Cisco Systems WRT54G manual Maximizing Wireless Security, Active Attacks

Page 63

Wireless-G Broadband Router

Active Attacks

Hackers use Active Attacks for three purposes: 1) stealing data, 2) using your network, and 3) modifying your network so it's easier to hack in the next time.

In an Active Attack, the hacker has gained access to all of your network settings (SSID, WEP keys, etc.) and is in your network. Once in your wireless network, the hacker has access to all open resources and transmitted data on the network. In addition, if the wireless network's access point is connected to a switch, the hacker will also have access to data in the wired network.

Further, spammers can use your Internet connection and your ISP's mail server to send tens of thousands of e- mails from your network without your knowledge.

Lastly, the hacker could make hacking into your network even easier by changing or removing safeguards such as MAC address filters and WEP encryption. He can even steal passwords and user names for the next time he wants to hack in.

Dictionary-Building or Table Attacks

Dictionary-building, or Table attacks, is a method of gaining network settings (SSID, WEP keys, etc.) by analyzing about a day's worth of network traffic, mostly in the case of business networks. Over time, the hacker can build up a table of network data and be able to decrypt all of your wireless transmissions. This type of attack is more effective with networks that transmit more data, such as businesses.

Man-in-the-Middle Attacks

A hacker doesn't need to log into your network as a user - he can appear as one of the network's own access points, setting himself up as the man-in-the-middle. To do this, the hacker simply needs to rig an access point with your network's settings and send out a stronger signal that your access point. In this way, some of your network's PCs may associate with this rogue access point, not knowing the difference, and may begin sending data through it and to this hacker.

The trade-off for the convenience and flexibility wireless networking provides is the possibility of being hacked into through one of the methods described here. With wireless networks, even with WEP encryption, open to the persistent hacker, how can you protect your data? The following section will tell you how to do just that.

Maximizing Wireless Security

Security experts will all tell you the same thing: Nothing is guaranteed. No technology is secure by itself. An unfortunate axiom is that building the better mousetrap can often create a better mouse. This is why, in the

Appendix B: Wireless Security

54

Maximizing Wireless Security

Image 63
Contents Jameco Part Number 487058UsersGuide 54Mbps GHz Wireless- G Word definition Copyright and TrademarksTable of Contents Appendix B Wireless Security Appendix ATroubleshootingBroadband Router’s Back Panel List of Figures18 Wireless Tab Advanced Wireless Settings Figure B-12 WEP Welcome IntroductionWhat’s in this Guide? Wireless-G Broadband Router Roaming Network TopologyNetwork Layout Back Panel Getting to Know the Wireless-G Broadband RouterDMZ Front PanelHardware Installation Connecting the Wireless-G Broadband RouterConnecting the Wireless-G Broadband Router Wireless-G Broadband Router Configuring the PCs Configuring Windows 98 and Millennium PCsOverview Properties Configuring Windows 2000 PCsConfiguring Windows XP PCs Configuring the PCs Configuring Windows XP PCs Password Screen Configuring the Wireless-G Broadband RouterInternet Setup Setup Tab Basic SetupPPPoE Connection Type Router IP Time Setting 11 Setup Tab Ddns Setup Tab Ddns12 Setup Tab MAC Address Clone Setup Tab MAC Address Clone13 Setup Tab Advanced Routing Gateway Setup Tab Advanced RoutingCorrectly Wireless Tab Basic Wireless Settings16 Wireless Tab Wireless MAC Filter Wireless Tab Wireless MAC Filter18 Wireless Tab Advanced Wireless Settings Wireless Tab Advanced Wireless SettingsWireless-G Broadband Router Security Tab VPN Passthrough Security Tab Firewall21 Wireless Tab Wireless Security WPA Pre-Shared Key Security Tab Wireless Security23 Wireless Tab Wireless Security Radius 25 Access Restrictions Tab Access Restrictions Tab28 Applications and Gaming Tab Port Range Forward Applications and Gaming Tab Port Range Forward29 Applications and Gaming DMZ Applications and Gaming Tab DMZAdministration Tab Log Administration Tab Management32 Administration Tab Diagnostics Administration Tab DiagnosticsAdministration Tab Firmware Upgrade Administration Tab Factory Defaults37 Status Tab Router Status Tab Router38 Status Tab Local Network Status Tab Local Network39 Status Tab Wireless Status Tab WirelessAppendix a Troubleshooting Common Problems and SolutionsNeed to set a static IP address on a PC Open a command prompt. For Windows 98 and Me Wireless-G Broadband Router TCP UDP Can’t get the Internet game, server, or application to work VPN IpsecTo start over, I need to set the Router to factory default Need to upgrade the firmwareFirmware upgrade failed, and/or the Power LED is flashing My DSL service’s PPPoE is always disconnecting Is IPSec Pass-Through supported by the Router? Frequently Asked QuestionsPower LED keeps flashing Where is the Router installed on the network?Does the Router support ICQ send file? What is Network Address Translation and what is it used for?How can I block corrupted FTP downloads? What Ieee 802.11b features are supported? What is DMZ Hosting?What are the advanced features of the Router? What is the Ieee 802.11g standard?What is ISM band? What is ad-hoc mode?What is infrastructure mode? What is roaming?What is a MAC Address? What is Spread Spectrum?What is DSSS? What is FHSS? And what are their differences? What is WEP?Have excellent signal strength, but I cannot see my network How do I resolve issues with signal loss?Appendix B Wireless Security Brief OverviewWhat Are The Risks? Passive Attacks Active Attacks Maximizing Wireless SecurityCommon Sense Solutions Ssid WEP WPA WPA Radius Appendix C Upgrading Firmware Figure C-1 Upgrade FirmwareTCP/IP Appendix D Windows HelpWindows 2000 or XP Instructions Windows 98 or Me InstructionsFigure E-3 MAC Address/Physical Address For the Router’s Web-based UtilityAppendix F Glossary Wireless-G Broadband Router Wireless-G Broadband Router Wireless-G Broadband Router Wireless-G Broadband Router Wireless-G Broadband Router Appendix G Specifications Wireless-G Broadband Router Limited Warranty Appendix H Warranty InformationFCC Statement Appendix I Regulatory InformationWireless-G Broadband Router Wireless-G Broadband Router Appendix J Contact Information

WRT54G specifications

The Cisco Systems WRT54G is a cornerstone of home and small office networking, renowned for its robust features and reliability since its release in 2002. Widely acknowledged as one of the first consumer-grade routers to combine wireless and wired networking capabilities, the WRT54G has earned a legacy as a hallmark of simplicity and performance.

At the heart of its functionality is the 802.11g wireless standard, which allows for wireless connections at speeds of up to 54 Mbps. This technology ensures a reliable connection over significant distances, making it suitable for various home and office environments. The WRT54G operates on the 2.4 GHz frequency band, which provides compatibility with many devices but can be susceptible to interference from other electronic devices.

One of the standout features of the WRT54G is its user-friendly web interface, allowing even non-technical users to easily configure their network settings. This feature promotes security by enabling users to modify their network name, set up encryption protocols like WEP or WPA, and create a guest network for visitors. The router also incorporates a built-in firewall and supports Network Address Translation (NAT), adding an additional layer of security to users’ private networks.

The WRT54G boasts four Ethernet ports for wired connections, accommodating multiple devices simultaneously. This feature is particularly beneficial for users with desktop computers, gaming consoles, or network-attached storage devices requiring stable, high-speed connections. The ability to connect devices through Ethernet ensures that users can enjoy the benefits of a reliable and fast network, especially in environments where wireless connectivity may be limited.

Another distinguishing characteristic of the WRT54G is its open-source firmware capability, which has led to a devoted community of enthusiasts who have developed alternative firmware for greater customization and advanced features. This flexibility not only enhances the router's lifespan but also caters to users who require specific functionalities, such as advanced Quality of Service (QoS) settings or more extensive parental controls.

In conclusion, the Cisco Systems WRT54G remains a significant player in the realm of consumer networking due to its innovative features, ease of use, and adaptability. While newer models have since emerged, the WRT54G's enduring reputation speaks to its reliability and solid performance, making it a preferred choice for many users seeking to establish a dependable network.