Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Anti-Virus for MacPro ...

vja4Him said:
Got the WPA2 set up, with MAC addresses for our three computers. Changed name of network to nonsense, with a 15-character pre-shared key.

Also turned off File Sharing, and set Firewall to maximum.

Have Admin password for Router set up (would only allow 15 characters max).

Will also unplug router when not using computer(s).
Click to expand...

WPA2 is good, defining fixed MAC addresses as well and setting the router password is good practice as well.

Turning off File Sharing and unplugging the router, however, is nonsense. You don't need to do that.
With WPA2 (considering that your password is reasonable long [63 random characters for maximum security]) it is almost impossible to get into your network. Certainly no one would make such an attempt at someones private network as it would take months to hack the password.
If you want even more security, you'd have to generate a 256bit key that is used for authorisation. That's, however, not suitable for wireless only devices, such as iPhone and such.
 
I am thinking that this is a socially engineered scam since ACS:Law and it's spin-off have been in the news recently. Both of those companies have dropped their cases and I think have actually ceased trading (at least one spin-off did).

If you are in any doubt about whether the "pay or go to court" card is genuine, contact either the police or the local Citizen's Advice because "professional" scammers will set up fake call centres to deal with queries from targeted victims.

Change your router password, use WPA2 and verify the validity of the card with a third party. Keep records of ALL correspondence with the company and you should be fine.
 
vja4Him said:
How can I hide the SSID, and still be able to get online with my Archos 70 Internet Tablet?
Click to expand...

You'll have to memorize your SSID and then manually enter the name of your network (SSID) when setting up this new connection.
 
ActionableMango said:
The ISP never asks for money in these letters.

=
Click to expand...

Yea but when the RIAA/MPAA send you a notice they will ask for (most of the times) 3000$ if you don't want to be taken to court.
It's a common thing they do lately to earn money from people pirating movies and music. They send thousands of letters to people who are thought to be downloading (with or without proof), asking for money or you will be taken to court. they obviously won't pursue the court, they just hope some people will pay :)

here's an article about it: http://torrentfreak.com/hadopi-sends-100000-warning-emails-to-suspected-pirates-101229/

edit: now that i see it, that article is about email warnings, but they do it with physical mails too.
 
orfeas0 said:
Yea but when the RIAA/MPAA send you a notice they will ask for (most of the times) 3000$ if you don't want to be taken to court.
It's a common thing they do lately to earn money from people pirating movies and music. They send thousands of letters to people who are thought to be downloading (with or without proof), asking for money or you will be taken to court. they obviously won't pursue the court, they just hope some people will pay :)

here's an article about it: http://torrentfreak.com/hadopi-sends-100000-warning-emails-to-suspected-pirates-101229/

edit: now that i see it, that article is about email warnings, but they do it with physical mails too.
Click to expand...

The RIAA asks for money, never the ISP. It would be totally illegal for the ISP to take your money.

The ISP should never ever ever ask you for money related to copyright issues.
 
A good way of securing you router a bit is to use manual ip address address in an unusual range, and turn of the DHCP server. That way anyone who does get into your network wont get assigned an IP and will have to try and guess one. If its an unusal range of ips you've got available, they'll give up pretty quick.

On mine I have WPA2 and a whitelist. I also monitor whats connected to my network most of the time.
 
vja4Him said:
Somebody has hacked our Internet connection and downloaded illegal files. I'm looking for Anti-Virus software to use with my MacPro.

I've already called our ISP (Charter). They told me there is nothing they can do, since I use my own router. I called D-Links, and they helped to set up a secure connection. I asked them about setting up a second level of security (recommended by Charter), but they told me I didn't need that, and refused to help me with the MAC ID Filtering (recommended by Charter).

I called Apple Tech Support and they helped me to adjust some other settings (Firewall on, Sharing Files off).

I just want to have the maximum security to hopefully stop whoever is hacking and downloading illegal files ...
Click to expand...
  • Antivirus is not necessary or even useful in protecting your Mac:
  • Antivirus doesn't protect against someone hacking a network.
  • Your network should be secured by a WPA2 password.
  • The postcards are a scam. No legitimate ISP will threaten subscribers for downloading anything. The worst they would do is terminate your account, but would never ask for money.
  • It sounds like there is no proof anywhere that anyone downloaded anything illegal... only the word of some bogus postcard.

The good news is you have learned about antivirus, network security and how to recognize scams, all of which will benefit you in the future.
 
Transporteur said:
WPA2 is good, defining fixed MAC addresses as well and setting the router password is good practice as well.

Turning off File Sharing and unplugging the router, however, is nonsense. You don't need to do that.
With WPA2 (considering that your password is reasonable long [63 random characters for maximum security]) it is almost impossible to get into your network. Certainly no one would make such an attempt at someones private network as it would take months to hack the password.
If you want even more security, you'd have to generate a 256bit key that is used for authorisation. That's, however, not suitable for wireless only devices, such as iPhone and such.
Click to expand...

My router control panel only allows for up to 15 characters for the password.
 
GGJstudios said:
  • Antivirus is not necessary or even useful in protecting your Mac:
  • Antivirus doesn't protect against someone hacking a network.
  • Your network should be secured by a WPA2 password.
  • The postcards are a scam. No legitimate ISP will threaten subscribers for downloading anything. The worst they would do is terminate your account, but would never ask for money.
  • It sounds like there is no proof anywhere that anyone downloaded anything illegal... only the word of some bogus postcard.

The good news is you have learned about antivirus, network security and how to recognize scams, all of which will benefit you in the future.
Click to expand...

This is all pretty much new territory for me! I think I've got my router set up pretty good now. I can't hide the SSID though, because my tablet can't get online when the SSID is hidden.

When I asked the Charter Tech Support about the validity of the post card and online message, which claims to be from Charter, they were not able to verify if it really was from Charter.
 
So if your with charter and they wont do anything about someone hacking into your Internet suplied by them.... Just switch ISP's.
 
sash said:
You'll have to memorize your SSID and then manually enter the name of your network (SSID) when setting up this new connection.
Click to expand...

This is probably one of the biggest things to do when setting up your wireless network. I've had to fix many of my family and friends wireless network due to not shutting off the transponder. The idiots at best buy and isp's who set up home networks leave this on most of the time. Shut this sucker off folks. This and use wpa2 with long passwords will go along way to protect your network.
 
goMac said:
No one is hacking the poster's internet.
Click to expand...

Absolutely. You just have to protect your wireless network, it's your own duty; disabling SSID broadcast, setting up good password / key and Mac-filtering protect you quite well. It won't make your network 100% bulletproof, as 100% bulletproof network does not exist, but you'll be safe from occasional hackers.
 
vja4Him said:
This is all pretty much new territory for me! I think I've got my router set up pretty good now. I can't hide the SSID though, because my tablet can't get online when the SSID is hidden.
Click to expand...

Do you have a possibility like 'Join Other Network' in Mac OS and iOS? The name of this new network is actually your hidden SSID, which you will have to enter manually, followed by the password / key.

vja4Him said:
When I asked the Charter Tech Support about the validity of the post card and online message, which claims to be from Charter, they were not able to verify if it really was from Charter.
Click to expand...

Then just forget it, it's scam.
 
Last edited:
I see there are 2 general misconceptions regarding wifi:
- Hiding the ssid does nothing. It only hides it from dumb clients, every other proper wifi scanning tool will still display it. If you take a look at the technology it becomes clear why, it simply is how wifi works. You need the ssid in order to connect to a certain network. When transmitting data the ssid will be transmitted as well so it will arrive where it supposed to. Think of how e-mail and letters work. Can you send those without knowing to whom/where?

- MAC-address filtering is the same thing. It's like locking your door and hanging the key next to it. The MAC-address will be in every packet that goes through the air. With the use of sniffing tools you can resolve the MAC-address and then spoof it. This is extremely easy to circumvent.

From what I've read in this topic it is quite clear the OP simply had a non-secured and completely open wifi. Somebody took use of that. This is very easy to resolve by securing or even disabling the wifi (e.g. when you don't use it). Securing can be done easily by using WPA2 and a loooong passphrase with random characters.
 
dyn said:
I see there are 2 general misconceptions regarding wifi:
- Hiding the ssid does nothing.
Click to expand...

Why leave the door open and put a banner above: this door is open?

There is no way to protect any network for 100%, but why not use all available tools to make the job of the culprits a bit more difficult? With the SSID enabled everybody sees your network, with disabled they have to sweat a bit.

It's not a misconception, it's a part of securing your network. You know that also WPA2 can be hacked, it's just a matter of time for a skilled hacker.
 
Well if you really want to be secure, just wire the house. There is a side benefit of greatly increased speed, simplicity, and reliability. If you can't run cable in a crawlspace, basement, or attic, you can just stuff it under the molding. It will take a lot more cable that way though.

When it comes to Wi-Fi the only thing you have to do is set up WPA2 with a long and nasty random password. This is what will stop nearly all hackers. If you want to stop extremely serious hackers you can change the password frequently too, although if you're really a target of that you should just go wired.

All of the other stuff is nonsense:

Hiding SSD does literally nothing but stop the most casual people looking for an open network with a default password. WPA2 is not an open network. It doesn't hurt, but it's a waste of time. No person who can defeat your WPA2 would have been defeating by hiding the SSD, period.

White listing MAC addresses does nearly nothing. Spoofing a white listed MAC address is trivial. Again, no person who can defeat your WPA2 would have been defeating by white listing MAC addresses, period.

The usual response is "why not do it anyway?" The reason why you don't do it anyway is because it causes all manner of hassles for legitimate users. Let's say you have guests... they cannot use Wi-Fi unless your learn their MAC address, write it down, add it to your router, etc. Same thing every time you get a new computer or smartphone, network-enabled blu-ray player, or whatever. When troubleshooting connection problems, you also have these extra steps to turn off to see if they are the problem.

So my counter-question is "why go through all this hassle and future work for something that's worthless?"

To use an analogy, let's say you had a gold reserve protected by the best safe in the world and guarded by the US army, for free. At that point why would you go to trouble and expense to add a dollar-store plastic toy padlock to the front? Anyone who could defeat the military and then the safe would not be defeated by the toy padlock. So it would be useless and just get in your way every time.

The next best thing, after WPA2 with a great password, is to check your router logs occasionally. This will catch unauthorized activity even on your own computer, such as from malware or creepy roommates.
 
GGJstudios said:
As has already been stated in this thread, whether it's free or not, antivirus is not necessary to protect current Mac systems.
Click to expand...

Yup. But if someone wants it, so what? I have to deploy it in the enterprise regardless so I've tested all the vendors. After years I have found nothing, ever.
 
sash said:
Why leave the door open and put a banner above: this door is open?
Click to expand...
Hiding the ssid does not hide it, that's the entire point. There is no way in hiding it. People using scanners will see the ssid even if you hide it. This hiding option is misleading and shouldn't be in router firmwares. Simple wifi scanners like kismet (which seems to be one of the few still working properly in Snow Leopard) will ignore the hiding feature completely: they will show the ssid's no matter they are set to be hidden or not.

There is no way to protect any network for 100%, but why not use all available tools to make the job of the culprits a bit more difficult? With the SSID enabled everybody sees your network, with disabled they have to sweat a bit.
Click to expand...
Because you're a. not securing your network and b. you're making your life more difficult. Before you can access the network you need to add the MAC-address and you'll run into devices that aren't able to connect to networks with hidden ssid's. There is securing your network and there is what you're doing: simply enabling every option that might make things more secure. The latter is not securing your network, that's just doing stuff and praying it will help.

Securing your network is using sensible methods and hiding the ssid is not one of them (it is pointless). If you really want to secure the network by using all available (sensible) tools it will require a tremendous amount of knowledge since you need to set up a completely new infrastructure with things like RADIUS, intrusion detection/prevention, honeypots, etc. For most networks this is a complete overkill. Simply setting WPA2 with a proper passphrase (long and random characters) is enough for most.

It's not a misconception, it's a part of securing your network. You know that also WPA2 can be hacked, it's just a matter of time for a skilled hacker.
Click to expand...
It IS a misconception but you simply fail to understand these mechanisms and what they do exactly. WPA2 can be hacked like a lot of other things but how fast depends on what you use as a passphrase. A long passphrase with random characters is very difficult to crack and requires quite some power. That makes it less attractive since there are other ways of getting into a network (social engineering being one of them and unfortunately also the easiest). It's like with burglars, they'll get in through the open window, they don't try to break open the locked front door.

So the question you need to be asking yourself is why would you want to use something that is known to not help at all?
 
Last edited:
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back