Linksys WAP54GX manual Security Threats Facing Wireless Networks

Page 46

Wireless-G Access Point with SRX

SSID. There are several things to keep in mind about the SSID:

1.Disable Broadcast

2.Make it unique

3.Change it often

Most wireless networking devices will give you the option of broadcasting the SSID. While this option may be more convenient, it allows anyone to log into your wireless network. This includes hackers. So, don’t broadcast the SSID.

Wireless networking products come with a default SSID set by the factory. (The Linksys default SSID is “linksys”.) Hackers know these defaults and can check these against your network. Change your SSID to something unique and not something related to your company or the networking products you use.

Change your SSID regularly so that any hackers who have gained access to your wireless network will have to start from the beginning in trying to break in.

MAC Addresses. Enable MAC Address filtering. MAC Address filtering will allow you to provide access to only those wireless nodes with certain MAC Addresses. This makes it harder for a hacker to access your network with a random MAC Address.

WEP Encryption. Wired Equivalent Privacy (WEP) is often looked upon as a cure-all for wireless security concerns. This is overstating WEP’s ability. Again, this can only provide enough security to make a hacker’s job more difficult.

There are several ways that WEP can be maximized:

1.Use the highest level of encryption possible

2.Use “Shared Key” authentication

3.Change your WEP key regularly

WPA. Wi-Fi Protected Access (WPA) is the newest and best available standard in Wi-Fi security. Four modes are available: WPA-Personal, WPA2-Personal, WPA-Enterprise, and RADIUS. WPA-Personal gives you a choice of two encryption methods: TKIP (Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates Message Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption Standard), which utilizes a symmetric 128-Bit block data encryption. WPA2-Personal only uses AES encryption, which is stronger than TKIP. WPA-Enterprise offers two encryption methods, TKIP and AES, with dynamic encryption keys. RADIUS (Remote Authentication Dial-In User Service) utilizes a RADIUS server for authentication.

Appendix B: Wireless Security

IMPORTANT: Always remember that each device in your wireless network MUST use the same encryption method and encryption key or your wireless network will not function properly.

40

Security Threats Facing Wireless Networks

Image 46
Contents 802 GHz .11g Wireless- G How to Use this User Guide Copyright and TrademarksTable of Contents Appendix B Wireless Security Appendix a TroubleshootingFrequently Asked Questions Front Panel Back PanelWireless Security Radius Screen Introduction WelcomeWhat’s in this User Guide? Wireless-G Access Point with SRX Network Topology Planning Your Wireless NetworkRoaming Network Layout Getting to Know the Wireless-G Access Point with SRX WirelessBack Panel Connections for Setup Connecting the Wireless-G Access Point withOverview Setting up the Wireless-G Access Point with Using the Setup WizardConnect the Network Cable to the Router or Switch Screen Check the Access Point’s Status Screen Password Screen Basic Settings Screen Configuring the Access Point’s Wireless Settings Wireless Settings ScreenWEP 64-Bit WEP 128-BitWPA/WPA2 Personal WPA Personal WPA2 PersonalWPA2 Mixed Mode 14 WPA2 Mixed Mode Settings Screen16 Congratulations Screen Setup Configuring the Wireless-G Access Point with SRXNavigating the Utility Administration WirelessStatus Setup Network Setup Tab Accessing the UtilityNetwork Setup Setup Static IP Screen Wireless Basic Wireless Settings Tab Basic Wireless SettingsWireless Wireless Security Tab Wireless SecurityWPA2-Mixed Radius Wireless Wireless MAC Filter Tab Wireless MAC FilterWireless Advanced Wireless Settings Tab Advanced WirelessWireless-G Access Point with SRX Administration Management Tab ManagementAdministration Log Tab LogAdministration Firmware Upgrade Tab Administration Factory Defaults TabFirmware Upgrade AP’s Information Status Local Network TabLocal Network Status Wireless Network Tab Wireless NetworkAppendix a Troubleshooting Frequently Asked QuestionsWhat Ieee 802.11g features are supported? What is the ISM band? Does the Access Point function as a firewall? Security Precautions Appendix B Wireless SecuritySecurity Threats Facing Wireless Networks Security Threats Facing Wireless Networks Wireless-G Access Point with SRX Appendix C Upgrading Firmware Shared Resources Appendix D Windows HelpNetwork Neighborhood/My Network Places Appendix E Glossary Wireless-G Access Point with SRX Wireless-G Access Point with SRX Wireless-G Access Point with SRX Wireless-G Access Point with SRX Model Appendix F SpecificationsEnable/disable StandardsOperating Humidity Storage HumidityAppendix G Warranty Information Limited WarrantyAppendix H Regulatory Information FCC StatementWireless-G Access Point with SRX Wireless-G Access Point with SRX Wireless-G Access Point with SRX Wireless-G Access Point with SRX Dual-Band Wireless Access Point Appendix I Contact Information