Linksys WAG54G manual MAC Address Spoofing, Data Sniffing

Page 14

Wireless-G ADSL Gateway

protect data inside of a local network. But what do you do once information is sent outside of your local network, when emails are sent to their destination, or when you have to connect to your company's network when you are out on the road? How is your data protected?

That is when a VPN can help. VPNs secure data moving outside of your network as if it were still within that network.

When data is sent out across the Internet from your computer, it is always open to attacks. You may already have a firewall, which will help protect data moving around or held within your network from being corrupted or intercepted by entities outside of your network, but once data moves outside of your network - when you send data to someone via email or communicate with an individual over the Internet - the firewall will no longer protect that data.

At this point, your data becomes open to hackers using a variety of methods to steal not only the data you are transmitting but also your network login and security data. Some of the most common methods are as follows:

1) MAC Address Spoofing

Packets transmitted over a network, either your local network or the Internet, are preceded by a packet header. These packet headers contain both the source and destination information for that packet to transmit efficiently. A hacker can use this information to spoof (or fake) a MAC address allowed on the network. With this spoofed MAC address, the hacker can also intercept information meant for another user.

2) Data Sniffing

Data “sniffing” is a method used by hackers to obtain network data as it travels through unsecured networks, such as the Internet. Tools for just this kind of activity, such as protocol analyzers and network diagnostic tools, are often built into operating systems and allow the data to be viewed in clear text.

3) Man in the Middle Attacks

Once the hacker has either sniffed or spoofed enough information, he can now perform a “man in the middle” attack. This attack is performed, when data is being transmitted from one network to another, by rerouting the data to a new destination. Even though the data is not received by its intended recipient, it appears that way to the person sending the data.

These are only a few of the methods hackers use and they are always developing more. Without the security of your VPN, your data is constantly open to such attacks as it travels over the Internet. Data travelling over the Internet will often pass through many different servers around the world before reaching its final destination. That's a long way to go for unsecured data and this is when a VPN serves its purpose.

Chapter 2: Planning Your Network

Figure 2-3: VPN Gateway-to-VPN Gateway

7

Why do I need a VPN?

Page 13 Page 15
Image 14
Page 13 Page 15
Contents Wireless- G Word definition How to Use this GuideCopyright and Trademarks Table of Contents Wireless-G Adsl Gateway Network Computer-to-VPN Gateway23 VPN Settings Summary Figure C-9 New Rule Properties Introduction WelcomeWhat’s in this Guide? Wireless-G Adsl Gateway IP Addresses Planning Your NetworkGateway’s Functions What’s an IP Address?Dynamic IP Addresses What is a VPN?Dhcp Dynamic Host Configuration Protocol Servers Why do I need a VPN? VPN Gateway to VPN GatewayMAC Address Spoofing Data SniffingGetting to Know the Wireless-G Adsl Gateway Back PanelWhile establishing the Adsl connection Front PanelIndication of any network activity InternetConnecting the Wireless-G Adsl Gateway OverviewWired Connection to a Computer Ethernet ConnectionWireless Connection to a Computer Wireless Configuring the GatewaySetup SecurityApplications & Gaming Access RestrictionsAdministration StatusInternet Setup How to Access the Web-based UtilitySetup Tab Multiplexing Select LLC or VC , depending on your ISPVirtual Circuit Enter the VPI and VCI ranges in the fields RFC 1483 Bridged Dynamic IPStatic IP RFC 1483 Routed RFC 2516 PPPoEBridged Mode Only RFC 2364 PPPoAOptional Settings Required by some ISPs Network SetupTZO.com Ddns TabDynDNS.org Advanced Routing Tab Advanced Routing13 Routing Table Wireless Network Wireless TabBasic Wireless Settings Tab Wireless Security Tab 15 WPA Pre-Shared Key17 WEP Wireless Access Tab Wireless Network AccessAdvanced Wireless Settings Tab Advanced WirelessAdditional Filters Security TabFirewall Local Security Gateway 22 VPNManual 24 Manual Key ManagementAdvanced VPN Tunnel Setup 26 Advanced VPN Tunnel SetupConfiguring the Gateway Security Tab Access Restrictions Tab Internet Access29 List of PCs Port Range Forwarding Applications and Gaming TabSingle Port Forwarding Port Triggering 33 Port TriggeringApplication-based QoS This setting allows you to specify traffic queue priorityAdvanced QoS Management Administration TabGateway Access Email Alerts ReportingUPnP Factory Defaults DiagnosticsBackup&Restore Ping TestUpgrade from LAN Firmware UpgradeReboot Gateway Information Status TabGateway Internet ConnectionsLocal Network 45 Local Network47 Wireless DSL Connection 49 DSL ConnectionNeed to set a static IP address on a computer Appendix a TroubleshootingCommon Problems and Solutions Want to test my Internet connection Wireless-G Adsl Gateway Wireless-G Adsl Gateway TCP UDP IP AddressCan’t get the Internet game, server, or application to work Firmware upgrade failed, and/or the Power LED is flashing To start over, I need to set the Gateway to factory defaultNeed to upgrade the firmware My DSL service’s PPPoE is always disconnectingPower LED flashes continuously Is IPSec Passthrough supported by the Gateway? Frequently Asked QuestionsWhere is the Gateway installed on the network? Does the Gateway support IPX or AppleTalk?Does the Gateway support ICQ send file? Will the Gateway function in a Macintosh environment? What is DMZ Hosting?What are the advanced features of the Gateway? Is the Gateway cross-platform compatible?What is ad-hoc mode? What is the Ieee 802.11g standard?What Ieee 802.11b and 802.11g features are supported? What is infrastructure mode?What is DSSS? What is FHSS? And what are their differences? What is the ISM band?What is Spread Spectrum? How do I reset the Gateway? What is WEP?What is a MAC Address? How do I resolve issues with signal loss?Appendix B Wireless Security Important Information for Wireless ProductsWireless-G Adsl Gateway Wireless-G Adsl Gateway Environment WAG54GBuild Filter Lists How to Establish a Secure IPSec TunnelCreate an IPSec Policy Filter List 1 win-RouterFilter List 2 Router -win Figure C-4 IP Filter LIstFigure C-7 IP Filter List Configure Individual Tunnel Rules Tunnel 1 win-RouterFigure C-13 Authentication Methods Figure C-16 Tunnel Setting Tab Tunnel 2 Router-winFigure C-19 IP Filter List Tab Figure C-22 Preshared Key Assign New IPSec Policy Figure C-25 Connection TypeCreate a Tunnel Through the Web-Based Utility Figure C-28 VPN TabFigure D-1 IP Configuration Screen Windows 98 or Me InstructionsWindows 2000 or XP Instructions Figure D-3 MAC Address/Physical AddressUpgrade from WAN Appendix E Upgrading FirmwareAppendix F Glossary Wireless-G Adsl Gateway Wireless-G Adsl Gateway Wireless-G Adsl Gateway Wireless-G Adsl Gateway Wireless-G Adsl Gateway Annex-B, WAG54G-DE UR-2 Appendix G SpecificationsStandards Operating Temp 0ºC to 40ºC10% to 85% Non-Condensing Storage Temp 20ºC to 70ºC Operating HumidityStorage Humidity Appendix H Regulatory Information FCC StatementWireless-G Adsl Gateway Radio EN 300 EMC EN 301 489-1, EN 301 Safety EN Belgium Applicable Power Levels in FranceLocation Frequency Range MHz Power Eirp Wireless-G Adsl Gateway Open the Wireless Network Connection window Appendix I Warranty Information Outside of Europe Mail Address Appendix J Contact InformationEurope Mail Address
Top Page Image Contents