Open Dental Forum

I wanted to add a second computer to an exam room, however I don't want to run cat 5 cables. Is it possible to network the two computers in one room via bluetooth and bridge the connections on the pc with the wired connection? If so could the bluetooth connection be encrypted?

My next alternative is wi-fi but bluetooth has a limited range which I assume is better for security.

I think you'll be disappointed with Bluetooth network performance, as it's much slower than WiFi.

Also, the range even for a lower powered Bluetooth device can still be as much as 30 feet, so someone could still theoretically be parked outside your office and pick up a signal...

Hmmm, any other ideas other than cables?

Would I be better off adding a wireless wi-fi adapter to the wired computer and bridging the network there? That computer is shut off every night so the wi-fi connection would only be available during working hours.

Do yourself a favor and get a wifi router/USB wifi adapters. Very simple. Fast. Encryption available.
Wifi router = $30.
Wifi USB adapters = $10/each
On a side note, my office are wired with Cat6 cables. I could easily plug the cat6 cables into my computers, but I didn't, as my computers have wifi. I see no point in running a 3-foot cable from the wall to the computer. It does not look clean.

teethdood wrote:Do yourself a favor and get a wifi router/USB wifi adapters. Very simple. Fast. Encryption available.
Wifi router = $30.
Wifi USB adapters = $10/each
On a side note, my office are wired with Cat6 cables. I could easily plug the cat6 cables into my computers, but I didn't, as my computers have wifi. I see no point in running a 3-foot cable from the wall to the computer. It does not look clean.

Like WJstarck said, I have the fear a savvy techie will park outside my office with a laptop and break into the network accessing patient data. Are my fears unfounded with WPA2 or is this still a reality?

From PCWorld
WPA2 can also be cracked, but if you set it up properly, cracking it will take more of the criminal's time than anything on your network is worth.
http://www.pcworld.com/article/243713/h ... _wifi.html

From the hacking website:
http://www.virtualthreat.com/2012/05/24 ... hn-ripper/

"The system I’m using to crack the keys is not very fast, but let’s look at some facts :

8 characters, plain characters (lowercase and uppercase) or digits = each character in the key could has 26+26+10 (62) possible combinations. So the maximum number of combinations that need to be checked in the brute force process is 62 * 62 * 62 * 62 * 62 * 62 * 62 * 62 = 218 340 105 584 896 At about 600 keys per second on my “slow” system, it could take more than 101083382 hours to find the key (11539 year). I have stopped the cracking process as my machine is way too slow to crack the key while I’m still alive… So think about this when doing a WPA2 PSK Audit."

Change your WPA2 key once every few months and you're good to go.
Even if they have a supercomputer at their disposal to crack into your wifi network, they would still need more passwords to get into any computer on the network.

As an additional hackproofing, you can go into your router's settings page (generally accesible by typing web address as 192.168.1.1 but may vary depending on the make of your router, refer to its user manual).
On that page look for MAC Filter option and enable the MAC filtering. Now find the MAC addresss of each computer in your office (google how to find it, it is very easy) and enter in that settings page these MAC addresses as "allowed"
Now even if a hacker knows your password, since your router does not have his MAC address in its "allowed" computers list, he can not access your wifi whatever he may do.
In short, password or no password, your wifi router will allow only those computers to connect to it whose MAC address YOU have entered in its settings page to be allowed to be connected to it.

MAC address filtering is a good thing to have. However, encryption still needs to be turned on. Otherwise people can still sniff the unencrypted packets over the air (they don't have to be connected at all). I'm sure that you know this. Just additional clarification for others.

I agree. Should have clarified in my previous post itself. MAC filtering is not a substitute for encryption. It is an additional way of protecting your network. More are the safety measures employed, lesser are the chances it could be hacked.

On a related topic is it possible to safely set up public WiFi access completely separate from our office network? I am thinking having a separate router or buying the Cisco Valet, which offers guest browsing.

Yes.

PM Justin Shafer, he set this up for us recently.

Get a router with "Guest" network capability.
You can also get a router with DD-WRT compatibility. Load DD-WRT firmware to it and you're ready to go.

teethdood wrote:Get a router with "Guest" network capability.
You can also get a router with DD-WRT compatibility. Load DD-WRT firmware to it and you're ready to go.

Thanks for the tip. I did some research and DD-WRT looks impressive. What has your experience been with it? Is it complicated to set up and manage?

B.Thomas,

DD-WRT (and Tomato, look that up too) allows you to configure every minute detail of your router's hardware capabilities, versus the default router software that just picks everything for you. It could get pretty intimidating looking at all these configs, but you can safely ignore them if you don't know what they are. Just go to the section relevant to what you want to do. Worse case scenario, you can reflash your router back to the default DD-WRT firmware or the router's original firmware. Very rarely you can brick your router, but you'd have to majorly screw it up for that to happen.
Another example of why DD-WRT is so awesome: some routers have a USB connection so you can hook your hard drive to it to make it a network-attached hard drive space. What if you want to attach your USB printer to it instead? Sorry no can do with the default firmware. DD-WRT lets you hook it up just as described.

Very cool stuff teeth dood! There are some instructional videos on YouTube as well as the dd-wrt wiki page so I will give it a shot this weekend. Do you know if there is a setting to shut the WiFi off during non business hours? I think that would be an additional security layer to prevent hacker access on the weekends.

I don't think that is possible, although that would be awesome.

dd-wrt is Awesome! Thanks again. As it turns out there is a way to shut off the wireless network during non-business hours. It is under Wireless>Advanced Settings>Radio Timer.

Radio Times Restrictions
The Radio Times Restriction facility constitutes a time switch for the radio. By default, the time switch is not active and the WLAN is permanently on. Enable the time switch, if you want to turn off the WLAN during some hours of the day. Hours during which the WLAN is on are marked in green, while red indicates that the radio is off. Clicking on the respective hour toggles between on and off.

The other option I set was to reduce the radio transmit power (TX Power) to 5 mW. I found this to be the weakest strength to limit the network to the office.

Now my next question is, "What is THE ULTIMATE wireless security?"

From what I am reading the best involves setting up the Enterprise version of WPA2....very complex!