Wireless Security Question

October 23, 2007

I mentioned a while ago the great deal I got on a wireless router.  This is my first experience with using a wireless network and I’ve run into an annoying problem that has me a little concerned.

I’ve started to get an “Incoming Connection Alert” from the software firewall on my PC containing the message below:

Someone from 24.64.66.106, port 3510 wants to send UDP datagram to port 1026 owned by ‘Generic Host Process for Win32 Services’ on your computer.

The message is always the same with the exception of the IP address which changes with each occurrence.  I have the option to Accept or Deny the request and I always Deny it but it still has me worried.

This only began happening after I installed the wireless router.  What I want to know is why I’m getting these requests into my computer all of a sudden and what I can do to stop them. Also, I’m looking for some good online resources on wireless home network security.  Any advice you could offer would be greatly appreciated.  Thanks!

Ben

Will this article help you save or earn more money? Get others like it simply by entering your email address below. Your email is used only for delivering daily money tips and you can opt out of delivery at any time. Click here to see all your free subscription options.

  

Ben

Ben Edwards, the founder of Money Smart Life, saved up enough to buy a Nintendo back when he was 12 years old. When he used the money to buy shares of Wal-Mart stock instead, he knew he wasn’t like the other kids… His addiction to personal finance has paid off for his family and now he’s helping you to afford the life that you want. Check him out on the web at Google Plus, Twitter and Facebook.


All posts by

Comments

7 Responses to Wireless Security Question

  • Ben

    Thanks everyone for the tips! Like I said, I’m a little late to the wireless networking game, it’s all new to me and these tips are a huge help. Thanks!

  • Nexus

    Try disabling the windows messenger service. You can do this by going into administrative tools > computer management > services

  • Lo

    I forgot to mention.. the Incoming requests you’re seeing… Without seeing the actual traffic, it’s hard to tell. A quick Google on the port indicates that it might be Messenger spam. It could also be someone scanning your network to find vulnerable hosts.

    PC Firewalls and regular patching/updating of the OS and all installed software are the best defense against attack.

  • Lo

    Sent your way by my hubby to chime in here. As you may already know, it’s very easy to gain access to an unsecured wireless network.

    A few tips:
    This About.com article is a good place to start. It covers the basics of wireless network security and provides instructions on how to implement all the suggestions.

    Before even worrying about wireless encryption, change the router administrator password! It takes about 2 seconds of Googling to find the default administrator login and password to that particular model.

    According to Belkin, your router supports WPA, the stronger of the available wireless encryption schemes. You’ll want to use WPA with AES encryptions vs. TKIP as AES is a stronger algorithm. The user manual is here. On page 56, it walks through setting up WPA. Keepe in mind, WPA may require some fanagling on computers that connect to the wireless network, but the effort is worth the security.

    No wireless network is completely secure, but this should protect you from the casual/bored intruder.

  • Clever Dude

    This is odd because this morning I was considering highlighting my article from over a year ago about securing your home wireless router.

    I left it as my “website” on this comment if you wanted to look at it. Sorry about the self-promotion.

  • mjmcinto

    I could give you some basic answers, but my wife works doing computer security, so she is much more informed on this than I am. I’ve sent her a link and asked her to post, which she said she would when she got a chance in a few hours.

  • Jeremy

    Port 1026 is associated with the Windows messenger service, and considering that the IP always changes, you’re just seeing random requests from people trying to spam the service. This isn’t any sort of attack or hacking attempt, just broad-based spam.

    What were you using prior to your wireless router? It is a bit odd that this happened just after you started using that, but it could be that whatever you were using before automatically blocked port 1026 so you never saw the messages.

    So, this isn’t an indication that someone is getting into your system wirelessly, but you do want to make sure it is secure. The easiest way is just to make sure you have at least 128-bit WEP encryption turned on in your router admin panel. This way the only person who can access your wireless connection is the one who knows the correct passkey.

    You can take extra measures and only allow certain MAC addresses to access the network as well, but a basic WEP key is usually sufficient.

    Also, if you want to block those firewall messages, check in your router admin area to see if you can just manually block the 1026 port. It would at least keep the messages at bay.

Trackbacks/Pingbacks