Thursday Morning Only: Cheap Wireless Router

[SamIAm]

Today's Woot is a good DLink wireless-g router. Anybody who's complained about needing a new router, buy it here right now.
-Sam

P.S. For those not in the know, Woot sells stuff pretty cheap, but sells out in ~12 hours. New postings every night at midnight Central time. If you want this, buy it right now.

[LuckyDevil]

Just ordered mine. Thanks.

[TheMetetron]

Any idea if this is dual voltage?

[SamIAm]

A PM I just got:

Hello,

In regards to that wireless router, is that a safe and secure router to use when playing online poker?

I want to go to a wireless router soon in addition to using a wireless laptop and I am concerned about the security of wireless.

What concerns or measures should I take if I go to a wireless router?

I am a newbie when it comes to wireless routers and wireless laptops.

Your help is much appreciated.

Thanks,

[SamIAm]

Yes, this router should be fine, and you can easily make it secure. Try searching this forum for threads on making wireless secure.
-Sam

[SamIAm]

[ QUOTE ]
Any idea if this is dual voltage?

[/ QUOTE ]I don't know what that means. [img]/images/graemlins/frown.gif[/img]

But they gave you the model number. Did you try searching?
-Sam

[BiPolar_Nut]

[ QUOTE ]
Yes, this router should be fine, and you can easily make it secure.

[/ QUOTE ]

I disagree unless that model is authenticating to a separate RADIUS server. Typical "securing" advice for wifi usually states disabling SSID broadcast (does NOTHING for security...SSID's are still in packets and easilly sniffed), MAC filtering (which is trivial to ARP-poison and spoof), WEP is a joke easilly crackable in 5 mins. WPA is better...but still only as good as the passphrase and easilly brute-able if you're using a pronouncable word w/ numbers. Better if mixed case, not pronouncable, and contains punctuation. Better yet if containing extended ASCII chars.

Even doing everything possible to most SOHO wifi routers, you can't protect against a DoS attack from any punk kid w/ a pringles can a mile away in line-of-sight.

I just can't justify adding the risk simply to have one less wire on the floor. Perhaps the risk can be small, but why risk 100% of your online funds (and possibly worse) even if you feel it is a 0.001% chance of being compromised? What's the upside? One less wire? Not worth it to me. YMMV and that's fine...I just think people should be aware of the risks and telling them "<blah> can be easilly secured" is grossly misleading.

No disrespect meant, Sam, but once you've had to clean up other people's messes from *not* securing networks adequately, you tend to place a higher value on not willfully opening holes...especially ones that can be exploited 24/7 from over a mile away.

[elffaw]

Use WPA, choose a good key. I don't see the problem.

[BiPolar_Nut]

[ QUOTE ]
Use WPA, choose a good key. I don't see the problem.

[/ QUOTE ]

DoS attacks are one problem...albeit more of an annoyance than a security risk per-se. I'll trust your "good key" includes extended ascii chars. Anything short of that can be bruted in ~10% of the time.

The main "problem" I see is wardrivers getting more educated and finding specific targets worthy of lengthy pen-testing. If I was randomly driving around snagging 802.11* packets and saw a lot of traffic to sites that scream "there's money here" (poker site addresses, seller helper sites for ebay, etc), I'd concentrate my next datamining project on those places salavating over the possibility of a big score...then find a way in, running a modded dictionary/sequential char generator for months if necessary if I have reason to believe I could make a 5 or 6 figure "payday".

Once you're specifically targeted...it's just a matter of time. Hopefully that never happens to you and I'm just a paranoid freak [img]/images/graemlins/smile.gif[/img]

[SamIAm]

-Sam