Solved

Wireless Network Security

Posted on 2006-07-05
6
445 Views
Last Modified: 2013-11-16
Hi

I've just installed a RangeMax wireless router and got it all up and running, with out any encryption or any of that security stuff. Now that I see it working ok, I want to implement some of the security features.

I'm kind of in a rush on this, so would really appreciate it if someone can supply a quick overview on basic security, and then recommend some steps I should take.

Thanks
Jason
0
Comment
Question by:Jason210
6 Comments
 
LVL 9

Accepted Solution

by:
nick2253 earned 200 total points
ID: 17046983
Jason210:

How familiar are you with the RangeMax router and how comfortable are you with its interface?  If you are, then the brief suggestions below should be enough.  If not, post and I can go into more detail.

Depending on the area you are in, I recommend WPA-2 with MAC address control.  For WPA-2, use a non dictionary phrase with numbers and non-alphanumeric characters (@!%#$).  To find the MAC address of the computers that will connect wirelessly with the router, (assuming you are using windows) go to Start->Run and type cmd. Click OK. Then type in "ipconfig /all", no quotes.  The MAC address will be listed as XX-XX-XX-XX-XX-XX.  In order to enter into the router, you may have to change the "-" (hyphens) to ":" (colons) or remove them entirely.  That should be sufficient for home use.

Good Luck
Nick2253
0
 
LVL 9

Expert Comment

by:nick2253
ID: 17046989
One thing I forgot, which is very important, is to hide the router's SSID, and prevent access from the Internet.
0
 
LVL 19

Assisted Solution

by:CoccoBill
CoccoBill earned 150 total points
ID: 17056931
Using WPA2 as nick2253 is recommended if your client hardware also supports it. If they don't, any encryption is better than nothing, they should at least support WPA or at the bare minimum WEP. Keep in mind that WEP is quite trivial to break, and WPA is also insecure if you don't use good passphrases.

Personally I'm not a fan of MAC filtering not SSID hiding, both of these just make the legit use of the network harder but offer very limited security. Think of it this way: There are most likely 2 kinds of unwanted people that would want to access your WLAN, 1) casual, as in neighbors or other freeriders just looking for a free internet connection 2) people trying to actually break into your network and systems for whatever reason. Group 1 does not have the knowledge required to "hack" into a system, group 2 does. To stop group 1 you only need some form of encryption such as WPA2/WPA to keep them out, adding SSID hiding or MAC filtering will not be needed. For group 2 who know what they're doing, it'll take a few seconds to find out the SSID and sniff the traffic for legit MAC addresses, making these useless as a security practise. However, using WPA2-PSK with a strong passphrase will as of the time of writing most likely stop even group 2, and WPA-PSK with a stron pass will slow them down. WEP will break in a couple minutes.

Step-by-Step Guide for Secure Wireless Deployment for Small Office/Home Office or Small Organization Networks
http://www.microsoft.com/downloads/details.aspx?familyid=269902e8-fc41-4eb1-9374-44612e64f0fb&displaylang=en
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 11

Author Comment

by:Jason210
ID: 17057093
Thank you CoccoBill for the vakluable information. Exactly the sort of thing I needed to know.
0
 

Assisted Solution

by:sphinx000514
sphinx000514 earned 150 total points
ID: 17119387
WEP can be easily broken with programs such as airsnort, weplab, ...and many more.  I strongly recomend that you use WPA, or WPA2 if your router supports it.  The passkey needs to be strong for anything to work, so your passkey should include the following:  letters, numbers, punctuation marks, capital letters, and symbols.  This will create a strong password.  for example:  98dwWI*^#|\93mxsuwI$ would be a strong passkey.  Don't expect yourself to remember the passkey that you use, just write it down and put it somewhere safe.  In addition to WPA or WPA2 and a strong passkey, You can also moniter and see anyone who is connected to your network by using a free tool called look at lan that can be found here:  http://www.snapfiles.com/reviews/LookLAN_Network_Monitor/lanlook.html

It will scan your network every few minutes and let you know if anyone else is using your network.
0
 
LVL 11

Author Comment

by:Jason210
ID: 17279749
Useful info thanks.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
One of the biggest threats in the cyber realm pertains to advanced persistent threats (APTs). This paper is a compare and contrast of Russian and Chinese APT's.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question