Linksys WAG354G
Got myself a brand new Linksys WAG354G Wireless-G ADSL Home Gateway yesterday, replacing the still-working (but with a minor kink) SMC 7401BRA ADSL Barricade Router. The Linksys people coined it "The All-In-One Solution for Internet Connectivity". As of today, I've connected a desktop PC (Ethernet), two notebooks (Wi-Fi) and two Pocket PCs (Wi-Fi) simultaneously at home. FYI, it's capable of connecting up to 4 Ethernet and 32 Wi-Fi devices. Love it for its slim, sleek look and silver color. Oh, did I mention it has no nasty antenna? :)
On the serious note, here are some security precautions that I got off the user guide to make wireless networking as safe and easy as possible. Please keep the following in mind whenever setting up or using the wireless network.
- Change the default SSID
- Disable SSID Broadcast
- Change the default password for the Administrator account
- Enable MAC Address Filtering
- Change the SSID periodically
- Use the highest encryption algorithm possible. Use WPA if it is available. Please note that this may reduce your network performance
- Change the WEP encryption keys periodically
Security Threats Facing Wireless Networks
Wireless networks are easy to find. Hackers know that in order to join a wireless network, wireless networking products first listen for "beacon messages". These messages can be easily decrypted and contain much of the network's information, such as the network's SSID (Service Set Identifier). Here are the steps you can take:
Change the Administrator's Password Regularly
With every wireless networking device you use, keep in mind that network settings (SSID, WEP keys, etc.) are stored in its firmware. Your network administrator is the only person who can change network settings. If a hacker gets a hold of the administrator's password, he, too, can change those settings. So, make it harder for a hacker to get that information. Change the administrator's password regularly.
Service Set ID (SSID)
There are several things to keep in mind about the SSID:
- Disable Broadcast
- Make it unique
- Change it often
Most wireless networking devices will give you the option of broadcasting the SSID. While this option may be more convenient, it allows anyone to log into your wireless network. This includes hackers. So, don't broadcast the SSID.
Wireless networking products come with a default SSID set by the factory. Hackers know these defaults and can check these against your network. Change your SSID to something unique and not something related to your company or the networking products you use. Change your SSID regularly so that any hackers who have gained access to your wireless network will have to start from the beginning in trying to break in.
Media Access Control (MAC) Addresses
Enable MAC Address filtering. MAC Address filtering will allow you to provide access to only those wireless nodes with certain MAC Addresses. This makes it harder for a hacker to access your network with a random MAC Address.
Wired Equivalent Privacy (WEP) Encryption
WEP is often looked upon as a cure-all for wireless security concerns. This is overstating WEP's ability. Again, this can only provide enough security to make a hacker's job more difficult. There are several ways that WEP can be maximized:
- Use the highest level of encryption possible
- Use "Shared Key" authentication
- Change your WEP key regularly
Wi-Fi Protected Access (WPA)
WPA is the newest and best available standard in Wi-Fi security. Two modes are available: Pre-Shared Key and RADIUS. Pre-Shared Key gives you a choice of two encryption methods: TKIP (Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates Message Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption System), which utilizes a symmetric 128-Bit block data encryption. RADIUS (Remote Authentication Dial-In User Service) utilizes a RADIUS server for authentication and the use of dynamic TKIP, AES, or WEP.
Implementing encryption may have a negative impact on your network's performance, but if you are transmitting sensitive data over your network, encryption should be used. These security recommendations should help keep your mind at ease while you are enjoying the most flexible and convenient technology available today.
On the serious note, here are some security precautions that I got off the user guide to make wireless networking as safe and easy as possible. Please keep the following in mind whenever setting up or using the wireless network.
- Change the default SSID
- Disable SSID Broadcast
- Change the default password for the Administrator account
- Enable MAC Address Filtering
- Change the SSID periodically
- Use the highest encryption algorithm possible. Use WPA if it is available. Please note that this may reduce your network performance
- Change the WEP encryption keys periodically
Security Threats Facing Wireless Networks
Wireless networks are easy to find. Hackers know that in order to join a wireless network, wireless networking products first listen for "beacon messages". These messages can be easily decrypted and contain much of the network's information, such as the network's SSID (Service Set Identifier). Here are the steps you can take:
Change the Administrator's Password Regularly
With every wireless networking device you use, keep in mind that network settings (SSID, WEP keys, etc.) are stored in its firmware. Your network administrator is the only person who can change network settings. If a hacker gets a hold of the administrator's password, he, too, can change those settings. So, make it harder for a hacker to get that information. Change the administrator's password regularly.
Service Set ID (SSID)
There are several things to keep in mind about the SSID:
- Disable Broadcast
- Make it unique
- Change it often
Most wireless networking devices will give you the option of broadcasting the SSID. While this option may be more convenient, it allows anyone to log into your wireless network. This includes hackers. So, don't broadcast the SSID.
Wireless networking products come with a default SSID set by the factory. Hackers know these defaults and can check these against your network. Change your SSID to something unique and not something related to your company or the networking products you use. Change your SSID regularly so that any hackers who have gained access to your wireless network will have to start from the beginning in trying to break in.
Media Access Control (MAC) Addresses
Enable MAC Address filtering. MAC Address filtering will allow you to provide access to only those wireless nodes with certain MAC Addresses. This makes it harder for a hacker to access your network with a random MAC Address.
Wired Equivalent Privacy (WEP) Encryption
WEP is often looked upon as a cure-all for wireless security concerns. This is overstating WEP's ability. Again, this can only provide enough security to make a hacker's job more difficult. There are several ways that WEP can be maximized:
- Use the highest level of encryption possible
- Use "Shared Key" authentication
- Change your WEP key regularly
Wi-Fi Protected Access (WPA)
WPA is the newest and best available standard in Wi-Fi security. Two modes are available: Pre-Shared Key and RADIUS. Pre-Shared Key gives you a choice of two encryption methods: TKIP (Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates Message Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption System), which utilizes a symmetric 128-Bit block data encryption. RADIUS (Remote Authentication Dial-In User Service) utilizes a RADIUS server for authentication and the use of dynamic TKIP, AES, or WEP.
Implementing encryption may have a negative impact on your network's performance, but if you are transmitting sensitive data over your network, encryption should be used. These security recommendations should help keep your mind at ease while you are enjoying the most flexible and convenient technology available today.
0 comments:
Post a Comment