Linksys WRT54GL (EU/LA) manual Appendix B Wireless Security

Page 84

Wireless-G Broadband Router

SSID. There are several things to keep in mind about the SSID:

1.Disable Broadcast

2.Make it unique

3.Change it often

Most wireless networking devices will give you the option of broadcasting the SSID. While this option may be more convenient, it allows anyone to log into your wireless network. This includes hackers. So, don’t broadcast the SSID.

Wireless networking products come with a default SSID set by the factory. (The Linksys default SSID is “linksys”.) Hackers know these defaults and can check these against your network. Change your SSID to something unique and not something related to your company or the networking products you use.

Change your SSID regularly so that any hackers who have gained access to your wireless network will have to start from the beginning in trying to break in.

MAC Addresses. Enable MAC Address filtering. MAC Address filtering will allow you to provide access to only those wireless nodes with certain MAC Addresses. This makes it harder for a hacker to access your network with a random MAC Address.

WEP Encryption. Wired Equivalent Privacy (WEP) is often looked upon as a cure-all for wireless security concerns. This is overstating WEP’s ability. Again, this can only provide enough security to make a hacker’s job more difficult.

There are several ways that WEP can be maximized:

1.Use the highest level of encryption possible

2.Use “Shared Key” authentication

3.Change your WEP key regularly

WPA. Wi-Fi Protected Access (WPA) is the newest and best available standard in Wi-Fi security. Two modes are available: Personal (also known as Pre-Shared Key) and Enterprise. Personal gives you a choice of two encryption methods: TKIP (Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates Message Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption System), which utilizes a symmetric 128-Bit block data encryption. Enterprise utilizes a RADIUS (Remote Authentication Dial-In User Service) server for authentication and the use of dynamic TKIP, AES, or WEP.

Appendix B: Wireless Security

IMPORTANT: Always remember that each device in your wireless network MUST use the same encryption method and encryption key or your wireless network will not function properly.

76

Security Threats Facing Wireless Networks

Page 83 Page 85
Image 84
Page 83 Page 85
Contents Wireless- G How to Use This User Guide Copyright and TrademarksWord definition Table of Contents Appendix a Troubleshooting Appendix B Wireless SecurityCommon Problems and Solutions Frequently Asked Questions Appendix C Upgrading Firmware Appendix D Windows HelpList of Figures Router’s Back Panel23 Setup Wizard’s Configure Wireless Settings Screen 19 Wireless Tab Wireless Security WPA2 Personal Figure E-5 MAC Address Clone Introduction WelcomeWhat’s in this User Guide? Wireless-G Broadband Router Planning Your Wireless Network Ad-Hoc versus Infrastructure ModeSsid service set identifier your wireless network’s name Network TopologyPlanning Your Wireless Network Network Layout Getting to Know the Wireless-G Broadband Router Back PanelFront Panel Cisco logoConnecting the Wireless-G Broadband Router OverviewConnecting Your Network Devices Hardware Installation for Connection to Another Router Connecting Another RouterConnecting Your Network Devices Setting up the Wireless-G Broadband Router Using the Setup WizardSetup Wizard’s Disconnect the Modem from PC Screen Setup Wizard’s Connect a Network Cable to a PC Screen Setup Wizard’s Power on the Router Screen Setup Wizard’s Check the Router’s Status Screen Cable or DhcpDSL PPPoE Static IPPptp L2TP 16 Setup Wizard’s Advanced Internet Settings Telstra Screen Telstra18 Setup Wizard’s Configure Wireless Settings Screen Using the Router’s SecureEasySetup Feature 19 Setup Wizard’s SecureEasySetup Screen24 Setup Wizard’s Confirm New Settings Screen 26 Setup Wizard’s Congratulations Screen Manually Configuring the Router’s Wireless Settings 27 Setup Wizard’s Configure Wireless Settings ScreenWPA-PSK WEP 64-Bit WEP 128-Bit33 Setup Wizard’s Congratulations Screen Using SecureEasySetup to Configure Your Notebook 34 Setup Wizard’s Welcome Start Wizard Screen37 Configure Wireless Settings #2 Screen 38 Your Wireless Settings Screen Configuring the Wireless-G Broadband Router Setup Tab Basic Setup Internet SetupPPPoE Connection Type Optional Settings Router IP Setup Tab Ddns 12 Setup Tab DdnsSetup Tab MAC Address Clone 13 Setup Tab MAC Address CloneSetup Tab Advanced Routing 14 Setup Tab Advanced Routing GatewayWireless Tab Basic Wireless Settings Wireless Tab Wireless Security 17 Wireless Tab Wireless Security WPA Personal20 Wireless Tab Wireless Security WPA2 Enterprise 21 Wireless Tab Wireless Security Radius Wireless Tab Wireless MAC Filter 23 Wireless Tab Wireless MAC FilterWireless Tab Advanced Wireless Settings SettingWireless-G Broadband Router Security Tab Firewall Security Tab VPN PassthroughAccess Restrictions Tab Internet Access To create an Internet Access policy31 Port Services To create an Inbound Traffic policyApplications and Gaming Tab Port Range Forward 33 Applications and Gaming Tab Port Range ForwardApplications & Gaming Tab Port Triggering Port TriggeringApplications and Gaming Tab DMZ Applications and Gaming Tab QoSDevice Priority Ethernet Port PriorityApplication Port Priority Administration Tab Management Administration Tab LogAdministration Tab Diagnostics 39 Administration Tab DiagnosticsAdministration Tab Factory Defaults Administration Tab Firmware UpgradeAdministration Tab Config Management Status Tab Router 45 Status Tab RouterStatus Tab Local Network 46 Status Tab Local NetworkStatus Tab Wireless 48 Status Tab WirelessAppendix a Troubleshooting Common Problems and SolutionsNeed to set a static IP address on a PC Wireless-G Broadband Router Open a command prompt. For Windows 98SE and Me Application Start and End Protocol IP Address Enabled TCPCan’t get the Internet game, server, or application to work Wireless-G Broadband Router To start over, I need to set the Router to factory default Need to upgrade the firmwareFirmware upgrade failed, and/or the Power LED is flashing My DSL service’s PPPoE is always disconnectingPower LED keeps flashing Frequently Asked Questions What is Network Address Translation and what is it used for? Does the Router support ICQ send file?How can I block corrupted FTP downloads? What is DMZ Hosting? What are the advanced features of the Router?What is the Ieee 802.11g standard? Is the Router cross-platform compatible?What is the Ieee 802.11b standard? What Ieee 802.11g features are supported?What Ieee 802.11b features are supported? What is ad-hoc mode?What is ISM band? What is Spread Spectrum?What is DSSS? What is FHSS? And what are their differences? What is WEP? What is a MAC Address?How do I reset the Router? How do I resolve issues with signal loss?Appendix B Wireless Security Security PrecautionsSecurity Threats Facing Wireless Networks Appendix B Wireless Security Wireless-G Broadband Router Appendix C Upgrading Firmware Appendix D Windows Help Shared ResourcesNetwork Neighborhood/My Network Places Windows 98SE or Me Instructions Windows 2000 or XP InstructionsFor the Router’s Web-based Utility Figure E-4 MAC Address Filter ListAppendix F Glossary Wireless-G Broadband Router Wireless-G Broadband Router Wireless-G Broadband Router Wireless-G Broadband Router Wireless-G Broadband Router Wireless-G Broadband Router Appendix G Specifications StandardsStorage Temp 4ºF to 158ºF Operating Humidity Storage HumidityAppendix H Warranty Information Radio EN 300 EMC EN 301 489-1, EN 301 Safety EN Appendix I Regulatory InformationBelgium Applicable Power Levels in France Open the Wireless Network Connection window FCC Statement Appendix J Contact Information Europe Mail AddressOutside of Europe Mail Address Asia Pacific
Top Page Image Contents