Pulling ethernet

[wyliesdiesels]

No Wifi is essential or secure. WPA2 is easy to crack. When you are in an industry that requires top security, wireless is not an option. Even Homeland Security learned that fast when their wireless got them into trouble. When the rest of the world learns that, hackers will have a much more difficult life, and your personal data will be much safer.
If you don't care about security, keep using wireless. If you want to be on the top with security, turn it off.

As a techie that's been in the industry for awhile, I'm gonna side with gary on this one! Wireless is not safe no matter how good the security is!

Case in point:

A few years ago I worked on an McD upgrade project, where we went into McDs and upgraded their electrical, network equipment and cabling, registers, credit card terminals, kitchen monitor systems, etc. We essentially installed 2 separate networks because McD wanted to provide free wireless for their guests and all the financial data transmitted over their network had to be separated from the network which provided free wireless because of all the hacking issues and incidents over the years where people's credit card info was stolen. Most of the franchisee owners were not happy about this upgrade cause it cost them an arm and a leg and many of them had just upgraded their stores 5 or so years before. They had no choice but to upgrade because they 'had' to provide free WiFi! McD corporate and NCR required us to rip out all the "old" CAT5e no matter even if it was a few years old and pull in new cable! The old cable was just fine but because of the new financial network requirements, there wasn't enough cable or jacks in the right spots!

I also worked on Panda express stores and upgraded them. Their not franchised and the family that owns the chain didn't spend a tenth of what McD spends on network infrastructure! Why u ask? Because, when NCR asked if Panda wanted to provide free WiFi for their guests and explained what it would cost and require, Panda said NO! And laughed all the way to the bank! The networks inside Panda Express stores are so secure, that when I went to use the managers computer terminal/server to look up something, I couldn't because all ports including port 80(web browsing portal) was blocked(this was when I first started working on Pandas and wasn't versed in their network layout yet!)

If you want security, don't use WiFi!

 

[Engineer61]

There is a way to secure a home WiFi network - use the MAC address option. This means that you have to enter the MAC (the 6 byte ethernet address) of the computers that you want to allow to connect to your network. ANY other computer is refused access. This obviously won't work for places like MickeyD's offering free access to their customers, but works very well for a home or business network that KNOWS exactly which computers should get access, and wants to lock out everyone else. The MAC address is unique for every ethernet chip in the world and is fairly hard to hack, even in windows.

 

[Slednut]

The 60 Hz from power can cause problems with Cat5. There are a few ways you could go, some expensive, some not. The wireless would work fine, I would make sure that the router you use has the option of extended antennas available. These can double the wireless signal distance. If the shop is metal the wireless probably won't work.
You can dig a trench install 1" conduit with sweeps and pull in some underground rated Cat5 or direct bury it.
You could buy pre-terminated multi-mode fiber and use fiber to ethernet media convertors. You could pull it with the power but it would be hard to do without damaging the ends. Make sure the connectors on the fiber and the media convertors match, usually it’s SCUPC. You can buy media convertors for around $50.00, you need one at each end. The convertors are very reliable.
The ethernet over power works but I've seen it have problems with off premise buildings.

 

[rlitman]

There is a way to secure a home WiFi network - use the MAC address option. This means that you have to enter the MAC (the 6 byte ethernet address) of the computers that you want to allow to connect to your network. ANY other computer is refused access. This obviously won't work for places like MickeyD's offering free access to their customers, but works very well for a home or business network that KNOWS exactly which computers should get access, and wants to lock out everyone else. The MAC address is unique for every ethernet chip in the world and is fairly hard to hack, even in windows.

This does not work like you think it does.
It is easy to listen to network traffic, and pick out the MAC addresses in the conversation.
All ethernet devices come from the factory with a (for the most part) unique MAC address burned in the hardware. BUT all ethernet software allows you to override the hardware MAC address, and use whatever address you please.

So, if you know an authenticated MAC, you can just spoof that. It's actually really simple.
MAC address filtering is a false sense of security.

WPA2 with AES and TKIP is pretty darned secure if you don't choose some wacky settings that undermine the security. This is accepted by the payment card industry for communications between point of sale registers conveying credit card data. Considering that is an industry that has been hit hard by WiFi security issues, if they accept it, it must be pretty good.
WEP is worthless. If you're using that, you pretty much have an open access point.

 

[Gary S]

MAC addresses are not a good security measure as rlitman just pointed out. You can get around them using MAC spoofing techniques.
http://www.techrepublic.com/blog/security/how-to-spoof-a-mac-address/395

 

[D KRAGER]

I'm using wireless. I have a metal pole barn that is about 30' from house. My house signal was too weak to reach the shop very well. Although if I was in the window it worked fine.

So I'm running DD-WRT (different firmware, do a web search) on the house router with high output antennas to boost the signal. Then in the garage I have an access point with a directional antenna pointed out the window towards the house to pickup the signal. If you run DD-wrt on the access point in the garage you can use it as a client repeating bridge that gives you wifi in the garage.

As far as security, I have none. I'm in the country and don't care. I don't have anything of value to anyone on my computers, so I'm not worried about it.

The odds of a hacker around these parts are sparce compared to the city.


I might add though, if you're not real good with network stuff, you might opt to the wired option.

 

[Gary S]

As far as security, I have none. I'm in the country and don't care. I don't have anything of value to anyone on my computers, so I'm not worried about it.

Security matters all the time. It isn't always what you have on your computer that a thief might want.
If anyone connects to your wireless router and uses your link for anything illegal, it comes back to you, and you would be the one whose house gets trashed when the FBI arrives to search it , and you are the guy who has to pay a lawyer out of your pocket to prove yourself innocent of being a child pornographer or whatever the link was used for..

 

[D KRAGER]

I thought all of you said that wifi is hackable. So what's the difference?

 

[D KRAGER]

I know, I know. It's like leaving your door unlocked. Locking it keeps the somewhat honest person out, but the dedicated thief will find a way in....

 

[SiGmA_X]

Use WPA2 and don't worry about it, honestly. And a key that isn't super easy to guess. DDWRT and a decent router can use WPA2 in bridge mode, I did that for years before running a wire down my hallway. (Concrete pad, deck makes it really hard to run outside, said fuckit)

MAC address filtering is a good additional protection on top of WPA2, but its also near useless, you can pick out the addresses... WPA2, decent key, do not broadcast signal... Call it good.

 

[Bubbles]

I work with this, and I,ll tell you to pull it. Be honest with your self, what are you gonna use it for that you can not accept some loses. You gonna stream 1080p Mkv files?

You probably got a gig router hooked up to a 4meg dsl,

 

[wyliesdiesels]

This does not work like you think it does.
It is easy to listen to network traffic, and pick out the MAC addresses in the conversation.
All ethernet devices come from the factory with a (for the most part) unique MAC address burned in the hardware. BUT all ethernet software allows you to override the hardware MAC address, and use whatever address you please.

So, if you know an authenticated MAC, you can just spoof that. It's actually really simple.
MAC address filtering is a false sense of security.

WPA2 with AES and TKIP is pretty darned secure if you don't choose some wacky settings that undermine the security. This is accepted by the payment card industry for communications between point of sale registers conveying credit card data. Considering that is an industry that has been hit hard by WiFi security issues, if they accept it, it must be pretty good.
WEP is worthless. If you're using that, you pretty much have an open access point.

I was going to point out the same thing but u beat me to it!

 

[enrare]

I was going to point out the same thing but u beat me to it!

How do you find out if your wireless router has WPA2 with AES and TKIP? I'm looking at the box mine came in and it shows WPA2 and several other security protocals but no mention of AES or TKIP. I have an Actiontec wireless N DSL modem/router I got earlier this spring. Tried a few other wireless routers but the Actiontec was the only one that worked with my Qwest DSL service eventhough all the routers said they where compatible with Qwest DSL. I'm not happy about wireless but my wife got an iPad and that is the only way it can work.

 

[wyliesdiesels]

How do you find out if your wireless router has WPA2 with AES and TKIP? I'm looking at the box mine came in and it shows WPA2 and several other security protocols but no mention of AES or TKIP. I have an Actiontec wireless N DSL modem/router I got earlier this spring. Tried a few other wireless routers but the Actiontec was the only one that worked with my Qwest DSL service even though all the routers said they where compatible with Qwest DSL. I'm not happy about wireless but my wife got an iPad and that is the only way it can work.

Ewww, I can't stand those all-in-one units. I like a separate modem and router setup. I had an all-in-one and it died, so not only could I not go online, but my network was down as well, so I was totally dead in the water!

The best way to find out about your units features is to log onto your routers configuration page. For most routers, u do this by opening a web browser and typing in your routers ip address- it will be something like 192.168.0.1, as an example. But yours may be different. Then click on the wireless configuration tab/page and look for the security section.

 

[enrare]

Thanks for the info. Somehow I came across a few youtube vids on this hack software called BackTrack5 demonstrating how fast and easy it can be to hack into your wireless system no matter what security protocals or how strong of passwords you have, then they have access to your computer and everything on it. Scary thing is they put this stuff on a laptop so they are mobile and can drive around randomly hacking peoples wireless systems.

Ewww, I can't stand those all-in-one units. I like a separate modem and router setup. I had an all-in-one and it died, so not only could I not go online, but my network was down as well, so I was totally dead in the water!

The best way to find out about your units features is to log onto your routers configuration page. For most routers, u do this by opening a web browser and typing in your routers ip address- it will be something like 192.168.0.1, as an example. But yours may be different. Then click on the wireless configuration tab/page and look for the security section.

 

[CNGsaves]

How about starting NEW THREAD called Safeguarding Wireless as the OP was asking about PULLING ETHERNET. Have the mod's move all these WIRELESS related comments to the new thread.

Hardwire ethernet is cheapest and most secure method for OP setup. Furthermore, if his garage was even 200 ft away and guy was commiting to buried plastic conduit, hardwire ethernet would be not problem since it's good to over 300 ft. In this case OP garage is only 25 or 30 ft.

When guy goes to grocery store for oranges, surely they don't spend all their time talking about how apples are better or how to prevent decay in apples. Guy went to the store for oranges!

 

[madosta]

How about starting NEW THREAD called Safeguarding Wireless as the OP was asking about PULLING ETHERNET. Have the mod's move all these WIRELESS related comments to the new thread.

Hardwire ethernet is cheapest and most secure method for OP setup. Furthermore, if his garage was even 200 ft away and guy was commiting to buried plastic conduit, hardwire ethernet would be not problem since it's good to over 300 ft. In this case OP garage is only 25 or 30 ft.

When guy goes to grocery store for oranges, surely they don't spend all their time talking about how apples are better or how to prevent decay in apples. Guy went to the store for oranges!

LMAO, thank you.

 

[wyliesdiesels]

Thanks for the info. Somehow I came across a few youtube vids on this hack software called BackTrack5 demonstrating how fast and easy it can be to hack into your wireless system no matter what security protocols or how strong of passwords you have, then they have access to your computer and everything on it. Scary thing is they put this stuff on a laptop so they are mobile and can drive around randomly hacking peoples wireless systems.

Yup. There's all kinds of hacking tools available out there! I have a disc of wireless hacking tools but have never used it for fear of getting caught! I don't need or want any trouble with the law!

How about starting NEW THREAD called Safeguarding Wireless as the OP was asking about PULLING ETHERNET. Have the mod's move all these WIRELESS related comments to the new thread.

Hardwire ethernet is cheapest and most secure method for OP setup. Furthermore, if his garage was even 200 ft away and guy was committing to buried plastic conduit, hardwire ethernet would be not problem since it's good to over 300 ft. In this case OP garage is only 25 or 30 ft.

When guy goes to grocery store for oranges, surely they don't spend all their time talking about how apples are better or how to prevent decay in apples. Guy went to the store for oranges!

Good point! Though I did continue the wireless discussion by responding to it! :

 

[1Garageman]

I just watched a video on that Backtrack 5 and that is amazing!!!
I am not very familiar with UNIX programs and hacking programs at all. That is very amazing and scary!

 

[bigfredtn]

I was/am a low voltage contractor. When going between buildings, you will need to get some type of lighting protection. I have seen many modems and computers fried due to lighting strikes.