X10 - configure over wifi - how secure is it?
Accepted Solutions
@alokeprasad wrote:
I have always disabled the "configure over wifi" feature of my routers (from Netgear or others) in the past. I figured that this was more secure, as someone will need physical access to my wired LAN to change settings of my router. However, I lose the ability to effectively use the iPhone apps, even when at home, to admin the device....
Should I continue that habit? Am I being unneccesarily paranoid?
[Edit: I realize that if I use WPA2 encryption, someone will need to know my password to access my network over wifi. However, my neighbor (or a van parked on the street) can brute-force password attacks over wifi. Not broadcasting SSID is not an effective way for against packet sniffers]
It's always good to be cautious and vigilant but it is relatively safe to use wireless. I did, however, warn someone recently that it was a really bad idea to run with no encryption between two repeaters because he was sure his Wi-Fi signal was too weak to be picked up outside his house. 
It is computationally impossible to brute-force a strong WPA2-PSK password. "Strong" would be a random password of 16 characters or longer.
Note: I will ALWAYS disable remote access (over internet/WAN) to the router.
Specific questions about the X10 (mine is on order):
1. Can I disable access to the router configuration over wireless?
No.
2. Should I do that?
N/A
3. OT question: What is the default IP address of the router in the 192.168.x.x range? In case the http://www.routerlogin.net cannot be resolved..
192.168.1.1. Have a look at the online manual while you wait for it to arrive.
4. Can I disable WPS connections? Should I?
You cannot fully disable WPS, but you can disable the PIN-based method, which I recommend doing. That still leaves the push-button method, but if you can physically secure access to your router, you will be ok.
All Replies
@alokeprasad wrote:
I have always disabled the "configure over wifi" feature of my routers (from Netgear or others) in the past. I figured that this was more secure, as someone will need physical access to my wired LAN to change settings of my router. However, I lose the ability to effectively use the iPhone apps, even when at home, to admin the device....
Should I continue that habit? Am I being unneccesarily paranoid?
[Edit: I realize that if I use WPA2 encryption, someone will need to know my password to access my network over wifi. However, my neighbor (or a van parked on the street) can brute-force password attacks over wifi. Not broadcasting SSID is not an effective way for against packet sniffers]
It's always good to be cautious and vigilant but it is relatively safe to use wireless. I did, however, warn someone recently that it was a really bad idea to run with no encryption between two repeaters because he was sure his Wi-Fi signal was too weak to be picked up outside his house.
It is computationally impossible to brute-force a strong WPA2-PSK password. "Strong" would be a random password of 16 characters or longer.
Note: I will ALWAYS disable remote access (over internet/WAN) to the router.
Specific questions about the X10 (mine is on order):
1. Can I disable access to the router configuration over wireless?
No.
2. Should I do that?
N/A
3. OT question: What is the default IP address of the router in the 192.168.x.x range? In case the http://www.routerlogin.net cannot be resolved..
192.168.1.1. Have a look at the online manual while you wait for it to arrive.
4. Can I disable WPS connections? Should I?
You cannot fully disable WPS, but you can disable the PIN-based method, which I recommend doing. That still leaves the push-button method, but if you can physically secure access to your router, you will be ok.
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more