Menu
Reply
  • 3
  • 0
  • 0
Huckfin1
Joining in
384 Views
Message 1 of 6
Flag for a moderator

VM S/HUB 3

HI,

Help I'm in a bit of a rut with setting my wifi .In my hub settings ;Wireless/WPS Push button and WPS PIN.... To stop others using my wireless network/WiFi, example; kids across the road using it for gaming I have wps push button enabled and wps disabled.Is this the best way and is it easy for the little treasure's to get on to my system.??????? 🤔 How secure is my Hub, can I beef up security ? I run McAfee total pro. All advice helpful.....

   
   
0 Kudos
Reply

Helpful Answers
  • 184
  • 4
  • 38
omendata
Superfast
718 Views
Message 2 of 6
Flag for a moderator
Helpful Answer

Re: VM S/HUB 3

Disable WPS completely its just a security hazard!

Do it properly through the browser setup!

Switch Off UPNP.

Setup wireless MAC Filtering!

Switch on the firewall.

Only use WPA2-PSK.

Ensure you broadcast SSID - Its a bit like the old put your wet phone in rice to dry it out its an old wives tale!
Broadcsting your ssid reduces findme broadcasts and any hacker can find your network with a copy of netstumbler or kismet!

Change the remote access to off or an alternate port!

Make sure your wifi password is complex - 10 characters or more preferably!

Change your Wifi SSID - Dont leave it at default as it allows hackers to know what network you are on.

Switch off 5ghz if none of your devices use it.

Find a free space in the broadcast spectrum will enhance your wifi and reduce dropout - use the program InSSIDer!

Loads more stuff!

Unfortunately the SH3 security isnt as comprehensive as the old SH2.

0 Kudos
Reply
  • 9.02K
  • 760
  • 1.88K
Superuser
Superuser
706 Views
Message 3 of 6
Flag for a moderator
Helpful Answer

Re: VM S/HUB 3

The WPS pin vulnerability has now been closed as WPS will lock down after a number of incorrect attempts to access it. (See WPS Status in the Hub's GUI). However, t

Use WPA2 with AES and avoid TKIP

A strong password including a mixture of upper and lower case characters, numbers and special characters. the longer the better.

MAC filtering is a waste of effort as any packet sniffer will show up MAC addresses. Some myths debunked and some good advise here

On the WAN side, a good software firewall as you seem to have is essential

The hub's firewall might give a bit of additional protection.

You can test for uPNP exposure here  and any open ports Bear in mind port scanners will show what ports are open on your PC, so changing ports would be of limited value.

 

 

0 Kudos
Reply

All Replies
  • 184
  • 4
  • 38
omendata
Superfast
719 Views
Message 2 of 6
Flag for a moderator
Helpful Answer

Re: VM S/HUB 3

Disable WPS completely its just a security hazard!

Do it properly through the browser setup!

Switch Off UPNP.

Setup wireless MAC Filtering!

Switch on the firewall.

Only use WPA2-PSK.

Ensure you broadcast SSID - Its a bit like the old put your wet phone in rice to dry it out its an old wives tale!
Broadcsting your ssid reduces findme broadcasts and any hacker can find your network with a copy of netstumbler or kismet!

Change the remote access to off or an alternate port!

Make sure your wifi password is complex - 10 characters or more preferably!

Change your Wifi SSID - Dont leave it at default as it allows hackers to know what network you are on.

Switch off 5ghz if none of your devices use it.

Find a free space in the broadcast spectrum will enhance your wifi and reduce dropout - use the program InSSIDer!

Loads more stuff!

Unfortunately the SH3 security isnt as comprehensive as the old SH2.

0 Kudos
Reply
  • 9.02K
  • 760
  • 1.88K
Superuser
Superuser
707 Views
Message 3 of 6
Flag for a moderator
Helpful Answer

Re: VM S/HUB 3

The WPS pin vulnerability has now been closed as WPS will lock down after a number of incorrect attempts to access it. (See WPS Status in the Hub's GUI). However, t

Use WPA2 with AES and avoid TKIP

A strong password including a mixture of upper and lower case characters, numbers and special characters. the longer the better.

MAC filtering is a waste of effort as any packet sniffer will show up MAC addresses. Some myths debunked and some good advise here

On the WAN side, a good software firewall as you seem to have is essential

The hub's firewall might give a bit of additional protection.

You can test for uPNP exposure here  and any open ports Bear in mind port scanners will show what ports are open on your PC, so changing ports would be of limited value.

 

 

0 Kudos
Reply
  • 3
  • 0
  • 0
Huckfin1
Joining in
347 Views
Message 4 of 6
Flag for a moderator

Re: VM S/HUB 3

Thanks I tried your uPNP link and it seems I'm safe...Kind Regards. Huckfin 1
0 Kudos
Reply
  • 3
  • 0
  • 0
Huckfin1
Joining in
344 Views
Message 5 of 6
Flag for a moderator

Re: VM S/HUB 3

Thanks when I work it through I will give it a go ...Regards ...Huckfin 1
0 Kudos
Reply
  • 184
  • 4
  • 38
omendata
Superfast
260 Views
Message 6 of 6
Flag for a moderator

Re: VM S/HUB 3

I work as a security analyst and no extra amount of security is useless.

Yes it is easy to circumvent by intercepting beacons and mac cloning but it makes the hackers work more difficult and many amateur kiddies will give up after too many obstacles or they see that proper security layers have been set up.

Changing ports is essential - one company i recently sorted were allowing port 3389 - giving the port number to a hacker is a gift - changing the port number means the hacker will have no idea what is behind the port ftp , rdp until he tries to find it - as I said make it as difficult as possible.

Its not disguising ports or stealthing them that is important its ensuring your security is there and its hard to get in!

WPS may be secure but just like server hardening its best to switch off all services that are not essential - you never know when that so called secure function turns out to be not so secure as Tesco just found out and many others are about to!

Just keep an eye out on SSL in the next 6 months!

0 Kudos
Reply