Linksys wag300n (eu, la) manual Appendix B Wireless Security

Page 72

Wireless-N ADSL2+ Gateway

SSID. There are several things to keep in mind about the SSID:

1.Disable Broadcast

2.Make it unique

3.Change it often

Most wireless networking devices will give you the option of broadcasting the SSID. While this option may be more convenient, it allows anyone to log into your wireless network. This includes hackers. So, don’t broadcast the SSID.

Wireless networking products come with a default SSID set by the factory. (The Linksys default SSID is “linksys”.) Hackers know these defaults and can check these against your network. Change your SSID to something unique and not something related to your company or the networking products you use.

Change your SSID regularly so that any hackers who have gained access to your wireless network will have to start from the beginning in trying to break in.

MAC Addresses. Enable MAC Address filtering. MAC Address filtering will allow you to provide access to only those wireless nodes with certain MAC Addresses. This makes it harder for a hacker to access your network with a random MAC Address.

WEP Encryption. Wired Equivalent Privacy (WEP) is often looked upon as a cure-all for wireless security concerns. This is overstating WEP’s ability. Again, this can only provide enough security to make a hacker’s job more difficult.

There are several ways that WEP can be maximized:

1.Use the highest level of encryption possible

2.Use “Shared Key” authentication

3.Change your WEP key regularly

PSK. Pre-Shared Key (PSK) is the newest and best available standard in Wi-Fi security. PSK2 is the newer version of Pre-Shared Key with stronger encryption than PSK. PSK gives you a choice of two encryption methods: TKIP (Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates Message Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption System), which utilizes

asymmetric 128-Bit block data encryption. PSK-Enterprise and PSK2-Enterprise use a RADIUS (Remote Authentication Dial-In User Service) server for authentication. RADIUS uses a RADIUS server and WEP encryption.

Appendix B: Wireless Security

IMPORTANT: Always remember that each device in your wireless network MUST use the same encryption method and encryption key or your wireless network will not function properly.

66

Security Threats Facing Wireless Networks

Page 71 Page 73
Image 72
Page 71 Page 73
Contents GHz How to Use this Guide Copyright and TrademarksWord definition Table of Contents Wireless-N ADSL2+ Gateway Ports and Reset Button on Side Panel Network25 Internet Access Policy Introduction WelcomeWhat’s in this User Guide? Wireless-N ADSL2+ Gateway Planning Your Network Gateway’s FunctionsIP Addresses What’s an IP Address?Dhcp Dynamic Host Configuration Protocol Servers Dynamic IP AddressesGettingtoKnowtheWireless-NADSL2+Gateway Ports and Reset Button on Side PanelWireless LEDs on Side PanelConnecting the Wireless-N ADSL2+ Gateway Wired Connection to a ComputerOverview Wireless Connection to a Computer Connect the PowerConfiguring the Wireless-N ADSL2+ Gateway SetupWireless Access Restrictions AdministrationSecurity Applications & GamingHow to Access the Web-based Utility Setup TabBasic Setup Tab Internet SetupRFC 1483 Bridged Dynamic IP Static IPRFC 1483 Routed IPoARFC 2516 PPPoE RFC 2364 PPPoABridge Mode Only Optional Settings required by some ISPsNetwork Setup Configuring the Wireless-N ADSL2+ Gateway Setup Tab Ddns Tab DynDNS.orgTZO.com Advanced Routing Tab Advanced Routing12 Routing Table Wireless Tab Basic Wireless Settings TabWireless Network Wireless Security Tab PSK-PersonalPSK2-Personal PSK-Enterprise PSK2-EnterpriseRadius WEP Wireless MAC Filter Tab Wireless MAC FilterAdvanced Wireless Settings Tab Advanced WirelessConfiguring the Wireless-N ADSL2+ Gateway Wireless Tab Security Tab Firewall TabFirewall VPN Passthrough Tab VPN PassthroughAccess Restrictions Tab Internet Access Policy TabInternet Access Policy 27 List of PCs Applications and Gaming Tab Single Port Range Forwarding TabSingle Port Forwarding Port Range Forwarding Tab Port Range ForwardingPort Triggering Tab Port Range TriggeringDMZ Tab DMZQoS Quality of Service QoS Tab33 QoS Online Game Summary RemoveAdministration Tab Gateway AccessManagement Tab UPnP WlanReporting Tab ReportingEmail Alerts Diagnostics Tab Ping TestBackup & Restore Tab Backup ConfigurationRestore Configuration Factory Defaults Tab Firmware Upgrade TabFactory Defaults Firmware UpgradeStatus Tab Gateway TabGateway Information Internet ConnectionLocal Network Tab Local Network52 Wireless DSL Connection Tab DSL StatusPVC Connection Appendix a Troubleshooting Common Problems and SolutionsNeed to set a static IP address on a computer Want to test my Internet connection Wireless-N ADSL2+ Gateway Wireless-N ADSL2+ Gateway Application Start and End Protocol IP Address Enable TCPCan’t get the Internet game, server, or application to work To start over, I need to set the Gateway to factory default Need to upgrade the firmwareFirmware upgrade failed, and/or the Power LED is flashing My DSL service’s PPPoE is always disconnecting Power LED flashes continuouslyFrequently Asked Questions Where is the Gateway installed on the network?Is IPSec Passthrough supported by the Gateway? Does the Gateway support IPX or AppleTalk? Does the Gateway support ICQ send file?What is DMZ Hosting? What are the advanced features of the Gateway? What is the Ieee 802.11g standard?Is the Gateway cross-platform compatible? How many ports can be simultaneously forwarded?What is the Ieee 802.11b standard? What Ieee 802.11b and 802.11g features are supported?What is ad-hoc mode? What is infrastructure mode?What is the ISM band? What is Spread Spectrum?What is DSSS? What is FHSS? And what are their differences? What is WEP?How do I reset the Gateway? How do I resolve issues with signal loss?Have excellent signal strength, but I cannot see my network Appendix B Wireless Security Security PrecautionsSecurity Threats Facing Wireless Networks Appendix B Wireless Security Wireless-N ADSL2+ Gateway Figure C-1 IP Configuration Screen Windows 98 or Me InstructionsWindows 2000 or XP Instructions Figure C-3 MAC Address/Physical AddressFigure D-1 Firmware Upgrade Appendix D Upgrading FirmwareAppendix E Glossary Wireless-N ADSL2+ Gateway Wireless-N ADSL2+ Gateway Wireless-N ADSL2+ Gateway Wireless-N ADSL2+ Gateway Appendix F Specifications ToD filter Blocks Access by Time Ssid Broadcast DisableAccess restriction by MAC and IP addresses VPN Passthrough for IPSec, PPTP, and L2TP ProtocolsAppendix G Warranty Information Appendix H Regulatory Information FCC StatementDual-Band Wireless Access Point Wireless-N ADSL2+ Gateway Wireless-N ADSL2+ Gateway Applicable Power Levels in France Location Frequency Range MHz Power EirpOpen the Wireless Network Connection window Wireless-N ADSL2+ Gateway Wireless-N ADSL2+ Gateway Wireless-N ADSL2+ Gateway Wireless-N ADSL2+ Gateway Wireless-N ADSL2+ Gateway Wireless-N ADSL2+ Gateway Appendix I Contact Information Europe Mail AddressOutside of Europe Mail Address
Top Page Image Contents