Re: home wireless router good practices for security

From: Jimi Thompson (jimit_at_myrealbox.com)
Date: 01/05/04

  • Next message: Jimi Thompson: "Re: advice"
    Date: Sun, 04 Jan 2004 23:33:17 -0600
    To: Steve <securityfocus@delahunty.com>
    
    

    Steve wrote:

    >So I went out and purchased a wireless router (Linksys 802.11b) for home
    >since it was so inexpensive and actually less cost than the wireless access
    >points I was trying to get via eBay. Got it home, installed my wireless
    >network card (SMC), powered on the router, attached it to a port on my other
    >wired linksys router, and boom it worked great. Then about 5 minutes after
    >I sent an instant message to my neighbor (fellow IT friend) he was on my
    >network. So I took the steps that Linksys recommends below, seems good (to
    >me).
    > Change the default SSID
    > Disable SSID Broadcasts
    > Change the default password for the Administrator account
    > Enable WEP 128-bit Encryption
    >Linksys also recommends these other measures, I have not implemented:
    > Enable MAC Address Filtering
    > Change the SSID periodically
    > Change the WEP encryption keys periodically.
    >
    >My Questions:
    >
    >1) Anyone know how much enabling 128-bit encryption will hurt my wireless
    >performance?
    >
    >
    My experience is that this is not noticeable on a home network. My
    wireless LAN uses 2048 bit keys to encrypt traffic. I have about 12
    users and I've had no complaints as yet.

    >2) Does setting the SSID for my wireless NIC then keep me from getting onto
    >other wireless networks like when traveling? I ask since that setting was
    >set to ANY before I changed it to the SSID that I set for my wireless
    >router.
    >
    >

    That would depend on the OS of the device. For example, Windows XP is
    generally pretty good about locating and attempting to attach to any
    wireless lan that it can get the SSID for. Windows 98 or 2000 might be
    a bit more problematic. Mac's would be less so.

    >3) What else should I really do to protect my home network?
    >
    >

    1) Run Windows update on every Windows based PC you own or operate every
    month - even if you aren't running Windows, INSTALL YOUR PATCHES
    2) Install a good Firewall
    3) If you're really paranoid, put the Wireless router on the "dirty"
    side of the firewall and use VPN to connect to internal stuff.
    4) Check with the makers of all of your network devices for new firmware
    and software upgrades and install them on a regular basis - consider it
    an "oil change" for your network
    5) Run antivirus software on any Windows-based PC
    6) Run some anti-spyware as well

    HTH,

    Jimi

    >
    >
    >---------------------------------------------------------------------------
    >----------------------------------------------------------------------------
    >
    >
    >
    >
    >

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------


  • Next message: Jimi Thompson: "Re: advice"

    Relevant Pages

    • Re: Unable to open shared files on wireless network
      ... Windows XP PRO and a laptop also running Windows XP PRO. ... I have both computers in my trusted zone in Zonealarm and I ... open the file and to check network connections etc. ... internet and my wireless card would not connect to my network. ...
      (microsoft.public.windowsxp.network_web)
    • [NMRC Advisory] Microsoft Windows Wireless Exposure on Laptops
      ... Application: Wireless Network Connection ... This advisory documents an anomaly involving Microsoft's Wireless Network ... If a laptop connects to an ad-hoc network it can later start ... This is known as a Link-Local address, and by default Link-Local is turned on on all Windows platforms on all interfaces, including wireless interfaces. ...
      (Bugtraq)
    • Re: Unable to open shared files on wireless network
      ... Windows XP PRO and a laptop also running Windows XP PRO. ... open the file and to check network connections etc. ... internet and my wireless card would not connect to my network. ...
      (microsoft.public.windowsxp.network_web)
    • Re: Unable to open shared files on wireless network
      ... Windows XP PRO and a laptop also running Windows XP PRO. ... open the file and to check network connections etc. ... internet and my wireless card would not connect to my network. ...
      (microsoft.public.windowsxp.network_web)
    • Re: Unable to open shared files on wireless network
      ... Windows XP PRO and a laptop also running Windows XP PRO. ... open the file and to check network connections etc. ... internet and my wireless card would not connect to my network. ...
      (microsoft.public.windowsxp.network_web)