Solved

Wireless Network Security

Posted on 2006-07-05
6
444 Views
Last Modified: 2013-11-16
Hi

I've just installed a RangeMax wireless router and got it all up and running, with out any encryption or any of that security stuff. Now that I see it working ok, I want to implement some of the security features.

I'm kind of in a rush on this, so would really appreciate it if someone can supply a quick overview on basic security, and then recommend some steps I should take.

Thanks
Jason
0
Comment
Question by:Jason210
6 Comments
 
LVL 9

Accepted Solution

by:
nick2253 earned 200 total points
ID: 17046983
Jason210:

How familiar are you with the RangeMax router and how comfortable are you with its interface?  If you are, then the brief suggestions below should be enough.  If not, post and I can go into more detail.

Depending on the area you are in, I recommend WPA-2 with MAC address control.  For WPA-2, use a non dictionary phrase with numbers and non-alphanumeric characters (@!%#$).  To find the MAC address of the computers that will connect wirelessly with the router, (assuming you are using windows) go to Start->Run and type cmd. Click OK. Then type in "ipconfig /all", no quotes.  The MAC address will be listed as XX-XX-XX-XX-XX-XX.  In order to enter into the router, you may have to change the "-" (hyphens) to ":" (colons) or remove them entirely.  That should be sufficient for home use.

Good Luck
Nick2253
0
 
LVL 9

Expert Comment

by:nick2253
ID: 17046989
One thing I forgot, which is very important, is to hide the router's SSID, and prevent access from the Internet.
0
 
LVL 19

Assisted Solution

by:CoccoBill
CoccoBill earned 150 total points
ID: 17056931
Using WPA2 as nick2253 is recommended if your client hardware also supports it. If they don't, any encryption is better than nothing, they should at least support WPA or at the bare minimum WEP. Keep in mind that WEP is quite trivial to break, and WPA is also insecure if you don't use good passphrases.

Personally I'm not a fan of MAC filtering not SSID hiding, both of these just make the legit use of the network harder but offer very limited security. Think of it this way: There are most likely 2 kinds of unwanted people that would want to access your WLAN, 1) casual, as in neighbors or other freeriders just looking for a free internet connection 2) people trying to actually break into your network and systems for whatever reason. Group 1 does not have the knowledge required to "hack" into a system, group 2 does. To stop group 1 you only need some form of encryption such as WPA2/WPA to keep them out, adding SSID hiding or MAC filtering will not be needed. For group 2 who know what they're doing, it'll take a few seconds to find out the SSID and sniff the traffic for legit MAC addresses, making these useless as a security practise. However, using WPA2-PSK with a strong passphrase will as of the time of writing most likely stop even group 2, and WPA-PSK with a stron pass will slow them down. WEP will break in a couple minutes.

Step-by-Step Guide for Secure Wireless Deployment for Small Office/Home Office or Small Organization Networks
http://www.microsoft.com/downloads/details.aspx?familyid=269902e8-fc41-4eb1-9374-44612e64f0fb&displaylang=en
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 11

Author Comment

by:Jason210
ID: 17057093
Thank you CoccoBill for the vakluable information. Exactly the sort of thing I needed to know.
0
 

Assisted Solution

by:sphinx000514
sphinx000514 earned 150 total points
ID: 17119387
WEP can be easily broken with programs such as airsnort, weplab, ...and many more.  I strongly recomend that you use WPA, or WPA2 if your router supports it.  The passkey needs to be strong for anything to work, so your passkey should include the following:  letters, numbers, punctuation marks, capital letters, and symbols.  This will create a strong password.  for example:  98dwWI*^#|\93mxsuwI$ would be a strong passkey.  Don't expect yourself to remember the passkey that you use, just write it down and put it somewhere safe.  In addition to WPA or WPA2 and a strong passkey, You can also moniter and see anyone who is connected to your network by using a free tool called look at lan that can be found here:  http://www.snapfiles.com/reviews/LookLAN_Network_Monitor/lanlook.html

It will scan your network every few minutes and let you know if anyone else is using your network.
0
 
LVL 11

Author Comment

by:Jason210
ID: 17279749
Useful info thanks.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
Never store passwords in plain text or just their hash: it seems a no-brainier, but there are still plenty of people doing that. I present the why and how on this subject, offering my own real life solution that you can implement right away, bringin…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now