[Fusewire]

I have read the campaign against WiFi thread....

I noticed that some members suggested that one could protect themselves from the WiFi signal frying thier brains by wearing a tin hat or a hat made from scrunched up tin foil.

I was wondering if I could create a shield by lining the walls of the house with tin foil to stop people connecting to my router and stealing my bandwidth.

So.. do you think it will work or not ? any advice or recomendations would be greatly appreciated.

PS. The router has all the usual software security on it but I'm told that this is not that hard to overcome, however if they can't penetrate the shield then they wouldn't be able to connect to it....will they ??

[Steven]

Sorry, are you being sarky or not?

[Moosh]

The problem with creating a Faraday cage (which is basically what you're describing) is that no signals will leak either way! So, for example, you wouldn't be able to make or receive mobile phone calls from within your house.

Cheers
Moosh

[Fusewire]

Quote:

The problem with creating a Faraday cage (which is basically what you're describing) is that no signals will leak either way! So, for example, you wouldn't be able to make or receive mobile phone calls from within your house.

So I would have to sacrifice the mobile phone...I can live with that.

I take it the sky satalite signal will be OK as the dish is on the outside of the house and hardwired to the STB. or will the shield repel the signal from the dish

Other than that the shield will work OK and stop them getting in ?

[Singh400]

You can get special type of clothing. It filters out electronic signals or something. Saw it on Richard and Judy a while ago.

Of course, the easier option would be to secure the wireless router (properly!) or better yet. Drop wireless altogether and hard wire your network (which I prefer).

[pixelpixel]

See below: You could try and use 802.11a .

Quote:

From: Zdnet

1. Use encryption
Encryption is the number one security measure, but many wireless access points (WAPs) don't have encryption enabled by default. Although most WAPs support the Wired Equivalent Privacy (WEP) protocol, it's not enabled by default. WEP has a number of security flaws, and a knowledgeable hacker can crack it, but it's better than no encryption at all. Be sure to set the WEP authentication method for "shared key" rather than "open system". The latter does not encrypt the data; it only authenticates the client. Change the WEP key frequently and use 128-bit WEP rather than 40-bit.

2. Use strong encryption
Because of WEP's weaknesses, you should use the Wi-Fi Protected Access (WPA) protocol instead of WEP if possible. To use WPA, your WAP must support it (you may be able to add support to an older WAP with a firmware upgrade); your wireless network access cards (NICs) must support it (again, a firmware update may be necessary); and your wireless client software must support it. Windows XP Service Pack 2 installs the WPA client. SP1 machines can be updated to support WPA by installing the Windows WPA client with the Wireless Update Rollup Package — see this page for more details. Another encryption option is to use IPsec, if your wireless router supports it.

3. Change the default administrative password
Most manufacturers use the same default administrative password for all their wireless access points (or at least, all those of a particular model). Those default passwords are common knowledge among hackers, who can use them to change your WAP settings. The first thing you should do when you set up a WAP is change the default password to a strong password (eight characters or more in length, using a combination of alpha and numeric characters, not using words that are in the dictionary).

4. Turn off SSID broadcasting
The Service Set Identifier (SSID) is the name of your wireless network. By default, most WAPs broadcast the SSID. This makes it easy for users to find the network, as it shows up on their list of available networks on their wireless client computers. If you turn off broadcasting, users will have to know the SSID to connect. Some folks will tell you that turning off SSID broadcasting is useless because a hacker can use packet sniffing software to capture the SSID even if broadcasting is turned off. That's true, but why make it easier for them? That's like saying burglars can buy lockpicks, so locking the door is useless. Turning off broadcasting won't deter a serious hacker, but it will protect from the casual "piggybacker" (for example, a next door neighbor who notices the new network and decides to try connecting "just for fun").

5. Turn off the WAP when not in use
This one may seem simplistic, but few companies or individuals do it. If you have wireless users connecting only at certain times, there's no reason to run the wireless network all the time and provide an opportunity for intruders. You can turn off the access point when it's not in use — such as at night when everyone goes home and there is no need for anyone to connect wirelessly.

6. Change the default SSID
Manufacturers provide a default SSID, often the equipment name (such as Linksys). The purpose of turning off SSID broadcasting was to prevent others from knowing the network name, but if you use the default name, it's not too difficult to guess. As mentioned, hackers can use tools to sniff the SSID, so don't change the name to something that gives them information about you or your company (such as the company name or your physical address).

7. Use MAC filtering
Most WAPs (although not some of the cheapest ones) will allow you to use media access control (MAC) address filtering. This means you can set up a "white list" of computers that are allowed to connect to your wireless network, based on the MAC or physical addresses assigned to their network cards. Communications from MAC addresses that aren't on the list will be refused.

The method isn't foolproof, since it's possible for hackers to capture packets transmitted over the wireless network and determine a valid MAC address of one of your users and then spoof the address. But it does make things more difficult for a would-be intruder, and that's what security is really all about.

8. Isolate the wireless network from the rest of the LAN
To protect your wired internal network from threats coming over the wireless network, create a wireless DMZ or perimeter network that's isolated from the LAN. That means placing a firewall between the wireless network and the LAN. Then you can require that in order for any wireless client to access resources on the internal network, he or she will have to authenticate with a remote access server and/or use a VPN. This provides an extra layer of protection.

9. Control the wireless signal
The typical 802.11b WAP transmits up to about 300 feet. However, this range can be extended by a more sensitive antenna. By attaching a high gain external antenna to your WAP, you can get a longer reach but this may expose you to war drivers and others outside your building. A directional antenna will transmit the signal in a particular direction, instead of in a circle like the omnidirectional antenna that usually comes built into the WAP. Thus, through antenna selection you can control both the signal range and its direction to help protect from outsiders. In addition, some WAPs allow you to adjust signal strength and direction via their settings.

10. Transmit on a different frequency
One way to "hide" from hackers who use the more common 802.11b/g wireless technology is to go with 802.11a instead. Since it operates on a different frequency (the 5 GHz range, as opposed to the 2.4 GHz range in which b/g operate), NICs made for the more common wireless technologies won't pick up its signals. Sure, this is a type of "security through obscurity" — but it's perfectly valid when used in conjunction with other security measures. After all, security through obscurity is exactly what we advocate when we tell people not to let others know their social security numbers and other identification information.

A drawback of 802.11a, and one of the reasons it's less popular than b/g, is that the range is shorter: about half the distance of b/g. It also has difficulty penetrating walls and obstacles. From a security standpoint, this "disadvantage" is actually an advantage, as it makes it more difficult for an outsider to intercept the signal even with equipment designed for the technology

[Fusewire]

Using 802.11a sounds like a good idea if you are in the same room as the router, but it may cause me connectivity issues if it has trouble penetrating the internal walls if trying to connect from other areas of the house.

I like the shield idea as I can just shield the external walls to stop them getting in and still have good internal connectivity.

[Mr.D]

If you are seriously worried about WIFI networks then shielding is not going to make any difference as its so widespread these days.

The best way to stop these dangerous waves from effecting you is a spot of DIY.

Get yourself a power drill , preferably quite a powerful model . Then use a long wide bore auger bit and drill a hole through your head , front to back or side to side it wont really matter.

Not only will this stop you worrying about WIFI radiation it will also let the demons out.

[Fusewire]

Quote:

If you are seriously worried about WIFI networks then shielding is not going to make any difference as its so widespread these days.

I'm not worried about WiFi and how it will affect me on a biological level, I am concerned about the security of my WiFi network and don't want anyone to hack into it.

Quote:

The best way to stop these dangerous waves from effecting you is a spot of DIY.

Get yourself a power drill , preferably quite a powerful model . Then use a long wide bore auger bit and drill a hole through your head , front to back or side to side it wont really matter.

Not only will this stop you worrying about WIFI radiation it will also let the demons out.

I think I'll pass on that on thanks. I'm quite happy with the number of holes in my skull as it is.

[Mr.D]

Quote:

Originally Posted by Fusewire

I'm not worried about WiFi and how it will affect me on a biological level, I am concerned about the security of my WiFi network and don't want anyone to hack into it.

Anyone can access my wireless access point and get a net connection. I don't mind to be honest.

My machines are all individually firewalled though , anyone getting access to the router can't actually see any of the other machines in my network.

[Singh400]

Quote:

Originally Posted by pixelpixel

See below: You could try and use 802.11a .

I see you have that page bookmarked, like moi!

[Fusewire]

Quote:

Anyone can access my wireless access point and get a net connection. I don't mind to be honest.

Are you not responsible for what these unknown people download though as it's your network? and would it not slow down your own access speed if someone else is using it too ??

[Singh400]

Quote:

Originally Posted by Mr.D

Anyone can access my wireless access point and get a net connection. I don't mind to be honest.

My machines are all individually firewalled though , anyone getting access to the router can't actually see any of the other machines in my network.

You do know your responbile if that person starts to download child porn or something.

[fortean]

Quote:

Originally Posted by Singh400

You do know your responbile if that person starts to download child porn or something.

He's not actually responsible for what someone else does when they make illegal use of his network.

He is likely to have his computers seized and may be arrested if his network is used for that sort of thing though; very inconvenient. Until the police determine what has happened he will be considered a suspect.

There is no legal requirement to secure your network and leaving it unsecured can not be seen as an invitation to use it.

[Moosh]

Quote:

Originally Posted by Fusewire

So I would have to sacrifice the mobile phone...I can live with that.

I take it the sky satalite signal will be OK as the dish is on the outside of the house and hardwired to the STB. or will the shield repel the signal from the dish

Other than that the shield will work OK and stop them getting in ?

If you "break" the Faraday cage, such as having a hole drilled though it to let an ariel through, then you will not be completely covered. The other problem is that the ariel will act like, er, an ariel!

The government call the system (Faraday cages etc.) TEMPEST (have a look on the web).

Cheers
Moosh

[stevedster]

Wow this forum has gone nuts lol

For another crazy thread see my fly based model aircraft one

[wormvortex]

Oh dear, I hope this thread is a joke. Things are starting to get pathetic. The odds that someone is "stealing your bandwith" are incredibly low. Most people wouldn't even know how to go about browsing someone elses internet or even try to. Anyways surely you've choosen a WEP key thats not something like "mum" or "god" though?

[zAndy1]

Why not get some homeplugs, no wireless signal so nobody can tap into it.

[njp]

Quote:

Originally Posted by fortean

He's not actually responsible for what someone else does when they make illegal use of his network.

The problem would be proving he didn't do it.

The "My WiFi network was open" defence has been attempted by people who have been subsequently convicted of downloading illegal material (certainly in the US, and possibly here too). So it seems like a somewhat risky strategy, regardless of your legal or illegal intent...

[njp]

Quote:

Originally Posted by wormvortex1337

Anyways surely you've choosen a WEP key thats not something like "mum" or "god" though?

WEP is effectively dead; software exists which can break the encryption in a few minutes, with no expertise required on the part of the hacker.

WPA has not been compromised, as far as anyone is telling.

[The Dude]

Mac filtering alone is enough to stop casual passers by, WEP will deter all but determined hackers, and determined hackers will not be deterred by anything.


If I can't get past your Wireless security, I can always break into your wired network, using a brick.

If you're relying on Windows for security, then you've got only yourself to blame If I steal both your bandwidth and your PC.

[Mr.D]

Quote:

Originally Posted by njp

The problem would be proving he didn't do it.

The "My WiFi network was open" defence has been attempted by people who have been subsequently convicted of downloading illegal material (certainly in the US, and possibly here too). So it seems like a somewhat risky strategy, regardless of your legal or illegal intent...

I have the same reply to this topic I always have.
Find me a case of someone being arrested let alone charged or convicted for having an open wireless point.
If the authorities are daft enough to seize my property without just cause my lawyer will gleefully deal with them.

Show some backbone will ya.

[Mr.D]

Quote:

Originally Posted by njp

The problem would be proving he didn't do it.

...

Erm in this country you don't have to prove you didn't do something. its up to the authorities to prove you did beyond reasonable doubt. One of those cornerstones of a democratic society type of thing.

[The Dude]

If I was really concerned about neighbours hacking my WLAN, I'd setup a spare access point with a big antenna, using only basic, badly implemented WEP... and connected directly to a 'specially prepared' Windows 2000 machine.


Wanarchy in the UK, bring it on!

[njp]

Quote:

Originally Posted by Mr.D

Erm in this country you don't have to prove you didn't do something. its up to the authorities to prove you did beyond reasonable doubt. One of those cornerstones of a democratic society type of thing.

I guess you have more faith in that process than I do. Given the prospect of years of data retention by ISPs, logged against an individual's IP address, I think I'll continue to recommend that people secure their wireless networks with an encryption scheme that isn't broken.

Even if the authorities failed to secure a conviction, the attempt could prove very uncomfortable for the innocent party.

[Pat_C]

Quote:

Originally Posted by Mr.D

Erm in this country you don't have to prove you didn't do something. its up to the authorities to prove you did beyond reasonable doubt. One of those cornerstones of a democratic society type of thing.

But in this case the apparent evidence (ISP records etc.) would indicate that you had done something, and you would have to prove that your LAN had been hijacked. I don't know how easy or difficult that may be; anyone who has gained access to your LAN may well have impersonated a local PC to do so.

PS The concept of 'reasonable doubt' seems to have been quietly dispensed with in the legal system too, although something similar still applies.

[Fusewire]

Many thanks to you all for your replies...

I am considering two methods of instalation for my shield.

The first would be to scrunch up the foil and stick it to the wall with adhesive and the fix plasterboard over the top of it, so you end up with a cavity wall type installation only there is scrunched up tin foil in the cavity.

The other way I was thinking was to strip the wall paper off the wall and wall paper the wall with tin foil (flat not scrunched up ) so it will act like a lining paper and then put the proper wall paper back on.

So what do you think will be the best way to proceed, I am thinking the first option will be a little more difficult to install but will provided greater protection against penetration. the second option would be easier but will the shield be able to maintain its integrity using this method ?

[njp]

And what are you going to do about the windows?

[Ethics Gradient]

Quote:

Originally Posted by njp

And what are you going to do about the windows?

He can install Linux instead.

[Fusewire]

Quote:

He can install Linux instead.

On a more serious note, what about the double glazing..... can the WiFi signal get through the window ?