Solved

Wireless Network Security

Posted on 2006-07-05
6
458 Views
Last Modified: 2013-11-16
Hi

I've just installed a RangeMax wireless router and got it all up and running, with out any encryption or any of that security stuff. Now that I see it working ok, I want to implement some of the security features.

I'm kind of in a rush on this, so would really appreciate it if someone can supply a quick overview on basic security, and then recommend some steps I should take.

Thanks
Jason
0
Comment
Question by:Jason210
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 9

Accepted Solution

by:
nick2253 earned 200 total points
ID: 17046983
Jason210:

How familiar are you with the RangeMax router and how comfortable are you with its interface?  If you are, then the brief suggestions below should be enough.  If not, post and I can go into more detail.

Depending on the area you are in, I recommend WPA-2 with MAC address control.  For WPA-2, use a non dictionary phrase with numbers and non-alphanumeric characters (@!%#$).  To find the MAC address of the computers that will connect wirelessly with the router, (assuming you are using windows) go to Start->Run and type cmd. Click OK. Then type in "ipconfig /all", no quotes.  The MAC address will be listed as XX-XX-XX-XX-XX-XX.  In order to enter into the router, you may have to change the "-" (hyphens) to ":" (colons) or remove them entirely.  That should be sufficient for home use.

Good Luck
Nick2253
0
 
LVL 9

Expert Comment

by:nick2253
ID: 17046989
One thing I forgot, which is very important, is to hide the router's SSID, and prevent access from the Internet.
0
 
LVL 19

Assisted Solution

by:CoccoBill
CoccoBill earned 150 total points
ID: 17056931
Using WPA2 as nick2253 is recommended if your client hardware also supports it. If they don't, any encryption is better than nothing, they should at least support WPA or at the bare minimum WEP. Keep in mind that WEP is quite trivial to break, and WPA is also insecure if you don't use good passphrases.

Personally I'm not a fan of MAC filtering not SSID hiding, both of these just make the legit use of the network harder but offer very limited security. Think of it this way: There are most likely 2 kinds of unwanted people that would want to access your WLAN, 1) casual, as in neighbors or other freeriders just looking for a free internet connection 2) people trying to actually break into your network and systems for whatever reason. Group 1 does not have the knowledge required to "hack" into a system, group 2 does. To stop group 1 you only need some form of encryption such as WPA2/WPA to keep them out, adding SSID hiding or MAC filtering will not be needed. For group 2 who know what they're doing, it'll take a few seconds to find out the SSID and sniff the traffic for legit MAC addresses, making these useless as a security practise. However, using WPA2-PSK with a strong passphrase will as of the time of writing most likely stop even group 2, and WPA-PSK with a stron pass will slow them down. WEP will break in a couple minutes.

Step-by-Step Guide for Secure Wireless Deployment for Small Office/Home Office or Small Organization Networks
http://www.microsoft.com/downloads/details.aspx?familyid=269902e8-fc41-4eb1-9374-44612e64f0fb&displaylang=en
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 11

Author Comment

by:Jason210
ID: 17057093
Thank you CoccoBill for the vakluable information. Exactly the sort of thing I needed to know.
0
 

Assisted Solution

by:sphinx000514
sphinx000514 earned 150 total points
ID: 17119387
WEP can be easily broken with programs such as airsnort, weplab, ...and many more.  I strongly recomend that you use WPA, or WPA2 if your router supports it.  The passkey needs to be strong for anything to work, so your passkey should include the following:  letters, numbers, punctuation marks, capital letters, and symbols.  This will create a strong password.  for example:  98dwWI*^#|\93mxsuwI$ would be a strong passkey.  Don't expect yourself to remember the passkey that you use, just write it down and put it somewhere safe.  In addition to WPA or WPA2 and a strong passkey, You can also moniter and see anyone who is connected to your network by using a free tool called look at lan that can be found here:  http://www.snapfiles.com/reviews/LookLAN_Network_Monitor/lanlook.html

It will scan your network every few minutes and let you know if anyone else is using your network.
0
 
LVL 11

Author Comment

by:Jason210
ID: 17279749
Useful info thanks.
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question