their settings, they will be able to get my router's Mac address. Can they misuse it anyway or use it to misuse my internet connection?

 

[Anorion]

^go over and show em how to secure it

 

[nilanko]

^^You mean what? My question was:

Now I am worried whether any problem would arise....for example if they access their settings, they will be able to get my router's Mac address. Can they misuse it anyway or use it to misuse my internet connection?

 

[asingh]

^^
Are you nuts or what. Putting your routers MAC address in another routers, that too your neighbors. This actually means, that their router is now OPEN for your device.

Just set security on yours and forget about it. You probably cannot get into their router now. They secured it.

 

[nilanko]

^^
Are you nuts or what. Putting your routers MAC address in another routers, that too your neighbors. This actually means, that their router is now OPEN for your device.

Just set security on yours and forget about it. You probably cannot get into their router now. They secured it.

Their router 'open' for my router?
Q1. What does that actually mean? See, I am noob in this case. Just tell me whether whatever I did will do any harm to me or not.

Q2. Can the Mac address of my router that I added to their whiltelist be used by them to gain access to my router's settings or internet connection in any way?

Another thing: They have still NOT secured their connection. It is still shown as 'Unsecured'.

I am REALLY terrified now.
...and my heart is beating like hell....

 

[mrintech]

LOL

Buddy, just UNDO the changes whatever you have done in the neighbors router

Be happy with your Router, why you are SO concerned about others WiFi Connection?

AAAAAND

Seems like they secured it..... Go to their House and ask them to remove your MAC Address

 

[Ishu Gupta]

Q2. Can the Mac address of my router that I added to their whiltelist be used by them to gain access to my router's settings or internet connection in any way?

No .

 

[asingh]

^^
Yups, unless you add their MAC on your router.

 

[nilanko]

@mrintech: What lol? >_< I am not so concerned. My aim is not to misuse others' connection and not get my connection misused. I can't undo the changes because I can no more connect to their modem. Although I clearly see beside their connection option: "Security type: Unsecured".

@Ishu: Hope you are 100% correct.

@asingh: umm...didn get you. Is your answer yes or no for this ques: Can the Mac address of my router that I added to their whiltelist be used by them to gain access to my router's settings or internet connection in any way?


BTW, why am I unable to connect to their modem even if their connection is unsecured? PS. This happened earlier also but later I was able to connect again.

 

[Ishu Gupta]

@Ishu: Hope you are 100% correct.

@asingh: umm...didn get you. Is your answer yes or no for this ques: Can the Mac address of my router that I added to their whiltelist be used by them to gain access to my router's settings or internet connection in any way?

I can find your router MAC add in 5 seconds. (If I am in range and the router is turned on)

So don't worry.

BTW, why am I unable to connect to their modem even if their connection is unsecured? PS. This happened earlier also but later I was able to connect again.

Because you entered the MAC of your ROUTER.

Only devices which have the same MAC Add as your router can access that router via WiFi. If your neighbour wants to use wifi, he needs to connect to the router via wire and disable MAC filtering.

 

[Anorion]

why would you add the MAC address of your router to their whitelist in the first place? do you want to run their internets using your router? it would have been (somewhat) sensible if you added your laptop's MAC address to their whitelist... they cannot misuse this, even more so considering they havent secured their own connection (which I am still skeptical about) were there other addresses on the whitelist? how did you get access in the first place? I still think they have MAC address filtering enabled considering that they had a whitelist at all, now if you want to get in, change the MAC address of your laptop to the MAC address of your router, which you have through mysterious means got into their whitelist
if you are asking if using someone else's unsecured wifi is safe, then no, not for logging into say your email or social networking site, basically, any transfer of secure data over the air can be decrypted and abused, but thats only if there is some malicious guy with a wide open wifi waiting for people to use his connection so he can get their data
PS Ishu is 100% correct lol

 

[nilanko]

@Ishu:Well I can do that in 3 seconds. Just see the network map and hover the pointer over router icon or see its properties.

I can find your router MAC add in 5 seconds. (If I am in range and the router is turned on)

So don't worry.



Because you entered the MAC of your ROUTER.

Only devices which have the same MAC Add as your router can access that router via WiFi. If your neighbour wants to use wifi, he needs to connect to the router via wire and disable MAC filtering.

Well that's the point that I wanted to confirm. No other device in this world would have the same Mac Add as that of my router. They mostly use Wifi. Now, this means that they won't be able to connect to their own router using their laptop wifi adapter! LOL! Means, it'll be mandatory for them to remove my router's Mac add from their whitelist! This is what I want! Since their connection isn't working from the time I did this, they haven't turned on their router yet, although they have their router turned on all the day, only today I see they have turned that off (I think they are thinking that it's a problem with BSNL).

why would you add the MAC address of your router to their whitelist in the first place? do you want to run their internets using your router? it would have been (somewhat) sensible if you added your laptop's MAC address to their whitelist... they cannot misuse this, even more so considering they havent secured their own connection (which I am still skeptical about) were there other addresses on the whitelist? how did you get access in the first place? I still think they have MAC address filtering enabled considering that they had a whitelist at all, now if you want to get in, change the MAC address of your laptop to the MAC address of your router, which you have through mysterious means got into their whitelist
if you are asking if using someone else's unsecured wifi is safe, then no, not for logging into say your email or social networking site, basically, any transfer of secure data over the air can be decrypted and abused, but thats only if there is some malicious guy with a wide open wifi waiting for people to use his connection so he can get their data
PS Ishu is 100% correct lol

I actually wanted to add my wifi adapter's Mac to their whitelist so that I could access internet using their router, but that too, just for a minute to see if was possible. I have intention to use my neighbor's internet for free. But, by mistake, I added the Mac of my wifi router instead. Their MAc add filtering was DISABLED. I enabled it and added my router's add in the whitelist. As soon as I did it, the connection broke and I tried to re-connect but could not (whose reason now I have understood).

 

[Ishu Gupta]

@Ishu:Well I can do that in 3 seconds. Just see the network map and hover the pointer over router icon or see its properties.

This only works AFTER connecting to the router.
And why are you worried if you know tha knowing the MAC is not a very big deal?

Well that's the point that I wanted to confirm. No other device in this world would have the same Mac Add as that of my router. They mostly use Wifi. Now, this means that they won't be able to connect to their own router using their laptop wifi adapter! LOL! Means, it'll be mandatory for them to remove my router's Mac add from their whitelist! This is what I want! Since their connection isn't working from the time I did this, they haven't turned on their router yet, although they have their router turned on all the day, only today I see they have turned that off (I think they are thinking that it's a problem with BSNL).

Like I said,

If your neighbour wants to use wifi, he needs to connect to the router via wire and disable MAC filtering.

or you can spoof your Routers MAC Add and disable it yourself.

I actually wanted to add my wifi adapter's Mac to their whitelist so that I could access internet using their router, but that too, just for a minute to see if was possible. I have intention to use my neighbor's internet for free lol. But, by mistake, I added the Mac of my wifi router instead. Their MAc add filtering was DISABLED. I enabled it and added my router's add in the whitelist. As soon as I did it, the connection broke and I tried to re-connect but could not (whose reason now I have understood).

See above. You have two options.

 

[asingh]

1. Just re-boot your router.
2. Put in the DNS and gateway settings.
3. Apply security as mentioned with password.
4. Enable MAC filtering.
5. Enable Firewall.
6. Disable WEB Remote Management.
7. Check your DHCP table for MAC's hooked in when radio is on.