Linksys WRT54GR manual Appendix B Wireless Security

Page 60

Wireless-G Broadband Router with RangeBooster

SSID. There are several things to keep in mind about the SSID:

1.Disable Broadcast

2.Make it unique

3.Change it often

Most wireless networking devices will give you the option of broadcasting the SSID. While this option may be more convenient, it allows anyone to log into your wireless network. This includes hackers. So, don’t broadcast the SSID.

Wireless networking products come with a default SSID set by the factory. (The Linksys default SSID is “linksys”.) Hackers know these defaults and can check these against your network. Change your SSID to something unique and not something related to your company or the networking products you use.

Change your SSID regularly so that any hackers who have gained access to your wireless network will have to start from the beginning in trying to break in.

MAC Addresses. Enable MAC Address filtering. MAC Address filtering will allow you to provide access to only those wireless nodes with certain MAC Addresses. This makes it harder for a hacker to access your network with a random MAC Address.

WEP Encryption. Wired Equivalent Privacy (WEP) is often looked upon as a cure-all for wireless security concerns. This is overstating WEP’s ability. Again, this can only provide enough security to make a hacker’s job more difficult.

There are several ways that WEP can be maximized:

1.Use the highest level of encryption possible

2.Use “Shared Key” authentication

3.Change your WEP key regularly

WPA. Wi-Fi Protected Access (WPA) is the newest and best available standard in Wi-Fi security. Two modes are available: WPA Personal and WPA Enterprise. WPA Personal gives you a choice of two encryption methods: TKIP (Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates Message Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption System), which utilizes a symmetric 128-Bit block data encryption. WPA Enterprise uses TKIP or AES encryption and utilizes a RADIUS (Remote Authentication Dial-In User Service) server for authentication.

Appendix B: Wireless Security

IMPORTANT: Always remember that each device in your wireless network MUST use the same encryption method and encryption key or your wireless network will not function properly.

54

Security Threats Facing Wireless Networks

Image 60
Contents Wireless- G How to Use This User Guide Copyright and TrademarksWord definition Table of Contents Appendix a Troubleshooting Appendix B Wireless SecurityCommon Problems and Solutions Frequently Asked Questions Appendix C Upgrading Firmware Appendix D Windows HelpList of Figures Router’s Back Panel27 Wireless Tab Wireless MAC Filter Introduction WelcomeWhat’s in this User Guide? Wireless-G Broadband Router with RangeBooster Planning Your Wireless Network Ad-Hoc versus Infrastructure ModeSsid service set identifier your wireless network’s name Network TopologyPlanning Your Wireless Network Network Layout Back Panel Network devicesFront Panel Router’s LEDs are located on the front panelConnecting the Wireless-G Broadband Router with RangeBooster Connecting Your Network Devices Password Screen OverviewSetup Tab Basic Setup Internet SetupPPPoE Connection Type Router IP Time Setting Setup Tab Ddns DDNS.comSetup Tab MAC Address Clone 16 Setup Tab MAC Address CloneSetup Tab Advanced Routing 17 Setup Tab Advanced RoutingWireless Tab Basic Wireless Settings Changes to cancel your changesWireless Tab Wireless Security 20 Wireless Tab Wireless Security WEP22 Wireless Tab Wireless Security PSK2 Radius Wireless Tab Wireless MAC Filter Wireless MAC FilterWireless Tab Advanced Wireless Settings Advanced WirelessWireless-G Broadband Router with RangeBooster Security Tab Firewall FirewallInternet Filter Web FiltersAccess Restrictions Tab Internet Access Policy Internet Access PolicySecurity Tab VPN Passthrough To create an Internet Access policy 33 Internet Policy SummaryApplications and Gaming Tab Single Port Forwarding Single Port ForwardingApplications and Gaming Tab Port Range Forwarding 36 Applications and Gaming Tab Port Range ForwardApplications & Gaming Tab Port Range Triggering Applications and Gaming Tab DMZPort Triggering Range Administration Tab Management ManagementBackup and Restore Administration Tab Log LogAdministration Tab Diagnostics 42 Administration Tab DiagnosticsAdministration Tab Factory Defaults Administration Tab Firmware UpgradeStatus Tab Router Router InformationInternet Connection Status Tab Wireless Network Status Tab Local NetworkAppendix a Troubleshooting Common Problems and SolutionsNeed to set a static IP address on a PC Wireless-G Broadband Router with RangeBooster Open a command prompt. For Windows 98SE and Me Application Start and End Protocol IP Address Enabled TCPCan’t get the Internet game, server, or application to work Wireless-G Broadband Router with RangeBooster To start over, I need to set the Router to factory default Need to upgrade the firmwareFirmware upgrade failed, and/or the Power LED is flashing My DSL service’s PPPoE is always disconnectingPower LED keeps flashing Frequently Asked Questions Where is my SecureEasySetup button?Where is the Router installed on the network? Is IPSec Pass-Through supported by the Router?What is Network Address Translation and what is it used for? Does the Router support ICQ send file?How can I block corrupted FTP downloads? What is DMZ Hosting? What are the advanced features of the Router?What is the Ieee 802.11g standard? Is the Router cross-platform compatible?What is the Ieee 802.11b standard? What Ieee 802.11g features are supported?What Ieee 802.11b features are supported? What is ad-hoc mode?What is ISM band? What is Spread Spectrum?What is DSSS? What is FHSS? And what are their differences? What is WEP? What is a MAC Address?How do I reset the Router? How do I resolve issues with signal loss?Appendix B Wireless Security Security PrecautionsSecurity Threats Facing Wireless Networks Appendix B Wireless Security Wireless-G Broadband Router with RangeBooster Figure C-1 Upgrade Firmware Appendix C Upgrading FirmwareAppendix D Windows Help Shared ResourcesNetwork Neighborhood/My Network Places Windows 98SE or Me Instructions Windows 2000 or XP InstructionsFor the Router’s Web-based Utility Figure E-4 MAC Address Filter ListAppendix D Glossary Wireless-G Broadband Router with RangeBooster Wireless-G Broadband Router with RangeBooster Wireless-G Broadband Router with RangeBooster Wireless-G Broadband Router with RangeBooster Appendix G Specifications ModelStandards Storage Temp Operating HumidityStorage Humidity Appendix H Warranty Information Limited WarrantyAppendix G Regulatory Information FCC StatementWireless-G Broadband Router with RangeBooster Wireless-G Broadband Router with RangeBooster Wireless-G Broadband Router with RangeBooster Wireless-G Broadband Router with RangeBooster Wireless-G Broadband Router with RangeBooster Appendix J Contact Information