Will WPA/WPA 2 be the best security option for my network?

[streaker69]

This way if the attacker still knows ur key, he wont be able to access the network or send any data packets cuz his mac address will be blocked/un-authorized to communicate with the network. And if the attacker trys to dump the air way to see what ur mac is and try to spoof it, it wont show up cuz the broadcasting is turned off. (i think)

You're wrong.

[secure_it]

if you want good securtiy, add WPA2 AES+TKP

Also, if you only want 2 or X amount of computers accessing the network make 2 or X amount of static ips..And set the maximum number of users to: 1

Then add 2 or the X amount of computer mac address to only access the network.

Last but not least, turn off your broadcasting..

This way if the attacker still knows ur key, he wont be able to access the network or send any data packets cuz his mac address will be blocked/un-authorized to communicate with the network. And if the attacker trys to dump the air way to see what ur mac is and try to spoof it, it wont show up cuz the broadcasting is turned off. (i think)

Hope this helps.

lol very funny concepts,never heard such before.by turning off the SSID broadcast,does not means turning off beacon frames.disabling the SSID broadcast won't show the AP ESSID while sniffing traffic instead an attacker can see undetermined length of AP essid like length :4 etc which can be decloacked too.this is all the game of passphrase.once you got passphrase than bypassing mac-filtering is piece of cake.one more thing if QoS(WMM)is enabled in WLAN and client activity is good enough,TKIP can be cracked.best is to use CCMP instead of TKIP.dude carefully study before putting any comments here.things does not work according to our asssumptions.you may direct many people in wrong way.

[Eatme]

i see that the both of you missed where i typed (i think) at the end which would make people not go with that im saying 100% i said i think, i never said i was even 50% sure this will work.

[streaker69]

i see that the both of you missed where i typed (i think) at the end which would make people not go with that im saying 100% i said i think, i never said i was even 50% sure this will work.

No, I saw it, even highlighted it.

Problem is, if you're not sure about it, you shouldn't be suggesting it.

[secure_it]

Agree what streaker told.that also pointed by me.enhance your knowledge little bit more than it will be very good for the community.

[Eatme]

alright...

well what about the other things i pointed out. except turning of the broadcasting..

[streaker69]

alright...

well what about the other things i pointed out. except turning of the broadcasting..

If what you were talking about is turning on MAC filtering then that advice is bad as well. MAC filtering is easily bypassed.

[Thorn]

alright...

well what about the other things i pointed out. except turning of the broadcasting..

Also, if you only want 2 or X amount of computers accessing the network make 2 or X amount of static ips..

That advice is OK, but it doesn't buy too much security. Putting a limit on the number of DHCP clients will certainly ensure that no more than that number gets handed a lease, but it won't stop someone from manually entering an IP address within the appropriate subnet.

And set the maximum number of users to: 1

Most SOHO routers won't limit the number of users, and most SOHO users don't use any kind of authentication system. This can be done in SMB and enterprise systems of course, but most home or small businesses use lower cost equipment.

Then add 2 or the X amount of computer mac address to only access the network.

MAC filtering doesn't give you any real security, either. MAC addresses can be cloned, and it's relatively quick.