In our house, we have 3 desktop PCs connected with ethernet, 1 xbox 360 connected with ethernet, and 1 wireless connected PC.
Our setup is like this:
Earthlink Netopia UHP/ADSL Modem > SMC 7008ABR > PCs & 802.11b WAP.
Our problem is with security. Microsoft's / Bungie's network isn't secure. Bad xbox players can use a program to sniff out other player's IP addresses, and every now and then my brother will beat someone with an anger problem, then they will DoS us and our PPPOE light will go off. It effects everyone using the Internet.
I'm looking for a new router (or some other device) that's reasonably priced and has advanced security features. Perhaps something where I can filter out what they are sending us or ban their IP on the router level since you can't install a software firewall on an xbox. It will replace the old router and our outdated Wireless Access Point.
Also, I know for a fact that wireless Internet is completely unsecure. WEP, WPA, and the others can be cracked in about 2 hours using a Linux based hacking CD. (No installation needed). I'm not sure what I can do to protect our network from that.
I don't know much about the Xbox situation- but I know this- although it's seems to be suppositioned otherwise, a DoS attack can only be performed against a server. Essentially it clogs up the server with requests, causing legitimate clients to time out. When performed against a single other computer (or router) it does- barely anything. Unless of course they've managed to launch a Distributed Denial Of Service, which is unlikely.
unless the target is using Dial-Up, the Ping command is NOT sufficient to deny you access to your internet. Something else is likely the cause of your service disruptions.
As for your Wireless networking concerns- unless you have neighbors whom you know have advanced cracking skills, it really isn't a concern- in fact, in most neighborhoods, simply not broadcasting your SSID is enough to prevent would-be leechers.
However, if your concerned, it is possible, through the router's setup pages, to enter the MAC ID's of all the computers whom you wish to allow, denying all others access. Combine this with WEP/WPA and a hidden SSID, and your network should be secure.
The only way in that circumstance for a hacker to gain access would be to actually monitor the traffic between your PCs and Router, manage to somehow turn the jumble of random packets into intelligible data, determine and impersonate the Mac ID of one of your PCs, Crack the Key of your network, and connect.
Problem being of course, that you'll know- the computer whose Mac ID they duplicated would then likely lose all connectivity.
In the instance your sure that they (or someone) is denying you service,(as that which I've described before could be dead-wrong) it's possible to enable a incoming and outgoing log on most Routers. by doing so, you can thus examine the incoming log immediately after a suspected attack, and change the routers configuration to drop all packets from the IP address listed.
