Re: home wireless router good practices for security
From: Jack (Jack_at_JackNguy.com)
Date: 01/03/04
- Previous message: Greg: "Re: compromised network"
- Maybe in reply to: Greg Tracy: "Re: home wireless router good practices for security"
- Next in thread: Greg Tracy: "Re: home wireless router good practices for security"
- Reply: Greg Tracy: "Re: home wireless router good practices for security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 02 Jan 2004 18:59:14 -0500 To: Nick Duda <nduda@VistaPrint.com>
Forgive me for not reading all the replies, but this is all I do, mac
filtering. I disable the broadcasting of SSID. The best thing to do is
to look over logs every now and then, especially DHCP logs, if you leave
it on. My linksys wired router allows me to send logs to a machine, so I
set up a snmp trap. WEP, in my opinion is pointless and annoying. Anyone
who knows anything, with a bit of time should be able to break wep. My 2
cents.
-Jack Nguy
Nick Duda wrote:
>Disable DHCP on the WAP and go static RFC1918's
>Harden your OS (numerous whitepapers on the net, google them)
>Virus Software
>IDS/Firewall software (BlackICE, ZoneAlarm..etc)
>ACL's on shares/permissions
>
>- Nick
>
>
>-----Original Message-----
>From: Steve [mailto:securityfocus@delahunty.com]
>Sent: Tuesday, December 30, 2003 1:33 PM
>To: security-basics@securityfocus.com
>Subject: home wireless router good practices for security
>
>So I went out and purchased a wireless router (Linksys 802.11b) for home
>since it was so inexpensive and actually less cost than the wireless
>access points I was trying to get via eBay. Got it home, installed my
>wireless network card (SMC), powered on the router, attached it to a
>port on my other wired linksys router, and boom it worked great. Then
>about 5 minutes after I sent an instant message to my neighbor (fellow
>IT friend) he was on my network. So I took the steps that Linksys
>recommends below, seems good (to me).
> Change the default SSID
> Disable SSID Broadcasts
> Change the default password for the Administrator account
> Enable WEP 128-bit Encryption
>Linksys also recommends these other measures, I have not implemented:
> Enable MAC Address Filtering
> Change the SSID periodically
> Change the WEP encryption keys periodically.
>
>My Questions:
>
>1) Anyone know how much enabling 128-bit encryption will hurt my
>wireless performance?
>
>2) Does setting the SSID for my wireless NIC then keep me from getting
>onto other wireless networks like when traveling? I ask since that
>setting was set to ANY before I changed it to the SSID that I set for my
>wireless router.
>
>3) What else should I really do to protect my home network?
>
>
>
>------------------------------------------------------------------------
>---
>------------------------------------------------------------------------
>----
>
>
>
>---------------------------------------------------------------------------
>----------------------------------------------------------------------------
>
>
>
>
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Previous message: Greg: "Re: compromised network"
- Maybe in reply to: Greg Tracy: "Re: home wireless router good practices for security"
- Next in thread: Greg Tracy: "Re: home wireless router good practices for security"
- Reply: Greg Tracy: "Re: home wireless router good practices for security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
