How to improve my router settings and stop these access attempts to my network

2

I have a network at home. ISP modem connects to my router which connects to my computers and laptops. When I look into my router logs I see a load of blocked access attempts. I was wondering if I can stop people from trying to access my wireless network. (My router does not have the ability to power down to decreased its range)

Please check these logs and my router settings below and I hope you can tell me what I can do to stop this. Also I am wondering if this is the work of one person.

Also I am wondering if I can improve my router settings, what do you guys think?

I have a 3Com OfficeConnect router with the latest updates. My router settings:

  • I don't use the default password. (duh)
  • I don't use the regular ip-address but my own.
  • I use a .248 subnet so I can use 5 hosts as the 6th is my router and the first is my network address. Good for my two computers and my two laptops, room for one additional host if needed.
  • I have fixed a few of my DHCP client ip addresses. (is that good?)
  • Gateway's DHCP Server is enabled.
  • My SSID is a latin word I chose and I don't broadcast this name. (although I heard people can still notice my network with specific software as the network is existing)
  • I use WPA encryption with a pre-shared passphrase.
  • I enabled connection control which only allows my laptops MAC addresses to connect to the gateway.
  • When a request from the Internet is not directed to a virtual server it is blocked.
  • Url filter disabled and no pc privileges.
  • Pings from internet are disabled and remote administration is also off.

Here is are my logs from the past 24 hours, I omitted my own successful logins.

2009/11/07 23:49:36 : Blocked access attempt from 64.34.14.35
2009/11/08 00:26:43 : Blocked access attempt from 94.231.57.9
2009/11/08 00:49:38 : Blocked access attempt from 209.85.227.105
2009/11/08 00:49:41 : Blocked access attempt from 209.85.229.99
2009/11/08 00:51:25 : Blocked access attempt from 209.85.227.105
2009/11/08 10:54:33 : Blocked access attempt from 94.211.26.19
2009/11/08 11:05:00 : Blocked access attempt from 211.100.229.252
2009/11/08 14:35:08 : Blocked access attempt from 209.85.229.104
2009/11/08 14:36:05 : Blocked access attempt from 209.85.227.105
2009/11/08 14:56:46 : Blocked access attempt from 121.166.196.244

D. Veloper

Posted 2009-11-08T14:59:18.947

Reputation: 151

3Are you sure these are coming in from wireless? I would guess more likely they are coming down the wire through your ISP. As soon as you start sending packets through the to other network sites, there are folks sniffing packets to look for possible addresses to attack. I'd worry more about this than wireless, tho' it does look like you've got most of it covered. – Shannon Nelson – 2009-11-09T05:06:39.180

Answers

9

It sounds as if you have all bases covered. Regardless of your security settings on your network, you can never stop attempts to access it. It is only when those attempts aren't blocked and are successful you should start considering the security of your network.

Just one little tid-bit of helpful information…

I enabled connection control which only allows my laptops MAC addresses to connect to the gateway.

MAC address filtering (which is what this is) is so incredibly easy to by-pass. These days, faking your MAC address is very trivial and you should never rely solely on MAC filtering.

Josh Hunt

Posted 2009-11-08T14:59:18.947

Reputation: 20 095

Yes I am aware the attempts cant be stopped, but is this a thing I should worry about? The IP address that is trying to connect is nowhere near my networks IP, then again, to gain access the passphrase needs to be correct too. Can this guy (because I still think this is one guy as I don't see why all my neighbours would use hidden-network-discover software) eventually 'guess' my ip and then hammer on my router admin page?

About the MAC addresses, I am aware there is software that can fake a MAC address to get control to a MAC address 'security' network. – D. Veloper – 2009-11-08T22:54:29.103

0

you could try lowering the power of your wifi to more tightly match the physical office space your are servicing. no need to blast it into a public lobby or out onto the street if those are your employees anyway.

maybe setup a hunnypot ap that goes no where but if anyone connects to it youll know you had a breach of some sort.

Crash893

Posted 2009-11-08T14:59:18.947

Reputation: 1 532

Asked: 2009-11-08T14:59:18.947

Viewed: 2 484 times

Active: 2013-02-27T04:43:58.873