Calguns.net  

Home My iTrader Join the NRA Donate to CGSSA Sponsors CGN Google Search
CA Semiauto Ban(AW)ID Flowchart CA Handgun Ban ID Flowchart CA Shotgun Ban ID Flowchart
Go Back   Calguns.net > GENERAL DISCUSSION > Technology and Internet
Register FAQ Members List Calendar Mark Forums Read

Technology and Internet Emerging and current tech related issues. Internet, DRM, IP, and other technology related discussions.

Reply
 
Thread Tools Display Modes
  #1  
Old 05-19-2019, 7:24 PM
vega vega is offline
Veteran Member
 
Join Date: Oct 2005
Location: Ventura County
Posts: 3,014
iTrader: 57 / 100%
Default Wifi Intruder

Hi,

I have Netgear WNDR3400 and thereís a wireless intruder which keeps popping up even after I blocked it. I already changed the password but it keeps connecting to my wifi. How could I prevent someone from intruding my wifi?

TIA.

vega
Reply With Quote
  #2  
Old 05-19-2019, 7:57 PM
TacFan TacFan is online now
Veteran Member
 
Join Date: Jan 2006
Location: Southern Cali
Posts: 2,789
iTrader: 142 / 100%
Default

Mac address filter on router

Password needs better encryption.
Reply With Quote
  #3  
Old 05-19-2019, 8:31 PM
rdfact's Avatar
rdfact rdfact is offline
NRA Life member
CGN Contributor
 
Join Date: Nov 2012
Location: Earth
Posts: 1,800
iTrader: 38 / 100%
Default

MAC address filtering is quite effective, but sucks when you have guests that ask yo use your WiFi.
Did you ever change the default admin password (not WiFi password) for your router?
Reply With Quote
  #4  
Old 05-19-2019, 8:40 PM
AreWeFree's Avatar
AreWeFree AreWeFree is offline
facultatem excelsis
CGN Contributor
 
Join Date: Jan 2013
Posts: 4,307
iTrader: 43 / 100%
Default

Is your router set to WPA2 AES only? no TKIP.

Do you have a strong wifi password, minimum 15 characters?
Reply With Quote
  #5  
Old 05-19-2019, 9:04 PM
ocabj's Avatar
ocabj ocabj is offline
Calguns Addict
 
Join Date: Oct 2005
Location: Riverside
Posts: 7,535
iTrader: 41 / 100%
Default

You can enable WPA2 Enterprise, run a RADIUS server on your network (e.g. FreeRADIUS), and have unique username/passwords for every person or even every device, or better yet just do certificate based authentication and issue individual certificates for each device. Cert based auth will pretty much eliminate any unauthorized user.

Sample ref: https://wiki.alpinelinux.org/wiki/Fr..._configuration

FreeRADIUS is pretty simple to setup and maintain. Although, I personally never setup cert based auth. I've maintained FreeRADIUS with an LDAP backend for several years, though.
__________________

Distinguished Rifleman #1924
NRA Certified Instructor (Rifle and Metallic Cartridge Reloading) and RSO
https://www.ocabj.net | http://jocabphoto.com

My AR15 Service Rifle - Used for CMP/NRA High Power Service Rifle Competitions
My Eliseo R5 (Remington 700) Tube Gun - Used for NRA High Power (Match Category) Competitions
My M1 Garand Service Rifle - Used for JCG Matches, rebuilt by Dean's Gun Restorations

Last edited by ocabj; 05-20-2019 at 6:33 AM..
Reply With Quote
  #6  
Old 05-19-2019, 9:08 PM
The Duke's Avatar
The Duke The Duke is offline
Member
 
Join Date: Jan 2010
Location: Inland Empire
Posts: 280
iTrader: 0 / 0%
Default

Dang, that's pretty freaky. I'd be worried I was already hacked and that me personal info was compromised.
Reply With Quote
  #7  
Old 05-19-2019, 11:20 PM
vega vega is offline
Veteran Member
 
Join Date: Oct 2005
Location: Ventura County
Posts: 3,014
iTrader: 57 / 100%
Default

Quote:
Originally Posted by rdfact View Post
MAC address filtering is quite effective, but sucks when you have guests that ask yo use your WiFi.
Did you ever change the default admin password (not WiFi password) for your router?
Yes it was changed.
Reply With Quote
  #8  
Old 05-19-2019, 11:22 PM
vega vega is offline
Veteran Member
 
Join Date: Oct 2005
Location: Ventura County
Posts: 3,014
iTrader: 57 / 100%
Default

Quote:
Originally Posted by ocabj View Post
You can enable WPA2 Enterprise, run a RADIUS server on your network (e.g. FreeRADIUS), and have unique username/passwords for every person or even every device, or better yet just do certificate based authentication and issue individual certificates for each device. Cert based auth will pretty much eliminate an authorized user.

Sample ref: https://wiki.alpinelinux.org/wiki/Fr..._configuration

FreeRADIUS is pretty simple to setup and maintain. Although, I personally never setup cert based auth. I've maintained FreeRADIUS with an LDAP backend for several years, though.
Is there a video I can watch to show how itís done?
Reply With Quote
  #9  
Old 05-19-2019, 11:23 PM
vega vega is offline
Veteran Member
 
Join Date: Oct 2005
Location: Ventura County
Posts: 3,014
iTrader: 57 / 100%
Default

Quote:
Originally Posted by The Duke View Post
Dang, that's pretty freaky. I'd be worried I was already hacked and that me personal info was compromised.
Can the intruder also hack on other wireless connected to it?
Reply With Quote
  #10  
Old 05-19-2019, 11:28 PM
NYT's Avatar
NYT NYT is offline
CGN/CGSSA Contributor
CGN Contributor
 
Join Date: Apr 2011
Location: Auburn, CA
Posts: 3,726
iTrader: 31 / 100%
Default

Quote:
Originally Posted by vega View Post
Hi,

I have Netgear WNDR3400 and thereís a wireless intruder which keeps popping up even after I blocked it. I already changed the password but it keeps connecting to my wifi. How could I prevent someone from intruding my wifi?

TIA.

vega
what security are you running on the router? why do you think its an intruder and not just a device you or your family member added?
Reply With Quote
  #11  
Old 05-19-2019, 11:29 PM
eviioiive's Avatar
eviioiive eviioiive is offline
Senior Member
 
Join Date: Oct 2005
Posts: 1,454
iTrader: 64 / 99%
Default

Possibly handshake?
__________________
Quote:
Originally Posted by Kestryll View Post
Your name has been publicly printed in newspapers and on the web, your expectation of privacy is flat gone.
Quote:
Originally Posted by CALGUNS.NET
You have been banned for the following reason: posting other member's personal info without permission. I don't care what your reasoning is that is not allowed.
Reply With Quote
  #12  
Old 05-20-2019, 2:34 AM
vega vega is offline
Veteran Member
 
Join Date: Oct 2005
Location: Ventura County
Posts: 3,014
iTrader: 57 / 100%
Default

Quote:
Originally Posted by NYT View Post
what security are you running on the router? why do you think its an intruder and not just a device you or your family member added?
I have already listed all devices and thatís the only mac that cannot be identified.
I have to check the security settings tomorrow.
Reply With Quote
  #13  
Old 05-20-2019, 4:07 AM
the86d's Avatar
the86d the86d is offline
Calguns Addict
 
Join Date: Jul 2011
Location: Pinko-Commiefornia
Posts: 7,303
iTrader: 3 / 100%
Default

Do you have kids? A lady? With Friends they might give the passphrase to?

Do you have guest networks enabled?
My son, and daughter both have guest nets. I disable when they get busted for things, but MY router does not let me see what device is connected to which SSID.

Use WPA2, and AES, w/"Upp3r--Ca$3-L0w3r-number$-&-$pecia7-c4arac+ers"?
(Honestly, something like "Ch!ckenF$ck3r" should be sufficient...
For my mother, I actually used something close to CanHaveFun19.
Not following best practices, mine is the functional equiv. of "MoarNinjaSkeels808", with non-dictionary w3rdz, and no special chars.
REAL "fun" can be had if you use extended ASCII "ńß█╚☻σŰ☻T├ƒ╖Ī⌂", but might not be viable/type-able on non-Windows devices (iPhruity/Android), and some routers won't take these passphrases ([maybe because they are mostly Linux-based?].
I used to use "ńßßńßßńßß" before I had any non-Windows wireless devices [ALT-654, ALT-789, ALT-789, repeated, but I don't know the actual shorter version].)

Personally I always disable this new fan-dangled WPS (Push Button) 1st thing.

https://community.netgear.com/t5/Gen...ty/td-p/978769


https://youtu.be/FUPstXCqyus
__________________
Those who know Linux and use it daily generally find iPhruity Apple products useless...

Last edited by the86d; 05-20-2019 at 4:34 AM..
Reply With Quote
  #14  
Old 05-20-2019, 4:58 AM
vega vega is offline
Veteran Member
 
Join Date: Oct 2005
Location: Ventura County
Posts: 3,014
iTrader: 57 / 100%
Default

Setting is WPA2 and AES.
Reply With Quote
  #15  
Old 05-20-2019, 5:04 AM
JohnnyMtn's Avatar
JohnnyMtn JohnnyMtn is offline
Senior Member
 
Join Date: Dec 2012
Location: Santa Clarita, CA
Posts: 958
iTrader: 1 / 100%
Default

Make sure you are NOT broadcasting your SSID. You can turn that off in settings. Now, you wonít see your network if you ever want to get a device on your network, which is inconvenient. But since itís your network you just have to enter the network name manually in order to find your network. The beauty of this is that your network is not discoverable.

Not saying this will solve your problems but itís a wise step to make you slightly less of a target. For your case, change your networks SSID then turn off broadcast.
Reply With Quote
  #16  
Old 05-20-2019, 6:22 AM
ocabj's Avatar
ocabj ocabj is offline
Calguns Addict
 
Join Date: Oct 2005
Location: Riverside
Posts: 7,535
iTrader: 41 / 100%
Default

Quote:
Originally Posted by vega View Post
Is there a video I can watch to show how itís done?
Video? Just read the FreeRADIUS docs. They have plenty of documentation to work off of: https://freeradius.org/
__________________

Distinguished Rifleman #1924
NRA Certified Instructor (Rifle and Metallic Cartridge Reloading) and RSO
https://www.ocabj.net | http://jocabphoto.com

My AR15 Service Rifle - Used for CMP/NRA High Power Service Rifle Competitions
My Eliseo R5 (Remington 700) Tube Gun - Used for NRA High Power (Match Category) Competitions
My M1 Garand Service Rifle - Used for JCG Matches, rebuilt by Dean's Gun Restorations
Reply With Quote
  #17  
Old 05-20-2019, 6:32 AM
ocabj's Avatar
ocabj ocabj is offline
Calguns Addict
 
Join Date: Oct 2005
Location: Riverside
Posts: 7,535
iTrader: 41 / 100%
Default

Quote:
Originally Posted by the86d View Post

Use WPA2, and AES, w/"Upp3r--Ca$3-L0w3r-number$-&-$pecia7-c4arac+ers"?
(Honestly, something like "Ch!ckenF$ck3r" should be sufficient...
For my mother, I actually used something close to CanHaveFun19.
Not following best practices, mine is the functional equiv. of "MoarNinjaSkeels808", with non-dictionary w3rdz, and no special chars.
REAL "fun" can be had if you use extended ASCII "ńß█╚☻σŰ☻T├É╖Ī⌂", but might not be viable/type-able on non-Windows devices (iPhruity/Android), and some routers won't take these passphrases ([maybe because they are mostly Linux-based?].
Just a note for those looking to use Unicode: WPA passwords are limited to 63 bytes. A standard ASCII character is 1 byte. A single unicode character may use multiple bytes. Keep this in mind if getting fancy with long passphrases with unicode characters.

I am curious as to this rogue device still connecting even after you change the password being an issue of router/AP compromise. Maybe do a factory reset and make sure the firmware is up to date.
__________________

Distinguished Rifleman #1924
NRA Certified Instructor (Rifle and Metallic Cartridge Reloading) and RSO
https://www.ocabj.net | http://jocabphoto.com

My AR15 Service Rifle - Used for CMP/NRA High Power Service Rifle Competitions
My Eliseo R5 (Remington 700) Tube Gun - Used for NRA High Power (Match Category) Competitions
My M1 Garand Service Rifle - Used for JCG Matches, rebuilt by Dean's Gun Restorations
Reply With Quote
  #18  
Old 05-20-2019, 7:41 AM
Mute's Avatar
Mute Mute is offline
Calguns Addict
 
Join Date: Oct 2005
Location: Diamond Bar
Posts: 6,722
iTrader: 37 / 100%
Default

You need to do your due diligence of course, but more likely than not, there's a device that you've allowed that you just haven't identified yet, given that you've changed the passwords and it's connected again so quickly.
__________________
NRA Patron Life Member
NRA Certified Pistol, Rifle & Refuse To Be A Victim Instructor

American Marksman Training Group, LLC
Visit our American Marksman Facebook Page
Diamond Bar CCW Facebook Page


Discounted NRA Membership Sign Up
Reply With Quote
  #19  
Old 05-20-2019, 7:54 AM
vega vega is offline
Veteran Member
 
Join Date: Oct 2005
Location: Ventura County
Posts: 3,014
iTrader: 57 / 100%
Default

Quote:
Originally Posted by JohnnyMtn View Post
Make sure you are NOT broadcasting your SSID. You can turn that off in settings. Now, you wonít see your network if you ever want to get a device on your network, which is inconvenient. But since itís your network you just have to enter the network name manually in order to find your network. The beauty of this is that your network is not discoverable.

Not saying this will solve your problems but itís a wise step to make you slightly less of a target. For your case, change your networks SSID then turn off broadcast.
SSID is disabled and I changed the network name. I have to manually type in the name.
Reply With Quote
  #20  
Old 05-20-2019, 8:01 AM
IsaacMc's Avatar
IsaacMc IsaacMc is offline
Member
 
Join Date: Aug 2018
Location: Bay Area California
Posts: 239
iTrader: 6 / 100%
Default

Quote:
Originally Posted by TacFan View Post
Mac address filter on router

Password needs better encryption.
yup easiest way
Reply With Quote
  #21  
Old 05-20-2019, 8:05 AM
bool1tholz bool1tholz is offline
Senior Member
 
Join Date: Oct 2013
Posts: 546
iTrader: 5 / 100%
Default

Quote:
Originally Posted by vega View Post
Hi,

I have Netgear WNDR3400 and thereís a wireless intruder which keeps popping up even after I blocked it. I already changed the password but it keeps connecting to my wifi. How could I prevent someone from intruding my wifi?

TIA.

vega
https://thenextweb.com/plugged/2017/...router-bypass/

There is a well known backdoor in WNDR3400v3 hardware so perhaps someone hacked you and you're part of a botnet. If you're on the v3 hardware and you're keeping the router reset it to defaults and upgrade the firmware to see if that helps.
But the WNDR3400v3 seems to have released in 2013 and WNDR3400v1 released in 2010 do you're due for a replacement anyway.
Reply With Quote
  #22  
Old 05-20-2019, 3:29 PM
vega vega is offline
Veteran Member
 
Join Date: Oct 2005
Location: Ventura County
Posts: 3,014
iTrader: 57 / 100%
Default

One thing I noticed, the intruder doesnít have an IP address.

Does that mean he didnít get an access?
Reply With Quote
  #23  
Old 05-20-2019, 4:09 PM
Misterclick Misterclick is offline
Member
 
Join Date: Jun 2013
Posts: 206
iTrader: 0 / 0%
Default

Are you sure your intruder isnít a firestick, smart lightbulb or some home automation type thing?
Reply With Quote
  #24  
Old 05-20-2019, 4:17 PM
vega vega is offline
Veteran Member
 
Join Date: Oct 2005
Location: Ventura County
Posts: 3,014
iTrader: 57 / 100%
Default

Quote:
Originally Posted by Misterclick View Post
Are you sure your intruder isnít a firestick, smart lightbulb or some home automation type thing?
I have ID all the macs on the wifi except that one. I did search on it and itís a macmini-win7.
Reply With Quote
  #25  
Old 05-20-2019, 4:47 PM
MrFancyPants's Avatar
MrFancyPants MrFancyPants is offline
Member
 
Join Date: Jun 2017
Location: Salt Lake City
Posts: 439
iTrader: 3 / 100%
Default

All consumer wireless routers are worthless for security. There's not a single one I would be comfortable using to protect my home network.

Sent from my SM-N960U using Tapatalk
Reply With Quote
  #26  
Old 05-20-2019, 5:11 PM
dscoduc's Avatar
dscoduc dscoduc is offline
CGN/CGSSA Contributor
CGN Contributor
 
Join Date: Jan 2012
Location: North San Diego County
Posts: 847
iTrader: 40 / 100%
Default

Is it that new refrigerator you purchased?

8-P
__________________
"Freedom is never more than one generation away from extinction. It must be fought for, protected, and handed on for them to do the same, or one day we will spend our sunset years telling our children what it was once like in the United States where men were free." - Ronald Reagan

"America is like a healthy body and its resistance is threefold: its patriotism, its morality and its spiritual life. If we can undermine these three areas, America will collapse from within." - Josef Stalin
Reply With Quote
  #27  
Old 05-20-2019, 6:33 PM
Marauder2003's Avatar
Marauder2003 Marauder2003 is online now
S/360 Changed The Game
CGN Contributor
 
Join Date: Aug 2010
Location: NV
Posts: 959
iTrader: 0 / 0%
Default

You should be able to delete the device then set the router to reject new devices.

But then again I live alone and the router knows about the devices I have.
__________________
Reply With Quote
  #28  
Old 05-20-2019, 9:24 PM
MrBlazito's Avatar
MrBlazito MrBlazito is online now
Senior Member
 
Join Date: May 2011
Location: SoCal
Posts: 884
iTrader: 0 / 0%
Default

Quote:
Originally Posted by vega View Post
I have ID all the macs on the wifi except that one. I did search on it and itís a macmini-win7.
And you don't have a Mac mini? Does this device reappear instantly after you change the password and reboot the router?
__________________
Reply With Quote
  #29  
Old 05-20-2019, 9:26 PM
MrBlazito's Avatar
MrBlazito MrBlazito is online now
Senior Member
 
Join Date: May 2011
Location: SoCal
Posts: 884
iTrader: 0 / 0%
Default

Also, have you tried running Advanced IP Scanner? https://www.advanced-ip-scanner.com/

It has an option for remote shutdown. See what happens
__________________
Reply With Quote
  #30  
Old 05-20-2019, 10:30 PM
vega vega is offline
Veteran Member
 
Join Date: Oct 2005
Location: Ventura County
Posts: 3,014
iTrader: 57 / 100%
Default

All good now. I changed the password for admin login and wireless login. Disabled SSID and changed it as well. Delete and blocked the mac intruder. Set the router to block new login. Hopefully it will hold.

Big thanks to everyone!
Reply With Quote
  #31  
Old 05-21-2019, 3:51 AM
the86d's Avatar
the86d the86d is offline
Calguns Addict
 
Join Date: Jul 2011
Location: Pinko-Commiefornia
Posts: 7,303
iTrader: 3 / 100%
Default

Quote:
Originally Posted by JohnnyMtn View Post
Make sure you are NOT broadcasting your SSID. You can turn that off in settings...
Sniffing gets an SSID just sniffing for a few seconds, and that was even before 2007(?), just like MAC spoofing that one can even do on even on a Windows 10 box.

For a modern test, real quick, and keep in mind I have never done this on Windows 10, I changed my MAC in less than 10 seconds to a completely different MAC... and one I made-up
OG:

As you can see I have a new IP, and a new MAC, and above is a reserved IP for my MAC:


One can use a USB WiFi adapter and do this all in a VM, and don't even need a dedicated box to get an SSID and a MAC.
There are dedicated distros for purposes such as this...

I REALLY wish people would stop spreading this nonsense about MAC filters and disabling SSID Broadcast, it is STILL useless ~12+ years later...
__________________
Those who know Linux and use it daily generally find iPhruity Apple products useless...

Last edited by the86d; 05-21-2019 at 3:59 AM..
Reply With Quote
  #32  
Old 05-21-2019, 5:59 AM
sholling's Avatar
sholling sholling is offline
CGN/CGSSA Contributor
CGN Contributor
 
Join Date: Sep 2007
Posts: 10,343
iTrader: 5 / 100%
Default

Quote:
Originally Posted by AreWeFree View Post
Is your router set to WPA2 AES only? no TKIP.

Do you have a strong wifi password, minimum 15 characters?
Do people really use wifi passwords that short? I recommend at least 48+ thoroughly hashed characters. I also recommend that people use a guest network for guests, lock it out of the intranet, and that they turn off their guest network when guests leave.
__________________
"Government is the great fiction, through which everybody endeavors to live at the expense of everybody else." --FREDERIC BASTIAT--

Proud Life Member: National Rifle Association and the Second Amendment Foundation.

Life Member: California Rifle & Pistol Association
Reply With Quote
  #33  
Old 05-21-2019, 6:11 AM
krypto99 krypto99 is offline
Member
 
Join Date: May 2012
Posts: 286
iTrader: 1 / 100%
Default

Vega,

I am your neighbor, the one with the boat. If you ever want to go fishing again you will reconnect me to your wifi. I get very angry without pornhub.
Reply With Quote
  #34  
Old 05-21-2019, 6:26 AM
KSH KSH is offline
Member
 
Join Date: Dec 2016
Posts: 237
iTrader: 1 / 100%
Default

Quote:
Originally Posted by JohnnyMtn View Post
Make sure you are NOT broadcasting your SSID. You can turn that off in settings. Now, you wonít see your network if you ever want to get a device on your network, which is inconvenient. But since itís your network you just have to enter the network name manually in order to find your network. The beauty of this is that your network is not discoverable.



Not saying this will solve your problems but itís a wise step to make you slightly less of a target. For your case, change your networks SSID then turn off broadcast.
Not broadcasting the ssid is not a security measure. Can be sniffed very easily.
Reply With Quote
  #35  
Old 05-21-2019, 7:07 AM
NYT's Avatar
NYT NYT is offline
CGN/CGSSA Contributor
CGN Contributor
 
Join Date: Apr 2011
Location: Auburn, CA
Posts: 3,726
iTrader: 31 / 100%
Default

vega, did you create a screenshot of the device and MAK prior to deletion?

my guess off the cuff would be that one of your devices has two NICs thus two MAK addresses.

Quote:
Originally Posted by the86d View Post
Sniffing gets an SSID just sniffing for a few seconds, and that was even before 2007(?), just like MAC spoofing that one can even do on even on a Windows 10 box.

For a modern test, real quick, and keep in mind I have never done this on Windows 10, I changed my MAC in less than 10 seconds to a completely different MAC... and one I made-up

One can use a USB WiFi adapter and do this all in a VM, and don't even need a dedicated box to get an SSID and a MAC.
There are dedicated distros for purposes such as this...

I REALLY wish people would stop spreading this nonsense about MAC filters and disabling SSID Broadcast, it is STILL useless ~12+ years later...
exactly, people that have no experience in this sector always believe this nonsense.

Quote:
Originally Posted by MrFancyPants View Post
All consumer wireless routers are worthless for security. There's not a single one I would be comfortable using to protect my home network.

Sent from my SM-N960U using Tapatalk
thats incorrect. consumer grade or commercial, encryption and overall security standards remain. the point youre prob trying to make is that consumer grade routers are generally open in nature requiring the end user to lock it down. commercial grade routers are the opposite.

obviously the average user wouldnt be able to properly bring up their wireless network without ease of connectivity services like WPS and universal plug and play.

disabling WPS, UPnP, cloud-based router management, performing regular updates to firmware, etc are all ways to harden your home network with consumer grade hardware.
Reply With Quote
  #36  
Old 05-21-2019, 7:15 AM
Robotron2k84 Robotron2k84 is offline
Senior Member
 
Join Date: Sep 2017
Posts: 779
iTrader: 2 / 100%
Default

Be aware that if you do set up a RADIUS server and use WPA Enterprise, in any form, unless you switch off MSchap and LEAP, you still have gaping security problems.

The only two truely secure EAP channels are TTLS and TLS/Certificate. Yes, many businesses still use CHAP/LEAP, but they are generally backed up to site-wide, 802.1X and strict policy implementation on accounting.

802.1X is something anyone can do with the right knowledge, but it isn't obvious to implement for every share and access point on consumer networks. Going with a more secure handshake foregoes some of that configuration.

The downside is most mobile devices can't or won't support TTLS or TLS/Cert auth without additional configuration steps that require you to install profiles on the device before it can be used on the network. Some might consider that a win, however.
Reply With Quote
  #37  
Old 05-21-2019, 11:36 AM
Scratch705's Avatar
Scratch705 Scratch705 is offline
I need a LIFE!!
 
Join Date: May 2009
Location: SoCal
Posts: 11,166
iTrader: 15 / 100%
Default

so i'm just wondering, if i disable WPS, is there another way to boost my wifi range in the house between the main router and the range repeater/relay i had bought? since currently they are connected using the WPS function. the router is located in a bedroom on one end of the house, and the repeater/relay is located at about the center point of house in order to help the wifi reach the other end of the house.

and no, i can't move the router.
__________________
Quote:
Originally Posted by leelaw View Post
Because -ohmigosh- they can add their opinions, too?
Quote:
Originally Posted by SoCalSig1911 View Post
Preppers canceled my order this afternoon because I called them a disgrace... Not ordering from those clowns again.
Quote:
Originally Posted by PrepperGunShop View Post
Truthfully, we cancelled your order because of your lack of civility and your threats ... What is a problem is when you threaten my customer service team and make demands instead of being civil. Plain and simple just don't be an a**hole (where you told us to shove it).
Reply With Quote
  #38  
Old 05-21-2019, 1:31 PM
NYT's Avatar
NYT NYT is offline
CGN/CGSSA Contributor
CGN Contributor
 
Join Date: Apr 2011
Location: Auburn, CA
Posts: 3,726
iTrader: 31 / 100%
Default

Quote:
Originally Posted by Scratch705 View Post
so i'm just wondering, if i disable WPS, is there another way to boost my wifi range in the house between the main router and the range repeater/relay i had bought? since currently they are connected using the WPS function. the router is located in a bedroom on one end of the house, and the repeater/relay is located at about the center point of house in order to help the wifi reach the other end of the house.

and no, i can't move the router.
WPS has no bearing on range only ease of connectivity.

after initial setup, just disable WPS. you could have setup your repeater/relay without using the WPS functionality.

if you cannot disable WPS at the router, i would get a diff, more security conscious device.
Reply With Quote
  #39  
Old 05-21-2019, 2:52 PM
MrFancyPants's Avatar
MrFancyPants MrFancyPants is offline
Member
 
Join Date: Jun 2017
Location: Salt Lake City
Posts: 439
iTrader: 3 / 100%
Default

Quote:
Originally Posted by NYT View Post
thats incorrect. consumer grade or commercial, encryption and overall security standards remain. the point youre prob trying to make is that consumer grade routers are generally open in nature requiring the end user to lock it down. commercial grade routers are the opposite.

obviously the average user wouldnt be able to properly bring up their wireless network without ease of connectivity services like WPS and universal plug and play.

disabling WPS, UPnP, cloud-based router management, performing regular updates to firmware, etc are all ways to harden your home network with consumer grade hardware.
Yes the technical standards remain the same industry-wide, but the implementation does not. The fact that consumer routers are more or less wide open out of the box is only part of it. They simply lack security features available in enterprise-class devices, and even most open source software firewalls. My home lab network is behind a Cisco ASA 5540 which I paid less for than a new mid-range consumer WiFi router combo. The only reason it's not my Internet gateway is I have gigabit fiber and the 5540 limits firewall traffic to something like 650 Mbps, even less when running through the IPS port, but I'll either get a 5550 or build a VM firewall for that. Anyway I can do far more for security with the ASA and downstream Cisco switches than any consumer router I've ever used.

I realize this is far and away beyond what most consumers are capable of or willing to do, but I am a network engineer/systems administrator and manage whole datacenter infrastructures, so I have the knowledge to be able to do it no sweat. Ideally, for the best security, your wireless and wired networks should connect behind different firewall ports with more strict traffic filtering and ACLs in place on the wireless side, particularly inbound to the outside interface.

Anyway this discussion could go on and on....

Last edited by MrFancyPants; 05-21-2019 at 2:58 PM..
Reply With Quote
  #40  
Old 05-21-2019, 3:17 PM
wpage's Avatar
wpage wpage is offline
Veteran Member
 
Join Date: Jan 2011
Posts: 4,681
iTrader: 2 / 100%
Default

If the problem persists. Get a new device.
__________________
God so loved the world He gave His only Son... Believe in Him and have everlasting life.
John 3:16

United Air Epic Fail Video https://www.youtube.com/watch?v=u99Q7pNAjvg
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT -8. The time now is 9:24 PM.




Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
Proudly hosted by GeoVario the Premier 2A host.
Calguns.net, the 'Calguns' name and all associated variants and logos are ® Trademark and © Copyright 2002-2018, Calguns.net an Incorporated Company All Rights Reserved.
Calguns.net and The Calguns Foundation have no affiliation and are in no way related to each other.
All opinions, statements and remarks made by Calguns.net on this web site and elsewhere are solely attributable to Calguns.net.