Genius Products U.S.A BEFW11S4 manual Appendix B Wireless Security

Page 52

Wireless-B Broadband Router

SSID. There are several things to keep in mind about the SSID:

1.Disable Broadcast

2.Make it unique

3.Change it often

Most wireless networking devices will give you the option of broadcasting the SSID. While this option may be more convenient, it allows anyone to log into your wireless network. This includes hackers. So, don’t broadcast the SSID.

Wireless networking products come with a default SSID set by the factory. (The Linksys default SSID is “linksys”.) Hackers know these defaults and can check these against your network. Change your SSID to something unique and not something related to your company or the networking products you use.

Change your SSID regularly so that any hackers who have gained access to your wireless network will have to start from the beginning in trying to break in.

MAC Addresses. Enable MAC Address filtering. MAC Address filtering will allow you to provide access to only those wireless nodes with certain MAC Addresses. This makes it harder for a hacker to access your network with a random MAC Address.

WEP Encryption. Wired Equivalent Privacy (WEP) is often looked upon as a cure-all for wireless security concerns. This is overstating WEP’s ability. Again, this can only provide enough security to make a hacker’s job more difficult.

There are several ways that WEP can be maximized:

1.Use the highest level of encryption possible

2.Use a “Shared Key” authentication

3.Change your WEP key regularly

WPA. Wi-Fi Protected Access (WPA) is the newest and best available standard in Wi-Fi security. Two modes are often available: Pre-Shared Key and RADIUS. Pre-Shared Key gives you a choice of encryption methods, which are often TKIP (Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates Message Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption System), which utilizes a symmetric 128-Bit block data encryption. RADIUS (Remote Authentication Dial-In User Service) utilizes a RADIUS server for authentication and the use of dynamic TKIP, AES, or WEP.

Appendix B: Wireless Security

Important: Always remember that each device in your wireless network MUST use the same encryption method and encryption key or your wireless network will not function properly.

Note: This Router only provides TKIP encryption for Wi-Fi Protected Access (WPA).

46

Security Threats Facing Wireless Networks

Image 52
Contents Wireless- B Copyright and Trademarks Word definitionTable of Contents Appendix B Wireless Security Appendix ATroubleshootingAppendix C Upgrading Firmware Appendix D Windows Help List of Figures Broadband Router’s Back Panel26 Applications and Gaming UPnP Forwarding Introduction WelcomeWhat’s in this Guide? Wireless-B Broadband Router Network Topology RoamingNetwork Layout Getting to Know the Wireless-B Broadband Router Back PanelWireless-B Front PanelConnecting the Wireless-B Broadband Router Hardware InstallationConfiguring the Wireless-B Broadband Router OverviewSetup Tab Basic Setup Internet SetupPPPoE Connection Type Optional Settings Required by some ISPs Wireless-B Broadband Router Setup Tab MAC Address Clone 10 Setup Tab MAC Address CloneSetup Tab Advanced Routing 11 Setup Tab Advanced RoutingWireless Tab Basic Wireless Settings 13 Wireless Tab Basic Wireless SettingsWireless Tab Wireless Security 14 WPA Pre-Shared Key17 Wireless Tab WEP Wireless Tab Wireless Network Access 18 Wireless Tab Wireless Network AccessWireless Tab Advanced Wireless Settings Preamble type, Long Preambledefault or Short PreambleSecurity Tab Filter 21 Security Tab FilterSecurity Tab VPN Passthrough 23 Security Tab VPN PassthroughApplications and Gaming Tab Port Range Forwarding 24 Applications and Gaming Tab Port Range ForwardingApplications and Gaming Tab Port Triggering Applications and Gaming Tab UPnP ForwardingAdministration Tab Management Applications and Gaming Tab DMZAdministration Tab Log 29 Backup & RestoreAdministration Tab Firmware Upgrade Administration Tab Factory Defaults 33 Administration Tab Factory DefaultsStatus Tab Router By the RouterStatus Tab Local Network 35 Status Tab Local NetworkCommon Problems and Solutions Appendix a TroubleshootingNeed to set a static IP address on a PC Want to test my Internet connection Wireless-B Broadband Router TCP UDP VPN Ipsec Can’t get the Internet game, server, or application to workNeed to upgrade the firmware To start over, I need to set the Router to factory defaultFirmware upgrade failed, and/or the Power LED is flashing My DSL service’s PPPoE is always disconnecting Frequently Asked Questions Power LED keeps flashingWhere is the Router installed on the network? Is IPSec Pass-Through supported by the Router?What is Network Address Translation and what is it used for? Does the Router support ICQ send file?How can I block corrupted FTP downloads? What is DMZ Hosting? What are the advanced features of the Router?What is the Ieee 802.11g standard? What Ieee 802.11b features are supported?What is ad-hoc mode? What is infrastructure mode?What is roaming? What is ISM band?What is Spread Spectrum? What is DSSS? What is FHSS? And what are their differences?What is WEP? What is a MAC Address?How do I resolve issues with signal loss? Have excellent signal strength, but I cannot see my networkSecurity Precautions Appendix B Wireless SecuritySecurity Threats Facing Wireless Networks Appendix B Wireless Security Wireless-B Broadband Router Figure C-1 Upgrade Firmware Appendix C Upgrading FirmwareAppendix D Windows Help TCP/IPWindows 98 or Me Instructions Windows 2000 or XP InstructionsFor the Router’s Web-based Utility Figure E-3 MAC Address/Physical AddressAppendix F Glossary Wireless-B Broadband Router Wireless-B Broadband Router Wireless-B Broadband Router Wireless-B Broadband Router Wireless-B Broadband Router Appendix G Specifications Appendix H Warranty Information Appendix I Regulatory Information FCC StatementWireless-B Broadband Router Appendix J Contact Information Europe Mail Address