Linksys WRTU54G-TM manual Appendix B Wireless Security

Page 65

Wireless-G Broadband Router with 2 Phone Ports

SSID. There are several things to keep in mind about the SSID:

1.Disable Broadcast

2.Make it unique

3.Change it often

Most wireless networking devices will give you the option of broadcasting the SSID. While this option may be more convenient, it allows anyone to log into your wireless network. This includes hackers. So, don’t broadcast the SSID.

Wireless networking products come with a default SSID set by the factory. (The Linksys default SSID is “linksys”.) Hackers know these defaults and can check these against your network. Change your SSID to something unique and not something related to your company or the networking products you use.

Change your SSID regularly so that any hackers who have gained access to your wireless network will have to start from the beginning in trying to break in.

MAC Addresses. Enable MAC Address filtering. MAC Address filtering will allow you to provide access to only those wireless nodes with certain MAC Addresses. This makes it harder for a hacker to access your network with a random MAC Address.

WEP Encryption. Wired Equivalent Privacy (WEP) is often looked upon as a cure-all for wireless security concerns. This is overstating WEP’s ability. Again, this can only provide enough security to make a hacker’s job more difficult.

There are several ways that WEP can be maximized:

1.Use the highest level of encryption possible

2.Use “Shared Key” authentication

3.Change your WEP key regularly

WPA. Wi-Fi Protected Access (WPA) is the newest and best available standard in Wi-Fi security. Two modes are available: Personal (also known as Pre-Shared Key) and Enterprise. Personal gives you a choice of two encryption methods: TKIP (Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates Message Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption System), which utilizes a symmetric 128-Bit block data encryption. Enterprise utilizes a RADIUS (Remote Authentication Dial-In User Service) server for authentication and the use of dynamic TKIP, AES, or WEP.

Appendix B: Wireless Security

IMPORTANT: Always remember that each device in your wireless network MUST use the same encryption method and encryption key or your wireless network will not function properly.

58

Security Threats Facing Wireless Networks

Image 65
Contents 802 GHz .11g Wireless- G Word definition How to Use This User GuideCopyright and Trademarks Table of Contents Appendix B Wireless Security Appendix a TroubleshootingAppendix C Upgrading Firmware Appendix D Windows Help Ethernet AdapterRouter’s Back Panel List of Figures17 Wireless Tab Basic Wireless Settings 51 Status Tab Voice Error List Welcome IntroductionWhat’s in this User Guide? Wireless-G Broadband Router with 2 Phone Ports Ad-Hoc versus Infrastructure Mode Planning Your Wireless NetworkSsid service set identifier your wireless network’s name Network TopologyPlanning Your Wireless Network Network Layout Back Panel Getting to Know the Wireless-G Broadband RouterEthernet Front PanelOverview Hardware Installation for Connection to Your Broadband ModemConnecting Your Network Devices Multiple PCs Hardware Installation for Connection to An Existing RouterConnecting the Power Placement Options Direction Holder SIM Card InstallationPassword Screen Internet Setup Setup Tab Basic SetupPPPoE Connection Type Optional Settings Router IP Ddns Service Setup Tab Ddns14 Setup Tab MAC Address Clone Setup Tab MAC Address Clone15 Setup Tab Advanced Routing Router Setup Tab Advanced RoutingWireless Tab Basic Wireless Settings 18 Wireless Tab Wireless Security WPA Personal Wireless Tab Wireless Security21 Wireless Tab Wireless Security WPA2 Enterprise 22 Wireless Tab Wireless Security Radius 24 Wireless Tab Wireless MAC Filter Wireless Tab Wireless MAC FilterSetting Wireless Tab Advanced Wireless SettingsWireless-G Broadband Router with 2 Phone Ports Security Tab VPN Passthrough Security Tab FirewallTo create an Internet Access policy Access Restrictions Tab Internet AccessClick the Modify button 33 Applications and Gaming Tab Port Range Forward Applications and Gaming Tab Port Range ForwardPort Triggering Applications & Gaming Tab Port TriggeringApplications and Gaming Tab QoS Wired QoSApplications and Gaming Tab DMZ Ethernet Port Priority Wireless QoSAdministration Tab Log Administration Tab Management39 Administration Tab Diagnostics Administration Tab DiagnosticsAdministration Tab Config Management Administration Tab Factory DefaultsAdministration Tab Firmware Upgrade 45 Status Tab Router Status Tab Router46 Status Tab Local Network Status Tab Local Network48 Status Tab Wireless Status Tab Wireless49 Status Tab Voice Status Tab VoiceNeed to set a static IP address on a PC Appendix a TroubleshootingCommon Problems and Solutions Wireless-G Broadband Router with 2 Phone Ports Open a command prompt. For Windows 2000 and XP TCP Application Start and End Protocol IP Address EnabledCan’t get the Internet game, server, or application to work Wireless-G Broadband Router with 2 Phone Ports Need to upgrade the firmware To start over, I need to set the Router to factory defaultWhere is the Router installed on the network? Frequently Asked QuestionsIs IPSec Pass-Through supported by the Router? Does the Router support IPX or AppleTalk?How can I block corrupted FTP downloads? If all else fails in the installation, what can I do?Does the Router support ICQ send file? How many ports can be simultaneously forwarded? What is DMZ Hosting?Is the Router cross-platform compatible? What is the Ieee 802.11g standard? What are the advanced features of the Router?What is the Ieee 802.11b standard? What Ieee 802.11g features are supported?What is infrastructure mode? What is ad-hoc mode?What is roaming? What is ISM band?What is DSSS? What is FHSS? And what are their differences? What is Spread Spectrum?What is WEP? What is a MAC Address?How many channels/frequencies are available with the Router? Have excellent signal strength, but I cannot see my networkSecurity Threats Facing Wireless Networks Appendix B Wireless SecuritySecurity Precautions Appendix B Wireless Security Wireless-G Broadband Router with 2 Phone Ports Appendix C Upgrading Firmware Figure C-1 Upgrade FirmwareNetwork Neighborhood/My Network Places Appendix D Windows HelpShared Resources Windows Vista Instructions Windows 2000 or XP InstructionsFigure E-3 MAC Address Clone For the Router’s Web-based UtilityAppendix F Glossary Wireless-G Broadband Router with 2 Phone Ports Wireless-G Broadband Router with 2 Phone Ports Wireless-G Broadband Router with 2 Phone Ports Wireless-G Broadband Router with 2 Phone Ports Wireless-G Broadband Router with 2 Phone Ports Wireless-G Broadband Router with 2 Phone Ports Wireless Security Appendix G SpecificationsWi-Fi Protected Access2 WPA2 ModelCertifications Limited Warranty Appendix H Warranty InformationAppendix I Regulatory Information Wireless-G Broadband Router with 2 Phone Ports Wireless-G Broadband Router with 2 Phone Ports Wireless-G Broadband Router with 2 Phone Ports Wireless-G Broadband Router with 2 Phone Ports Wireless-G Broadband Router with 2 Phone Ports Avis de non-responsabilité concernant les appareils sans fil Wireless DisclaimerSoftware in Linksys Products Appendix J Software License AgreementSchedule 1 Linksys Software License Agreement Software LicensesWireless-G Router for 3G/UMTS Broadband Wireless-G Router for 3G/UMTS Broadband Preamble ScheduleWireless-G Router for 3G/UMTS Broadband Wireless-G Router for 3G/UMTS Broadband Wireless-G Router for 3G/UMTS Broadband No Warranty GNU Lesser General Public License Wireless-G Router for 3G/UMTS Broadband Wireless-G Router for 3G/UMTS Broadband Wireless-G Router for 3G/UMTS Broadband Wireless-G Router for 3G/UMTS Broadband Wireless-G Router for 3G/UMTS Broadband Wireless-G Router for 3G/UMTS Broadband Wireless-G Router for 3G/UMTS Broadband OpenSSL License Original SSLeay License END of Schedule Appendix K Contact Information