Wireless security concerns...

The Air Defense warning is negligible. It probably just detected a Probe Request from a Windows computer. Windows computers will send out probe requests periodically. Yours does too! A scan is done probing for wlans in range.

To secure your wlan use WPA2 encryption. This will prevent 99.99% of people from being able to access your wlan. The .01% = skilled Linux users who know how to crack WPA wlans. (actually much less that .01%)

Disabling SSID broadcast is a useless security measure. There are software for Windows, Mac and Linux that can scan and detect wlans even if broadcast is disabled.

WEP encryption is also useless and insecure. When running Linux, I can get onto a WEP encrypted wlan is less than 10 minutes, average is kess than 3 minutes. http://www.aircrack-ng.org/doku.php

(note: I only do this when testing my customers' security, I do not use encrypted wlans that I'm not authorized to use, that's illegal)

Just so you know, it is 100% legal per FCC in US to intercept unencrypted radio wave transmissions, illegal to intercept encrypted transmissions unless authorized by the owner of the broadcasting device.

Your wlan is pretty secure if use WPA2 TKIP and mac address filtering. That means that the only allowed connectionss must have the WPA2 key and the specified mac address. Mac address filtering won't stop Linux hackers because the mac address of the adapter can be changed in Linux, but WPA2 is tough to crack. It takes hours or even weeks or year(s) to crack a WPA2 pass phrase UNLESS the pass phrase is a word in a dictionary or a common pass phrase such as "person's name ", "pet's name ", or "password" etc.

1. Use a pass phrase that is NOT in any dictionary, contains cap letters, lower case letters, at least one number as well as a special character ~!@#$%^&*() and make it at least 8-10 characters long.

2. Use the same type of password for your router-access point login. These devices have known default logins:
http://members.cox.net/tonyt/default_pws.html

Do 1 & 2 and no one will ever get unathorized access to your wlan, unless they are skilled, using Linux and willing to spend 6 months straight 24hrs/day trying to break in!

 

When stumbler runs it shuts down the windows wireless zero config service (windows wifi mgmt software).

What cross? You mean 1+? That's channel 1 and a plus sign as distinguised from channel 11 (eleven).

Your laptop can only be accesses by someone remotely if he first gets to your router-ap control panel via the Web browser, and there he could discover the name of your workgroup and your comp, and if you have file sharing enabled he could connect to your shares.

The other way would be for the person to be running linux and sniff out the name of your wlan. This can be done even if ssid broadcast is disabled. Once he has your ssid he can setup his laptop as a "fake access point" and use your ssid. He can then kill your connection to your access point and trick Windows into connecting to his laptop. But this is not going to happen in all probability. He'd need a real good reason to target you to begin with.

Those ssids you see in stumbler are not computers, they are other access points. You can see the same thing when Windows scans for available networks.