Quote:
Originally Posted by cabal
Point 2 and 6 are nonsense, myths of the net. WPA2 is good but if possible use VPN.
|
This is not true- it's just that when employed as main line of security (without the other steps) you are not actually secure. Think of these two points when used with the others as 'shoring up your defenses'.
- SSID Broadcast: If the SSID is always being broadcast then a war-driver will see the network within a short period of time even when there are no clients using it. When the SSID broadcast is turned off, someone has to be using it at the time for a war driver to see the network.
- MAC filtering: if a client is not using the network, and the intruder spoofs the MAC address, then this line of defense is not relevant. But imagine you are using your MAC address when an intruder attempts to spoof yours for their own connection to the gateway- that leads to very funky, broken connections, and can tip off a user that something is amiss. Think of it as a tripwire.
So, to summarize, these steps taken on their own is not a wise path. But looking for the single "Holy Grail" of security isn't, either. Once your single 'ultimate solution' has a chink in it's armor, you are almost as insecure as using the above methods on their own. Using as many techniques at your disposal, on the other hand, will make things more difficult for an intruder, and can sometimes tip you off that there is even an intruder lurking in the first place.