General guidelines for securing your wireless network. UPDATE: 12/31/02 This article is still in development This article was written to provide some general guidelines to use while setting up a wireless 802.11b network. Out of the box these setups are so insecure that with leaving everything at the default settings your putting all your data out in the open for anyone to view, modify or even delete. This article is written showing screenshots from a Linksys WAP11. However the theories shown here pretty much some up all the consumer level brand wireless appliances. Options may be called different things and the layout may be different, but after reading this article you should be able to find these options on your model. Also needing to note, that it's fairly well know that wireless security isn't perfect. But taking these steps will make it extremely bothersome for anyone to spend any amount of time to attempt to access your network. Step 1. The first thing you should do when you get your access point connected, is change the default login password. All the security you setup won't do a bit of good if someone can just SNMP in and change all your settings to their likings. Be sure to not forget this password. Step 2. Change the default SSID of your wireless device. While changing the SSID doesn't provide any enhanced security, it does show that the default setting have been modified and there's no reason to look any farther. It also allows you to give some description and personalisation to your wireless network. Although avoid the temptation to use any personal informatin like your name, address, or especially your phone number. Figure 1 shows where you would change the SSID on a Linksys AP.  Figure 1 Step 3. (Optional) If your not going to have computers coming in and out of your wireless network, why tell the world you even have a wireless network. Most AP's have the ability to disable the broadcast of the SSID. Disabling the broadcast would however require you to manually enter the SSID on any computer you introduce to your wireless network. This is a good feature to enable in a home enviroment where things don't change much. It's not a very practical idea in a corporate enviroment where there mobile users. Figure 2 shows where this feature is on a Linksys AP.  Figure 2 Step 4. WEP, this is where things start getting interesting. I cetainly won't go in to deatail of WEP is and how it works, so here's a extremely simple breakdown. WEP allows for two devices that share a common 'key' to talk with each other. The difference between 64bit and 128bit is the complexity of the 'key'. Some models, such as the Linksys allow you to create a key by using a passphrase, which makes it simpler to get all your computers working with your AP. Otherwise you need to record your WEP key and enter it exactly on all client computers.  Figure 3  Figure 4 Disclaimer: This article is provided for informational purposes only. Business Solutions & Networking, Inc. will not be held responsible any damage caused by using steps written within. For gauranteed levels of service, contact Business Solutions & Networking, Inc. to get information on pricing or to schedule a technician visit. (262)652-7151 |
| BSN Web Hosting |
| Remote Access |
|
|
| How to Contact Us |
(262)652-7151 Voice 8032-22nd Avenue |
| Need a phone system? |
|
We are an authorized dealer of TalkSwitch, a perfect, cost effective solutions for small businesses or the home office. 
click here for more info |