Linksys WRT54G-TM manual Appendix B Wireless Security

Page 62

Wireless-G Broadband Router

SSID. There are several things to keep in mind about the SSID:

1.Disable Broadcast

2.Make it unique

3.Change it often

Most wireless networking devices will give you the option of broadcasting the SSID. While this option may be more convenient, it allows anyone to log into your wireless network. This includes hackers. So, don’t broadcast the SSID.

Wireless networking products come with a default SSID set by the factory. (The Linksys default SSID is “linksys”.) Hackers know these defaults and can check these against your network. Change your SSID to something unique and not something related to your company or the networking products you use.

Change your SSID regularly so that any hackers who have gained access to your wireless network will have to start from the beginning in trying to break in.

MAC Addresses. Enable MAC Address filtering. MAC Address filtering will allow you to provide access to only those wireless nodes with certain MAC Addresses. This makes it harder for a hacker to access your network with a random MAC Address.

WEP Encryption. Wired Equivalent Privacy (WEP) is often looked upon as a cure-all for wireless security concerns. This is overstating WEP’s ability. Again, this can only provide enough security to make a hacker’s job more difficult.

There are several ways that WEP can be maximized:

1.Use the highest level of encryption possible

2.Use “Shared Key” authentication

3.Change your WEP key regularly

WPA. Wi-Fi Protected Access (WPA) is the newest and best available standard in Wi-Fi security. Two modes are available: Personal (also known as Pre-Shared Key) and Enterprise. Personal gives you a choice of two encryption methods: TKIP (Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates Message Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption System), which utilizes a symmetric 128-Bit block data encryption. Enterprise utilizes a RADIUS (Remote Authentication Dial-In User Service) server for authentication and the use of dynamic TKIP, AES, or WEP.

Appendix B: Wireless Security

IMPORTANT: Always remember that each device in your wireless network MUST use the same encryption method and encryption key or your wireless network will not function properly.

55

Security Threats Facing Wireless Networks

Image 62
Contents 802 GHz .11g Wireless- G Copyright and Trademarks Word definitionTable of Contents Appendix C Upgrading Firmware Appendix D Windows Help Appendix a TroubleshootingAppendix B Wireless Security List of Figures Router’s Back Panel23 Wireless Tab Wireless MAC Filter Wireless-G Broadband Router Introduction WelcomeWhat’s in this User Guide? Wireless-G Broadband Router Ssid service set identifier your wireless network’s name Planning Your Wireless NetworkAd-Hoc versus Infrastructure Mode Network TopologyPlanning Your Wireless Network Network Layout Getting to Know the Wireless-G Broadband Router Back PanelFront Panel DMZConnecting the Wireless-G Broadband Router OverviewConnecting Your Network Devices Hardware Installation for Connection to Another Router Connecting Another RouterConnecting Your Network Devices Configuring the Wireless-G Broadband Router Password ScreenSetup Tab Basic Setup Internet SetupPPPoE Connection Type Optional Settings Router IP Setup Tab Ddns 12 Setup Tab DdnsSetup Tab MAC Address Clone 13 Setup Tab MAC Address CloneSetup Tab Advanced Routing 14 Setup Tab Advanced Routing GatewayWireless Tab Basic Wireless Settings Wireless Tab Wireless Security 17 Wireless Tab Wireless Security WPA Personal20 Wireless Tab Wireless Security WPA2 Enterprise 21 Wireless Tab Wireless Security Radius Wireless Tab Wireless MAC Filter 23 Wireless Tab Wireless MAC FilterWireless Tab Advanced Wireless Settings SettingWireless-G Broadband Router Security Tab Firewall Security Tab VPN PassthroughAccess Restrictions Tab Internet Access To create an Internet Access policyTo create an Inbound Traffic policy Applications and Gaming Tab Port Range Forward 33 Applications and Gaming Tab Port Range ForwardApplications & Gaming Tab Port Triggering Port TriggeringApplications and Gaming Tab DMZ Applications and Gaming Tab QoSApplication Port Priority Administration Tab Management Administration Tab LogAdministration Tab Diagnostics 39 Administration Tab DiagnosticsAdministration Tab Config Management Administration Tab Factory DefaultsAdministration Tab Firmware Upgrade Status Tab Router 45 Status Tab RouterStatus Tab Local Network 46 Status Tab Local NetworkStatus Tab Wireless 48 Status Tab WirelessNeed to set a static IP address on a PC Appendix a TroubleshootingCommon Problems and Solutions Wireless-G Broadband Router Wireless-G Broadband Router Application Start and End Protocol IP Address Enabled Can’t get the Internet game, server, or application to work Firmware upgrade failed, and/or the Power LED is flashing To start over, I need to set the Router to factory defaultNeed to upgrade the firmware My DSL service’s PPPoE is always disconnecting Where is the Router installed on the network? Frequently Asked QuestionsPower LED keeps flashing Is IPSec Pass-Through supported by the Router?What is Network Address Translation and what is it used for? Does the Router support ICQ send file?How can I block corrupted FTP downloads? What is the Ieee 802.11g standard? What is DMZ Hosting?What are the advanced features of the Router? What is the Ieee 802.11b standard?What is ad-hoc mode? What Ieee 802.11g features are supported?What Ieee 802.11b features are supported? What is infrastructure mode?What is DSSS? What is FHSS? And what are their differences? What is ISM band?What is Spread Spectrum? How do I reset the Router? What is WEP?What is a MAC Address? How do I resolve issues with signal loss?Security Threats Facing Wireless Networks Appendix B Wireless SecuritySecurity Precautions Appendix B Wireless Security Wireless-G Broadband Router Appendix C Upgrading Firmware Appendix D Windows Help TCP/IPWindows 98SE or Me Instructions Windows 2000 or XP InstructionsFor the Router’s Web-based Utility Figure E-4 MAC Address Filter ListAppendix F Glossary Wireless-G Broadband Router Wireless-G Broadband Router Wireless-G Broadband Router Wireless-G Broadband Router Wireless-G Broadband Router Wireless-G Broadband Router Appendix G Specifications WRT54GOperating Temp Appendix H Warranty Information Limited WarrantyAppendix I Regulatory Information FCC StatementWireless-G Broadband Router Wireless-G Broadband Router Wireless-G Broadband Router Wireless-G Broadband Router Dual-Band Wireless Access Point Appendix J Contact Information