Linksys WRT54GX2 manual Security Threats Facing Wireless Networks

Page 66

Wireless-G Broadband Router with SRX200

SSID. There are several things to keep in mind about the SSID:

1.Disable Broadcast

2.Make it unique

3.Change it often

Most wireless networking devices will give you the option of broadcasting the SSID. While this option may be more convenient, it allows anyone to log into your wireless network. This includes hackers. So, don’t broadcast the SSID.

Wireless networking products come with a default SSID set by the factory. (The Linksys default SSID is “linksys”.) Hackers know these defaults and can check these against your network. Change your SSID to something unique and not something related to your company or the networking products you use.

Change your SSID regularly so that any hackers who have gained access to your wireless network will have to start from the beginning in trying to break in.

MAC Addresses. Enable MAC Address filtering. MAC Address filtering will allow you to provide access to only those wireless nodes with certain MAC Addresses. This makes it harder for a hacker to access your network with a random MAC Address.

WEP Encryption. Wired Equivalent Privacy (WEP) is often looked upon as a cure-all for wireless security concerns. This is overstating WEP’s ability. Again, this can only provide enough security to make a hacker’s job more difficult.

There are several ways that WEP can be maximized:

1.Use the highest level of encryption possible

2.Use “Shared Key” authentication

3.Change your WEP key regularly

WPA. Wi-Fi Protected Access (WPA) is the newest and best available standard in Wi-Fi security. Two modes are available: Pre-Shared Key and RADIUS. Pre-Shared Key gives you a choice of two encryption methods: TKIP (Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates Message Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption System), which utilizes

asymmetric 128-Bit block data encryption. RADIUS (Remote Authentication Dial-In User Service) utilizes a RADIUS server for authentication and the use of dynamic TKIP, AES, or WEP.

Appendix B: Wireless Security

IMPORTANT: Always remember that each device in your wireless network MUST use the same encryption method and encryption key or your wireless network will not function properly.

60

Security Threats Facing Wireless Networks

Image 66

Contents Wireless- G How to Use This User Guide Copyright and TrademarksWord definition Table of Contents Common Problems and Solutions Frequently Asked Questions Appendix a TroubleshootingAppendix B Wireless Security Appendix C Upgrading Firmware Appendix D Windows HelpRouter’s Side Panel Connect a PC24 Security Tab Firewall Introduction WelcomeWhat’s in this Guide? Wireless-G Broadband Router with SRX200 Ssid your wireless network’s name Planning Your Wireless NetworkAd-Hoc versus Infrastructure Mode Network TopologyPlanning Your Wireless Network Network Layout Getting to Know the Wireless-G Broadband Router with SRX200 Router’s Ports and Reset ButtonBroadband an always-on, fast Internet connection Wireless Router’s LEDsConnecting the Wireless-G Broadband Router with SRX200 OverviewPlacement Options Stand OptionWall-Mount Option Configuring the Wireless-G Broadband Router Isp your internet providerSetup Tab Basic Setup Internet SetupInternet Connection Type Static IP Connection Type Pptp Connection Type Router IP Network SetupOptional Settings Packet a unit of data sent over a networkNetwork Address Server Settings Dhcp Time SettingSetup Tab Ddns DdnsSetup Tab MAC Address Clone Mac address the unique address that aAdvanced Routing Setup Tab Advanced RoutingNAT Mode Dynamic Routing16 Setup Tab Advanced Routing NAT Mode Routing Table Wireless Tab Basic Wireless Settings Wireless NetworkWireless Tab Wireless Security Wireless SecurityEncryption encoding data transmitted in a network 20 Wireless Tab Wireless Security WEP Wireless Tab Wireless MAC Filter Wireless MAC FilterWireless Tab Advanced Wireless Settings Advanced WirelessWireless-G Broadband Router with SRX200 VPN Pass Through Security Tab FirewallFirewall Block WAN RequestAccess Restrictions Tab Internet Access Internet AccessTo create an Internet Access policy Ftp a protocol used to transfer files over a TCP/IP network Url the address of a file located on the InternetApplications and Gaming Tab Port Range Forward Port Range ForwardPort Range Port Triggering Applications and Gaming Tab Port TriggeringApplications and Gaming Tab DMZ Triggered Range and Forwarded RangeInternet Access Priority QoS Quality of ServiceWireless Applications and Gaming Tab QoSSummary Port RangeCancel Changes button UPnP Administration Tab ManagementRouter Password MulticastURL Filter Log Administration Tab LogSystem Log DoS LogTraceroute Test Administration Tab DiagnosticsPing Test Ping ParametersFactory Defaults Administration Tab Factory DefaultsAdministration Tab Firmware Upgrade Upgrade FirmwareAdministration Tab Config Management Backup ConfigurationRestore Configuration Status Tab Router Router InformationInternet Connection Status Tab Local Network Local NetworkStatus Tab Wireless WirelessInternet/Wireless Status Tab System PerformanceSystem Performance Wireless-G Broadband Router with SRX200 Appendix a Troubleshooting Common Problems and SolutionsNeed to set a static IP address on a PC For Windows 98SE, Me, 2000, and XP Open a command prompt. For Windows 98SE and Me Application Start and End Protocol IP Address Enabled TCPCan’t get the Internet game, server, or application to work Wireless-G Broadband Router with SRX200 Need to upgrade the firmware To start over, I need to set the Router to factory defaultMy power LED will not stop flashing My DSL service’s PPPoE is always disconnectingMy wireless-G speed seems to be slow Cannot connect to the InternetHow do I turn on SRX on my router? Frequently Asked QuestionsWhere is the Router installed on the network? Is IPSec Pass-Through supported by the Router?Does the Router support ICQ send file? How can I block corrupted FTP downloads?What is DMZ Hosting? What is the Ieee 802.11b standard? What are the advanced features of the Router?What is the Ieee 802.11g standard? Is the Router cross-platform compatible?What is ad-hoc mode? What Ieee 802.11g features are supported?What Ieee 802.11b features are supported? What is infrastructure mode?What is DSSS? What is FHSS? And what are their differences? What is ISM band?What is Spread Spectrum? What is WEP?How do I reset the Router? How do I resolve issues with signal loss?Have excellent signal strength, but I cannot see my network Appendix B Wireless Security Security PrecautionsSecurity Threats Facing Wireless Networks Security Threats Facing Wireless Networks Wireless-G Broadband Router with SRX200 Figure C-1 Upgrade Firmware Appendix C Upgrading FirmwareAppendix D Windows Help Shared ResourcesNetwork Neighborhood/My Network Places Figure E-1 IP Configuration Screen Windows 98SE or Me InstructionsWindows 2000 or XP Instructions For the Router’s Web-based UtilityAppendix F Glossary Wireless-G Broadband Router with SRX200 Wireless-G Broadband Router with SRX200 Wireless-G Broadband Router with SRX200 Wireless-G Broadband Router with SRX200 Appendix G Specifications ModelStandards Appendix H Warranty Information Limited WarrantyAppendix I Regulatory Information FCC StatementWireless-G Broadband Router with SRX200 Wireless-G Broadband Router with SRX200 Wireless-G Broadband Router with SRX200 Wireless-G Broadband Router with SRX200 Wireless-G Broadband Router with SRX200 Appendix J Contact Information Need to contact Linksys?Information section in this Guide