Quote:
Originally Posted by CopyCounsler
just make your router 1. non-dhcp 2. not use 192.168.1.1 - use 192.168.69.69 or something like that instead.
then you have to 1. set each ip address manually. 2. set the gateway to 192.168.69.69.
security by obscurity. then wpa/wep is just another layer of protection.
there are numerous ways to skin that cat. If you get your network hacked, that's another story. but if you don't have any layer of protection, you get what you deserve.
Copy
|
That works to a point, but most good software for wardriving gives you the IP address, subnet and gateway of the access points as they are found. So while in a general sense you are absolutely right, it does little against wardriving with the proper software tools.
I personally do the following at home:
IP Address of access point: 10.30.2.3/22
Gateway for access point: 10.30.1.2/22
DHCP on access point is disabled
DHCP on router is disabled
SSID broadcast on access point is disabled
WPA is utilized as it is much better than WEP (though not great in and of itself)
But I still see connection attempts via wireless on my access point several times daily. And I live on a main street with a church next to me, so it is likely not to be an accident as the neighbor on the other side has wireless, the next one doesn't have a laptop or any wireless devices.
Basically, for the noob, security by obscurity works. But for someone who is really trying to protect their data, no matter how much you try or what you do, wireless is a scary concept.
Unless you can run your wireless network on a seperate VLAN and not allow traffic from the wireless network to your internal network (only use wireless for Internet traffic), and implement radius authentication, you really aren't protecting your internal network at all.
And even if they do hack your access point and only use your Internet connection, what happens when they download child pornography from your IP address and it is logged by a federal agency? Or pirated music, software, movies, etc...