I installed my sony wifi card and linksys access point without a problem. But I left everything as a default setup. Should I make some changes to increase security?

ABSOLUTELY!

Well, thats what I am looking for. What setting is the easiest to change and still have the NZ connect?

I have an NX and Linksys router. I used my own SSID and I enabled WEP with 128 bits key authentication. Plus I enabled my Firewall setting on my Desktop. Still, I could connect to my Wi-Fi network using my NX! :D

Hmm, one change their SSID, utilize WEP, but is almost trivial that someone who is first using netstumbler to find you, airsnort to sniff you and wepcrack to break your key.

Even using mac and ip filtering is useless, as XP and linux allow you to change you mac address in software(smlac).

Ergo, assume you are broadcasting in the clear and the advertised security measures that the WIFI manufacturers hosed you about are worthless. So anyone using wifi without VPN and radius or TACAAC authentication is an accident waiting to happen.

BTW, all you X-10 wireless cam freaks, yes, someone can see inside your house also.

I have not sniffed BT yet but with an effective range of 5-25 feet, not much to worry about except if other bluettooth users are near you :)

loucifer!

You scared me a bit! :(

Other things to do:

Use "104/128 bit :26 figures(Hex)" WEP encryption
Use a truely random key not something generated from a 'passphase'

Keep your WiFi card unplugged (on both sides of the connection) when not in use

Change the WEP key often can help, but is not practical.

Don't put any important information on the air-waves (so if someone does go through all the trouble to crack your system, they won't see anything)

NOTE: these can make it harder to crack - but WEP is not that secure thanks to some holes in the WEP security algorithm

------
IMHO: If you are worried about security, be worried about someone stealing your CLIE first.

Semi-related:
http://www.palm.com/enterprise/resources/securing/index

Originally posted by loucifer
Hmm, one change their SSID, utilize WEP, but is almost trivial that someone who is first using netstumbler to find you, airsnort to sniff you and wepcrack to break your key. 
You've got to admit that someone who had, and knows how to use, the tools necessary to tap even a somewhat reasonably protected WiFi connection is not likely to be sitting outside the average users house. Then, of course, if the average user is sitting in their living room doing their bills via Wifi, there is a good chance they are broadcasting all their personal financial information for anyone with a little knowledge and a few tools to grab.

Hey, does your neighbor have WiFi? Same make AP? If neither of you changed your default setting there is a chance you could, with little effort, read each others WiFi broadcasts.

I hadn't thought about X.10 camers but they are on the same broadcast freqs. Have a camera in your house? Bedroom? Bathroom? You're broadcasting to anyone who wants to make a little effort.

At least 802.11a has a shorter range and that drawback has a slight advantage in the added inherent security provided by limited range.

You seem to be reasonably well informed about security. Ever heard of F.I. on Merchantile Ave.?

To get the full benefit of Wi-Fi security with your router/access point, take the following steps.

1. Change your router's default user name and password, utilize strong password techniques (mixture of upper&lower case letters, mixed with numbers and symbols, at least 12 characters long.)

2. Disable 'Broadcast SSID' on your wireless access point.

3. Use 128-bit WEP encryption, again use a passphrase that uses strong password techniques, better yet a true random key generator.

4. Use MAC filtering.

802.11a, just as bad, utilizing either a yagi or parabaolic mesh antenna, can pick you up from 4 km's.

Most ecrims are looking for open AP's to launch anonymous attacks from, more than just pick up random traffic from users.

When it comes to WIFI for consumers, just say NO, until the industry get's it's act together.

BTW, for those that travel in Tokyo, I spend about 2-3 months per year there, the entire city is open with manufacturers defaults.

Maybe next time, it would be interesting to hang ten near Sony's R&D labs.

There is one thing consumers can do to stop one from using their AP, limit the number of IP licenses to the exact number of devices on home network.. or for the more adventuresome, if you want to see what your neighborhood script kiddies, put up a decoy AP leading to a lame NT server with a sniffer running, then go outside and smack the kid with a bat or your NZ90..

l8tr

Well, being in network security and starting up wireless where i work, the usual security measures are fine as long as VPN is used also. The main reasons we use the WEP and passphrase (if supported) is to keep other people from hacking in and using the neighbors bandwidth for kazaa, imesh, etc. A nice feature many of the access points have is locking in ONLY those mac addresses that are currently in your home network. That measure combined with the passphrase key generator is MORE than enough to keep the neighborhood off of your bandwidth, unless you live next to HackerGod the great. Spoofing IP's and macs is fine for the EXPERTS, but the 'average' 14 year old isn't gonna spend time cracking every security measure you have. DO KNOW that if attacks come from your IP though, that the ISP doesnt care WHO sent it, they simply suspend your service until it's resolved. The are occasionally sympathetic and turn you back on, but do you really wanna have megadowntime? I don't. My cstrike servers have to be up all the time, so I keep my wireless pretty tight. Also, I read that many other WIFI cards dont support the same type of random number generator for the passphrase that linksys uses, and that causes people to NOT use it because of the incompatibility. Guess the makers would like to see the U.S opened up like Tokyo for free service to all...lol