I recently noticed some suspicious activity in my DHCP server logs and that prompted me to change my SSID and passphrase. The suspicious activity was a client I don't have any record of requesting a DHCP lease over the course of a few days at a brute force rate, then a more calculated rate. So, it would appear that someone at the other end wised up. I checked all of my known hardware and didn't find anything.
My network is setup as static DHCP and each client belongs to a particular group or zone to dictate what traffic it can send / receive both internally (to the router / gateway) and externally.
While I do have an older wifi router, I am running WPA2 and my passphrase (at the time was 16 characters of pseudo-random bits). Even if they captured the 4-way handshake, I would think 16 characters of pseudo random bits would take quite a bit of time to crack. Now, it is much longer, I'd prefer not to say ...
Would WIFI EAP (with a client / server certificate be significantly more secure than a single passphrase)?
What do you do for network security? How much would a more modern router help? While it'd be cool to have an IDS / IPS, I also don't want to go too far down that rabbit hole of setting up antennas around my perimeter capturing network traffic with a rolling window and saving a snapshot if/when something suspicious is detected ...
My network is setup as static DHCP and each client belongs to a particular group or zone to dictate what traffic it can send / receive both internally (to the router / gateway) and externally.
While I do have an older wifi router, I am running WPA2 and my passphrase (at the time was 16 characters of pseudo-random bits). Even if they captured the 4-way handshake, I would think 16 characters of pseudo random bits would take quite a bit of time to crack. Now, it is much longer, I'd prefer not to say ...
Would WIFI EAP (with a client / server certificate be significantly more secure than a single passphrase)?
What do you do for network security? How much would a more modern router help? While it'd be cool to have an IDS / IPS, I also don't want to go too far down that rabbit hole of setting up antennas around my perimeter capturing network traffic with a rolling window and saving a snapshot if/when something suspicious is detected ...